Introduction
ISSA2012 is the annual
conference for the information security community that continues on the
successful recipe established in 2000.We are pleased to announce, however, that
from 2010, ISSA is co-sponsored by the IEEE Systems, Man and Cybernetics Society
(SMCS) Chapter, a chapter of the IEEE South Africa Section. The upcoming
conference is held under the auspices of the University of Johannesburg Academy
for Computer Science and Software Engineering, the University of South Africa
School of Computing and the University of Pretoria Department of Computer
Science.
The ISSA2012 Conference will run from
The conference has grown each year in various ways. Not only have delegate and presenter numbers been on the rise, but interest from industry has also grown and been displayed through sponsorship of the conference or aspects thereof. The co-sponsorship of the IEEE from 2010 and onwards has increased and will still increase our international visibility, since all accepted papers are published online in IEEE Xplore. We also believe that the quality and relevance of the information presented by industry practitioners and academics has also evolved over the years, as have the opportunities for senior research students to present their research to a critical and representative audience.
ISSA2012 sees the conference expanding with three workshops being hosted within the conference. This shows that the interest in the Information Security community is growing on a national and international basis. The three workshops are:
-
4th Workshop on ICT Uses in Warfare and the Safeguarding of Peace
-
Theories and Intricacies of Information Security Problems Workshop
-
International Workshop on Digital Forensics in the Cloud (IWDFC 2012)
Conferences have become a major focus area - and often a money spinner - in many industries, so at any time you will see a number of conferences being advertised in fields such as information security. What sets the ISSA conference apart is that it is not intended to generate a profit for an organisation, and it does not encourage marketing of products and services through presentations. Instead, the proceeds from registration fees are reinvested to ensure that the conference grows each year. In exchange for their investment in the conference, sponsors are afforded an opportunity to present company-specific information that has a bearing on the conference themes, and presentations submitted by potential speakers are sent through a vigorous review process, managed by a team of respected international experts in information security.
We trust that the annual
ISSA conference will continue to be recognised as a platform for professionals
from industry as well as researchers to share their knowledge, experience and
research results in the field of information security on a South African, but
also on an international level.
To ensure ongoing improvement, we again encourage input from all those
interested in the field of Information Security, particularly those who are
actively seeking to progress the field, to take part and share their knowledge
and experience.
We look forward to seeing old friends and new participants at ISSA2012.
Hein Venter, Marijke Coetzee and Marianne Loock
Conference Co-organisers
Focus
Information security has evolved and in the last
few years there has been renewed interest in the subject worldwide. This is
evident from the many standards and certifications now available to guide
security strategy. This has led to a more clear career path for security
professionals.
The convergence of technologies together with advances in wireless
communications, has meant new security challenges for the information security
fraternity. As hotspots become more available, and more organisations attempt to
rid their offices of "spaghetti" so the protection of data in these environments
becomes a more important consideration.
It is this fraternity that organisations, governments and communities in general look to for guidance on best practice in this converging world.
Identity theft and phishing are ongoing concerns. What we are now finding is that security mechanisms have become so good and are generally implemented by companies wanting to adhere to good corporate governance, so attackers are now looking to the weak link in the chain, namely the individual user. It is far easier to attack them than attempt to penetrate sophisticated corporate systems. A spate of spyware is also doing the rounds, with some viruses still striking periodically. Software suppliers have started stepping up to protect their users and take some responsibility for security in general and not just for their own products. Some of the recent past and upcoming security threats and trends, include the following:
-
The insider threat is much more than you had imagined
-
Man in the browser attacks will man up
-
Misanthropes and anti-socials: Privacy vs. security in social networks
-
File security takes centre stage
-
Data security goes to the cloud
-
Mobile devices compromise data security
-
Hackers feeling the heat
-
Cyber security becomes a business process
-
Convergence of data security and privacy regulation worldwide
-
Breaches now inevitable; it's a matter of time!
-
However, breach notifications gain greater traction
-
Cyber espionage continues
-
Mobile malware continues to increase
-
Mobile devices get anti-theft protection
-
Phishing scourge continues
-
Social engineering attacks hit social networks
-
Botnets keep infiltrating businesses
-
Code gets externally reviewed
The conference focuses on these and other aspects of information security
and invites participation across the Information Security spectrum including but
not being limited to functional, business, managerial, theoretical and
technological issues.
Invited speakers will talk about the international trends in information
security products, methodologies and management issues.
In the past ISSA has secured many highly acclaimed international speakers, including:
-
Alice Sturgeon manages the area that is accountable for identifying and architecting horizontal requirements across the Government of Canada.
Dr Alf Zugenmaier, DoCoMo Lab, Germany. His topic was based on Security and Privacy
William List, WM List and Co., UK. His topic was: Beyond the Seventh Layer live the users
Prof. Dennis Longley, Queensland University of Technology, Australia. His topic was: IS Governance: Will it be effective?
Prof. TC Ting: University of Connecticut, and fellow of the Computing Research Association, United States
Prof. Dr. Stephanie Teufel: Director of the International Institute of Management in Telecommunications (iimt). Fribourg University, Switzerland
Rich Schiesser, Senior Technical Planner at Option One Mortgage, USA
Rick Cudworth, Partner, KPMG LLP, International Service Leader, Security and Business Continuity - Europe, Middle East and Africa
Dario Forte - CISM, CFE, Founder, DFLabs Italy and Adj. Faculty University of Milano
Reijo Savola - Network and information security research coordinator, VTT Technical Research Centre of Finland
Mark Pollitt - Ex Special Agent of the Federal Bureau of Investigation (FBI) and professor at the Daytona State College, Daytona Beach, Florida, USA
The purpose of the conference is to provide information security
practitioners and researchers worldwide with the opportunity to share their
knowledge and research results with their peers.
The objectives of the conference are defined as follows:
• Sharing of knowledge, experience and best practice
• Promoting networking and business opportunities
• Encouraging the research and study of information security
• Supporting the development of a professional information security community
• Assisting self development
• Providing a forum for education, knowledge transfer, professional development,
and development of new skills
• Promoting best practice in information security and its application in
Southern Africa
• Facilitating the meeting of diverse cultures to share and learn from each
other in the quest for safer information systems
