(ISC)²® Announces Winners of 2011 U.S. Government Information Security Leadership Awards
Information Security VIPs Gather to Showcase Innovative Efforts by Individuals and Teams to More Effectively Safeguard Nation’s Assets
October 18, 2011 – (ISC)²® (“ISC-squared”), the world’s largest not-for-profit information security professional body and administrators of the CISSP®, today announced the winners of its eighth annual U.S. Government Information Security Leadership Awards (GISLAs).
Some of the most accomplished information security leaders in both the public and private sectors served as GISLA judges this year, evaluating the achievements of a select group of nominees. They awarded GISLAs to individuals and teams in five distinct categories, as well as a special recognition. The 2011 GISLA winners are as follows:
Category: Technology Improvement
Individual Award: Dr. Emma Garrison-Alexander, assistant administrator for IT at the Transportation Security Agency (TSA), led the project to develop the TSA’s Redaction Toolbar, which prevents improper document redaction and inadvertent release of sensitive security information by providinga standard, automated tool in Adobe Acrobat, and oversaw the development of related policies, processes and training in the use of the new toolbar. Her efforts, which also included establishing the TSA Security Operations Center, which monitors over a billion network events per week, has helped TSA maintain the highest IT security ratings of any Department of Homeland Security component.
Team Award: The Information Assurance Program Management Team, U.S. Army Combined Arms Center, led by Austin Pearson, CISSP, PMP, ITIL V3, Server+, information assurance program manager, and supported by Mary Johnson, CISSP, GISF, took on a long-term project to resolve classified spill issues resulting from the vast number of classified documents and other information processed daily by the Combined Arms Center. The team designed a scalable and efficient system architecture to host the automated Classified Spillage Solution on existing Windows servers, resulting in an initial 85% reduction in spill incidents and associated cost and labor savings.
Category: Federal Contractor
Individual Award: Mr. Shawn Wilson, senior manager of information security, Verisign, Inc.,led the effort to execute the Certification and Accreditation (C&A) effort for the U.S. General Services Administration’s (GSA) .GOV registry, which includes about 5,000 domains. As a result of Shawn’s efforts, which withstood a rigorous third-party audit, Verisign achieved the Authority to Operate, making .GOV the first domain name registration service certified to an unprecedented FIPS-199 High Impact system.
Team Award: The NJVC Cyber Dashboard Team, led by Chris Hughes, CISSP, CCNA, GCFW, chief engineer of cybersecurity, and seven other CISSPs, established a Cyber Dashboard to visualize, analyze and generate reports from the aggregated and correlated data feeds of multiple legacy security systems. With this tool, the team foiled numerous exploitation attempts and attacks against Department of Defense (DoD) email accounts; provided “first alert” detection of over 1,000 anomalous message traffic attempts; and detected and stymied a nefarious email campaign against the DoD.
Special Recognition: The Joint Information Operations Warfare Center (JIOWC) Vulnerability Assessment (JVAT) Computer Network Security (CNS) Team, led by senior systems engineer David Rohret, CEH, Security+, CHFI, ECSA/LPT, and supported by three other information security professionals, has successfully completed over 150 system and system of systems assessments since 2003 on rapidly-fielded and developmental systems, as well as over 300 quick-look assessments on deployed systems, with over half requiring CNA, RF, and other technologies/tactics representing actual adversarial Trusted Third Parties (TTPs).
Category: Workforce Improvement
Team Award: Cyberspace 200/300 Professional Continuing Education Team, Air Force Cyber Technical Center of Excellence, led by Dr. Harold Arata III, associate director, and his 28-person team are recognized for delivering cybersecurity senior and master professional rating courses for the Air Force Space Command to enable a new cyber career force. Thanks to Dr. Arata’s leadership and mentoring, his staff members launched new courses in minimal time, graduated over 600 cyber operations professionals in the first fiscal year and have since received numerous awards and recognition.
Category: Process/Policy Improvement
Individual Award: Mr. Davin Knolton, CISSP, PMP, CKM, CKMP, DAU CIO Cert, CIO/assistant chief of staff, G-6, U.S. Army Combined Arms Center, has coupled multiple information security improvement projects into a single comprehensive and efficient portfolio initiative enhancing IA workforce professional certifications, IT leadership oversight and professional development, and automated classified spillage (DLP) response. The Information Assurance Program Enhancement Portfolio resulted in a significant reduction in the amount of man-hours and funds expended to mitigate classified spills and resolved related issues.
Team Award: Military Satellite Communications Systems Directorate Information Assurance Manager Team, U.S. Air Force, MILSATCOM Systems Directorate, led by Steven Martin, CISM, and his 18-person team successfully put together an effort that ensured reciprocity and consistency of the C&A process across the boundaries of designated accrediting authorities, standardized education and awareness programs for executives and technology professionals and enhanced IA capabilities education. The end goal was to articulate accurate risk assessments, enhance the annual security reviews of all IA controls and better measure FISMA compliance.
Category: Community Awareness
Individual Award: Mr. Henry Yu, CISSP, CISM, chief information security officer, NASA,championed and provided outstanding contributions to the agency’s IT Security User Awareness Video project. Mr. Yu’s videos increased the overall awareness of IT security and common pitfalls and provided guidance on how to secure sensitive email, all of which helped reduce the number of reported incidents involving malware introduction.
Team Award: Cybersecurity Communications Working Group (CCWG), at the U.S. Department of Homeland Security OCISO, led by cybersecurity strategy communications manager Joel Benge, providesa central coordination point for strategic security awareness. Since late 2009, the CCWG has collaborated on an integrated cybersecurity communications strategy, developed common terminology and core messages for cross-departmental communications and responded to a multitude of security incidents.
For more information on the GISLAs, including past winners, selection criteria and eligibility requirements, please visit www.isc2.org/gisla.
© 2011, (ISC)² Inc. (ISC)², CISSP, ISSAP, ISSMP, ISSEP, and CSSLP, CAP, SSCP and CBK are registered marks of (ISC)², Inc.