The IT Security Attaché

The current state of our economic and global interconnectivity infrastructure relies heavily and in some cases solely on the adoption, use and services of technology today and for tomorrow. More and more we’re seeing the integration and use of technology in the home, school, places of learning and other institutions that confirms that our decency on these things are far from going away or over. Yet, unchecked, we’re still in a money making and financial gains mode when it comes to providing the education, awareness, knowledge of the convergence of technology and the World Wide Web for us as a people.

The ridiculous notion of our infrastructure being secured by over government or independent entities that limit partnerships and associations to only high levels, is a sure sign of the failure of the systems of security for tomorrow. Until and unless we unite in this fight against these issues and the growing trends by which they are being introduced, we will always be vulnerable by our weakest, untrained and not knowledgeable links (citizens, business, educators, advisors, technologists), . We are vulnerable through the process of omission, omitting those we think are not a critical part of the infrastructure or the need to help in securing it. The high costs of securing our infrastructure does not include user education and general awareness as a proactive move. It is only when something happens and the issues/problems are of a great magnitude/impact that we see the levels of attention and focus being put to it, then comes the irritating comments of if we had known or if we had acted sooner.

What will it take for us to give the needed attention and focus to these issues before they become problems?
When and where will we see the integration and coordination of all levels of society getting involved in this initiative?
Who can speak on all levels for all levels?

These are different times, different types of warfare, different types of attacks with more sophistication, more widespread impact and yet, still, we’re limiting the resources needed to endorse, support and finance these educational and awareness needs. We are falling behind in the fight to keep up with the demand of technology products and solutions because the hardware vendors mission to bring us the latest and greatest products with more feature rich functions, speed, storage and settings. This is one fight that by its very simplicity, involves our youths/children and those of early learning without even going outside their boundaries. The threats are looking for us, looking for vulnerabilities in our systems, looking for our private and personal information, looking for anything it can on and about us and our businesses, where we work and how we live.

Will you leave yourself vulnerable because you didn’t take the time to learn more about them or practice safe computing?
How do we address this on a global scale where the minds and concerns of our youths are addressed in regards to technology, privacy and securing them?
Who educates the educators and provides them with the needed resources to speak to the technology advancements being seen and felt in our society today within the classrooms?

Our youths are educating the educators, the parents and the more senior members of our society. While the adults and seniors are busy living their day to day lives, the youths have all this extra time on their hands to play with that makes that the perfect educational resource for tomorrow. Educating them about the internet and how technology integrates and affects our daily lives today and tomorrow will help them to be better netizens. There are too many unknowns into what is the most sophisticated and interconnected network every built and running.

We are too controlling over our youths without the right focus on these things. It is not about taking away the access or resources of the internet, it is about educating them more on its values, proper use and how to manage their online presence and identity. Social Networks, Social Media, personal and professional messaging ethic, etiquette, general internet usage and the Threats Landscape are all critical topics that should be integrated into our school systems curriculum today to allow these kinds of thoughts from an early age and stage of development. More funding and resources should be put into programs, groups, organizations that focus on these critical resources training for tomorrow. Our lower school educational systems are lacking the integration of technology, privacy, internet usage and protection training that suits our youths today. Youths are exposed and have access to these internet resources at home without proper education and awareness as to how to use and manage them until something happens and a life is taken  or at stake and further investigation reveals that he/she had a secret life online that was very troubled and now this.

This is where our educational institutions should be filling in the gap and providing the additional focus and attention on these things. Engaging local subject matter experts, vendors, developers and other technology leaders to come in and give real world experience and open discussion is a critical need for our youths. Let us engage the youths in open dialog on and about technology, IT Security, privacy and other concerns they may have. Let us open up those channels of communications so they can be better served and ready for the superhighway ride ahead.

Let us not waste time in helping to foster the needed understanding, education and awareness needed for our youths as they have and are actively engaged in using them every day. What better way to put this knowledge craving to use than by helping them along the way.

IT Security is a people problem, not an industry one. We are all at risk.

Thank you and have a great day,
 
~Brett A. Scudder~

Good day to you,

Last year I started a series of online presentations that were geared towards IT Security education, training and awareness and they had their ups and downs. One thing that is sure is that the information needs to get out to the people but more importantly is to get the right info and resources out. While I invited people to the sessions they declined to attend only to come back with questions of a similar issue a week or two later. Many people today still don’t know how they are impacted by these security issues or how to address them. My online sessions provided critical information about such things in an effort to let people know that IT Security IS a people problem, NOT an industry one and so they must get educated and be aware of what the threats landscape looks like and where they fit into it.

So this year, 2010, we are taking it one step further and introduce a monthly online IT Security Panel discussion to help address some of the issues that are out there in the wild. My aim is that by doing this online we can/will attract a wider range of people in the comfort of their homes, workplaces and places of learning.

I have met and talked with a few security experts who will be joining us at different levels of the security space to help to make this valuable and resourceful. More details will be posted as the sessions are aligned with the panelists so stay tuned.

Thank you and have a great day,

~Brett A. Scudder~

Good day to you,

I am in Florida for 2 days at a partner training forum and is gathering good training and resources for guiding people in the right directions.

Training and education is key as a trusted advisor, leader and value added resource.

I will be back in NYC on Friday but for now i’m soaking up some of the Florida weather.

~Brett A. Scudder~

Good day to you,

On May 1^st 2009, TITSSN answered the call of providing a converged resource to address the needed online training, education, awareness and resources of the technology and security issues and challenges facing us today for tomorrow. As leaders in this field we understand the challenges being faced in dealing with the day to day management, learning and happenings of these threats and their impacts. While countries, companies and organizations are falling victims to these attacks, industries are suffering through the loss of revenue, privacy and productivity, and people are feeling and seeing the real effects of the real world we live in where the internet brings us together as a global connected network filled with valuable resources and resistance is futile, it is everywhere and is not going away.

We are still not seeing enough being done to educate people across the board and make them aware of these issues and their true impacts and so we’re taking the network to a higher level towards this initiative.

IT Security is a people problem, not an industry one and as such must be addressed effectively and accordingly.

So it is for this reason that we choose to build a social community to address these things together and to provide the training, education and awareness by the people who can speak of and about them at all levels, those who develop them, those who sell and support them, those who are out in the field fighting the good fight to prevent, mitigate and stop the growing rates of infections and compromises and those who want to learn more about being safer and secure together in one place. This is a work in progress and as we grow, so we’ll learn and so we’ll adjust to the need for changes. This is what we do on a daily basis as TITSSN continues to deliver its messages of security education, training and awareness now for a more secure future. We will be moving our operations into the social network immediately to help enhance the collaborative values, resources and functionalities.

The IT Security Suite Network’s Technology / IT Security Social Network is a place where people come together to create a vibrant, resourceful, strategic and secure social atmosphere of networking, training, education, awareness and collaboration for, on and about technology and securing them.

We invite you to participate in the full functions and features of our network as we build on it to enhance its values and mission for the future. We ask that you share the word with your associates, friends, peers and everyone that is interested in the world of security and being more comfortable and secure in it. This network is specifically geared towards technology, IT Security and everything in and about it.

The focus of this social network is to build greater education, awareness and provide the services and support needed to maintain the secure presence and stability of all infrastructures (homes, businesses (all sizes and types), schools, churches, etc) for all. Everyone is affected at all levels and so we must cultivate an open concerted atmosphere to address issues effectively.  We look forward to your participation in this effort as a leader, contributor, reader, advisor or just a member wanting to learn more. Please adhere to the policies and rules of the network so that all may find a common group to collaborate in.

The networks address is http://titssn.org.

Features include:

Real-time chats

Blogging

Audio/Video/Text IM

Discussion groups

Polls

Events calendar

Products/Solutions recommendations

Featured products, people, service providers

Our own publications (recommendations, best practices, guides, reports, findings and educational info)

And much more.

Discussions and groups that are up and running:

Application Security – developing secure applications and standards

Breach Notification Laws – country/state laws

Business to Business IT Security “BtBITS” – businesses protecting each other’s interests

Cloud Computing/Security – Issues, concerns, development, education and awareness

Computer Forensics – Data and Network

Cybersecurity – myths, issues, concerns, development, education and awareness

CyberWar – on, about, awareness, information, collaboration

Data Security – securing the data/information

DCITSUG – Washington DC IT Security Users Group

Emergency Security Response Program “ESRP”

Endpoint Security – What are they, why they are vulnerable and how to protect them

Hacking Unleashed – Ethical/Unethical – the world of hacking

I-CON Science and Technology Conference

Identity Theft – prevention, support and solutions

Incident Response – What happens when something goes wrong/bad?

IT/Security things/issues that make you paranoid

IT Security Best Practices – General

IT Security Facts and Myths

IT Security Leaders

IT Security Requests and Support

IT Security Service Providers ~ITSSP~

IT Security Training and Development – General

IT Security in our educational institutions – curriculum upgrade

Microsoft Small Business Server Security – Securing the server and components

Mobile Security – securing the mobile users/devices and they data they host

Managed Security Services Providers “MSSP”

NYeWin – New York Enterprise Windows Users Group

NYITSUG – New York IT Security Users Group

NYSBS – New York Small Business Server Users Group

Online Security – Securing your online experience

OWASP – Open Web Application Security Project

PAITSUG – Pennsylvania IT Security Users Group

PC Security at home

Perimeter Security – securing the perimeter

Physical Security – a critical part of your security model

Ready Rockaway – Disaster/Emergency Preparedness

Small Business IT Security – securing the small businesses

SPEAK – Security Professionals Engaged in Advanced Knowledge

Social Networkers United – the future belongs to us

Social Networking – security, trends, myths and best practices

TITSSN’s Adopt an Institution Program – ~AaIP~

TITSSN’s Code of Honor – Advocates for the future of professional Messaging

TITSSN’s Code of Honor – Advocates for the future of IT Security Education and Awareness

TITSSN’s ENGAGED ~ENabling Greater Awareness, Growth and Educational Development~

TITSSN’s General Network Members

TITSSN’s IT Security Community Outreach Program ~COP~

TITSSN’s IT Security Scholarship Program ~ITSSP~

TITSSN’s Secure Medical Protection Program ~SMPP~

TITSSN’s Secure Mobile Professionals Network ~SMPN~

TITSSN’s Secure Minds Initiative

TITSSN’s Small Medium Business IT Security Summit ~SMBITSS~

TITSSN’s Windows 7/Vista SP2/Windows Server 2008 SP2 Testing and Development Group

The Compliance Suite (Regulatory/Non Regulatory)

The Framsyn Initiative

The IT Security Threats Landscape ~TITSTL~

The Privacy Suite – it’s all about privacy

Viral Outbreaks – containment, response, prevention

Viral, Spyware, Malware Detection and Removal – the growing trends

Voices of IT Security

Wireless Security

Government Security Mandates, Protocols, Policies and Response

US – CERT – United States Computer Emergency Readiness Team

US – CIA – Central Intelligence Agency

US – DHS – Department of Homeland Security

US – FBI – Federal Bureau of Investigation

US – NSA – National Security Agency

These are just a few of the topics, issues and groups that are available as we start off on this journey together and when you join us, you too can add to what is there if there is something of interest that is missing.

We look forward to your support and we know this will be of great value for you.

Thank you very much and have a great day. We apprecilove your business and support and look forward to serving you more.

~Brett A. Scudder~

The IT Security Attaché