As part of its dedication to providing guidance on the trend of convergence, or integration, of traditional and information security in organizations throughout the world, AESRM is planning four research projects and two educational sessions on security convergence.
The research projects will result in published studies on:
Integrating information technology (IT) with physical security devices and process controls
International security convergence
Value proposition for corporate security as convergence increases
How risk councils help organizations understand and manage convergence
Emerging trends, best practices and a road map for security convergence will be topics at AESRM-sponsored sessions at ISSA’s CISO Executive Forum, 1-2 June, 2006, in Las Vegas, NV, USA; ISACA’s Information Security Management Conference and Network Security Conference, which run 18-20 September 2006, in Las Vegas, NV, USA; as well as at the ASIS Annual Seminar, 25-28 September 2006, in San Diego, CA, USA.
“Business assets are increasingly at risk, so there is a greater need to integrate traditional security with information security to ensure their protection,” said Ray O’Hara, CPP, an AESRM leader. “This integration of security roles impacts more than the security function of a given business—it affects the business as a whole. Security managers need a new skill set that combines expertise in traditional and IT security. As individual organizations and as members of this alliance, ASIS, ISACA and ISSA are well positioned to lead the way in the rapidly growing security convergence field.”
Background on AESRM
The Alliance for Enterprise Security Risk Management (AESRM) was formed in February 2005 by ASIS International, ISACA and the Information Systems Security Association (ISSA) to encourage board and senior executive attention to critical security-related issues and the need for a comprehensive approach to protect the enterprise. The alliance brings together more than 90,000 global security professionals with broad security backgrounds and skills to address the significant increase and complexity of security-related risks to international commerce from terrorism, cyber attacks, Internet viruses, theft, fraud, extortion and other threats.
ASIS International (ASIS) (www.asisonline.org) is the preeminent organization for security professionals, with more than 34,000 members worldwide. Founded in 1955, ASIS is dedicated to increasing the effectiveness and productivity of security professionals by developing educational programs and materials that address broad security interests, such as the ASIS Annual Seminar and Exhibits, as well as specific security topics. ASIS also advocates the role and value of the security management profession to business, the media, government entities, and the public. By providing members and the security community with access to a full range of programs and services, and by publishing the industry’s number one magazine — Security Management — ASIS leads the way for advanced and improved security performance
With more than 50,000 members who live and work in more than 140 countries, ISACA® (www.isaca.org) is a recognized worldwide leader in IT governance, control, security and assurance. Founded in 1969, ISACA sponsors international conferences, publishes the Information Systems Control Journal®, develops international information systems auditing and control standards, and administers the globally respected Certified Information Systems Auditor™ (CISA®) designation, earned by more than 44,000 professionals since inception, and the Certified Information Security Manager® (CISM®) designation, a groundbreaking credential earned by 5,500 professionals.
The Information Systems Security Association (ISSA) (www.issa.org), with more than 13,000 individual members and 107 chapters around the world, is the largest international, not-for-profit association for information security professionals. It provides educational forums, information resources and peer interaction opportunities to enhance the knowledge, skill and professional growth of its members. ISSA members are consistently recognized as experts on critical issues in the area of information security, and the Association is viewed as an important resource for small businesses, global enterprises and government organizations alike. Working closely with other industry organizations such as (ISC)2, ASIS and ISACA, and leading worldwide initiatives like the GAISP and the recommended CISO education curriculum, ISSA is focused on providing leadership and maintaining its role as The Global Voice of Information Security.