ISSA Sacramento Valley Chapter Meeting - 11/18/2022 11:30-13:00

ATTEND
The Security Composition Problem by Mark Heckman, Ph.D., CISSP and Chapter President emeritus
Synopsis: A cyber system is typically composed of multiple components. Each of the components has its own security properties. What are the security properties of the whole system after you combine the components? Sometimes, when you put two secure systems together, the resulting system becomes unsecure! There are a lot of places where this matter for cybersecurity, such as enterprise IT networks, software development, cryptographic systems, and the web of vendors whose products and networks interact. Heckman will describe the general problem and give examples, then talk about some ways to possibly deal with the problem. Note that this is an aspect of cybersecurity that is not well-studied and for which few, if any, general solutions are known. You are encouraged to participate in the discussion and describe your own experiences with, and solutions you have found for aspects of the security composition problem that you have encountered in your own work.

Bio: Mark Heckman has worked in the field of information security for almost 40 years as an engineer, researcher, practitioner and educator. His wide-ranging career has spanned many areas of information security, including research and development of very high-assurance, multi-level secure systems for use in government and the military, research and development of intrusion detection and security event management systems, and general IT security and compliance for commercial organizations in the financial and health industries. Dr. Heckman earned his MS and PhD degrees in Computer Science at the University of California, Davis and is a Certified Information Systems Security Professional (CISSP). He currently works as a professor of practice and teaches in the Cybersecurity Engineering and Technology program at the University of San Diego. He is also the past president and current manager of programming for the ISSA Sacramento Chapter.

This will be a hybrid meeting (both in-person and on-line). You may attend remotely via Zoom or attend in person at Capsity, 3808 Broadway, Sacramento CA (Google Maps and Directions). Either way, please register for the meeting below. Select No Meal if you are attending remotely, or Normal Meal or Vegetarian if you are attending in person (so we can order enough food for lunch). All registered members and guests will receive the Zoom meeting link via email, by the morning of the meeting.

You don't have to be a member of ISSA to attend our meetings (but we encourage you to join us!). Please share information about this meeting with your friends and colleagues who have an interest in information security.