Bright Stove

Reflecting information risk journey

Taipei – 9th RAISE Forum Meeting

leave a comment »

April 1st marked the successful completion of the 9th RAISE Forum meeting hosted by the Information and Communication Security Technology (ICST) Institute in Taipei city. The two-day meetings, as in all previous RAISE Forum meetings, covered a slice of the top of minds information security issues, concerns, and thoughts amongst the participants across the region. A new participants reflected that it was “rich in information and contents”, which I’m glad that it has been that way since its inception.

 
The logistical support for this meeting was extended with two new capabilities. One was the addition of an online conferencing service, using Cisco WebEx services, in response to members’ requests from the past two meetings. The WebEx meeting session was set up by the host, which allowed a few members to participate in the two days’ meetings online, via the Internet. This setup also allowed the meeting to be recorded for replay by interested members on a future date, which should help in the preparation of the publication of the meeting proceedings. I should say that this capability was very much a pilot this round, which proved very useful, and we should look into its use in future meetings for a wider group of audience (in Asia Pacific region).
As part of our efforts to improve communications and information sharing amongst RAISE Forum members and participants, a @raiseforum.org account was created in Twitter.com recently, and during this meeting, the proceedings were updated via short tweets via the accounts. This new capability allowed “followers” of @raiseforum.org in Twitter to get instant updates on what’s happening at the meeting even when they are not in the physical venue. The series of tweets (about 150 counts) provided a summary of the contents discussed in the Forum meeting. With that, I can save up a few more paragraphs here 🙂
As you might have noticed from @raiseforum.org updates of the meeting proceedings, at times, there were long breaks between updates, or only very brief updates in those sessions when I was held up either facilitating a discussion, presenting a topic, or asking/answering questions from the floor (online and on-site). A learning from this is that I need a backup person in the meeting to continue with the simultaneous Twitter updates when I’m presenting or facilitating the discussion. I would also expect that with increase familiarity of the Twitter tool, some online “followers” may also RT to specific updates to place a comment or ask a question. Again, we would need to look at how to handle those incoming traffics either simultaneously, or post the event.
Amongst the topics discussed, Cloud computing security and privacy took the bulk of the agenda in both days. The concerns from various groups, including ITU-T SG17, economies’ representatives, and the Cloud Security Alliance (CSA) were shared and deliberated. The ISO/IEC JTC 1/SC 27 WG 1/4/5 joint study period on this topic was also shared to invite input/feedback on standardization needs in Cloud security and privacy. Managed security services, or Security as a Service, was identified as an important area to look into, in addition to current focus on PaaS, IaaS, and SaaS. Perhaps, instead of creating another name for SaaS, this may be named as “Assurance as a Service” (AaaS).
Another interesting discussion was in the area of Social Media Security, which include concerns over related enterprise policy, users’ privacy, as well as Cyber-bullying. Prof Pauline Reich shared her research and ongoing study in this area.
In the deep-dive sessions, the challenges on information security professionals certifications were presented and discussed. The differences in practice between different economies in the region raised concerns amongst the participants. On a positive note, the (ISC)2 Certified Information Systems Security Professional (CISSP) credential remained the most recognized as the common baseline that all could leverage at least for the time being.
The two-day dialogues and discussion reaffirmed the importance of information sharing amongst the participating economies at the RAISE Forum. The meeting concluded with a dinner hosted by ICST at the 88th floor of the Taipei 101 tower (world second tallest tower), and a plan to meet again towards the end of the year or early next year at Seoul, South Korea.
Advertisements

Written by mengchow

April 30, 2011 at 3:14 pm

Posted in Security Standards

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: