San Antonio Security Community


Published on

John Dickson's presentation to ISSA San Antonio about the San Antonio information security community - its past, present and future.

Published in: Technology, Business
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

San Antonio Security Community

  1. 1. The San Antonio Security Community – Past, Present and Future John B. Dickson, CISSP
  2. 2. Denim Group Background • Privately-held, professional services organization that builds secure software and mitigates risk of existing software • Takes a software-centric perspective on application security – All consultants regularly build software systems – Approach the problem of software security from a developers viewpoint – Secure development methodology used on all software builds • Solving the secure remediation challenge – The next “hard” problem in application security • Thought Leaders in Secure Development Practices – Developed Sprajax – First Open Source AJAX vulnerability scanner – Regular speakers at RSA, OWASP, CSI – OWASP National Leaders 1
  3. 3. My Background • Ex-Air Force Officer – ESC, AFIWC, AFCERT • Entrepreneur • Security Practitioner y – Commercial Experience at Trident Data Systems, KPMG, SecureLogix, Denim Group • Founder and Former Chairman of SATAI & Past Chair of the North Chamber 2
  4. 4. Cluster Theory and San Antonio’s Security Community • Michael Porter’s Cluster Theory of Economic Development – A Cluster: geographic concentration of competing and cooperating companies, suppliers, service providers and associated institutions • Sophisticated clusters produce an ecosystem of activity • Examples: – Silicon Valley semiconductor industry – Hollywood film industry • Cluster theory central to competitiveness 3
  5. 5. The Springs from which much flowed… Emerging Security Community in San Antonio 4
  6. 6. Cluster Theory and San Antonio’s Security Community • Economic analysis prepared by Silicon Valley think tank ICF Consulting led by Jim Gollub • Delivered in July 2000 for: – The City of San Antonio, Economic Development Department – San Antonio Technology Accelerator Initiative • Captured an “emerging cluster” of IT activity centered around information security • “In order for San Antonio to economically benefit from the wealth of competency in information security expertise, economic inputs must be aligned to make it advantageous for local entrepreneurs to stay in the region” 5
  7. 7. The Higher Education Component – A Crown Jewel • UTSA’s Center for Infrastructure Assurance and Security (CIAS) – Established 2001 – Certified by NSA as a Center of Academic Excellence in Information Assurance Education 2002 – Missions • Cyber Security Exercise Programs • Cyber Security Training • Cyber Defense Competitions – Governor’s Emerging Technology Fund • St. Mary’s St Mary s Center for Terrorism Law • OLLU InfoSec Program • ACCD and the Information Technology & Security Academy 6
  8. 8. Early Case Studies of Successes • WheelGroup Corporation – NetRanger: First commercial network intrusion detection technology – Acquired by Cisco Systems for $124m in February 1998 – First successful security firm liquidity event – Founders turned around and founded SecureLogix Corporation in San Antonio • Secure Network Consulting, Inc Consulting Inc., – Led by ex-Air Force and Trident Data Systems security consultants – Acquired by Axent Technologies, who subsequently were acquired by Symantec 7
  9. 9. Immediate Impact of Air Force Decision • Reaffirms what we know in San Antonio – Critical mass of talents, technologies, and higher ed framework – Elected officials and business leaders now acknowledge importance – Growing sense that this is an economic development opportunity for our community • 600+ new jobs – Air Force active duty and civilian positions – Indirect jobs via contracts • Immediate impact on DoD community perception • Increased interest in contractor community outside SA 8
  10. 10. The Possibilities Going Forward • Expand relocation of national contractors to San Antonio – SRC, SAIC, CSC, BAH, et. al. • Increase expansion of cyber security missions at: I i f b it i i t – NSA Texas – 24th AF – Other units • Expand of R&D contract dollars via the 24th AF – Replace the IW Battlelab? • Increase R&D and commercialization via UTSA and others – New commercial companies based on intellectual property spun out • Communicate to the world that we have are a cyber security leader • Pursue additional ETF opportunities P dditi l t iti 9
  11. 11. The ISSA Chapter – How it can Contribute • Current – Conducting educational meetings on security topics of interest – Networking via monthly meetings – Success stories… • Future (proposed) – Grow the next generation of security leadership in San Antonio – Help connect various security interests – cross pollination of security components in San Antonio – Increase profile of San Antonio via ISSA national – Attract higher profile speakers – Increase DoD presence! – Increase identification outside of the security community 10
  12. 12. Contact Information • John B. Dickson, CISSP – – Twitter @johnbdickson p g p yp p 11