I’m honored to be your guest here today and I can’t be more thankful for theopportunity to address some of the brightest information security practitioners inthis region.I visited this building for the first time yesterday and I’m not sure if you are like mebut I experience buildings in different stages. When you first look at the architectureyou start to understand what the purpose of the building is, what the architect wasthinking when he designed it and some other basic things. It is only when you stepthrough the door and interact with its residents that you become aware of theenergy of the building. When I stepped through the doors of the Abu DhabiPolytechnic Institute yesterday, I was blown away. While walking through thecorridors and talking to Dr. Al-Karaki I learned that this building is filled withpassion, a passion to achieve great things and to solve some of the hardest problemsthat exist in this world. It felt near to coming home. Once again I realized why I lovemy job. Obviously it allows me to provide for my family but at the same time itallows me to be passionate, creative and working with some of the smartest peopleon this planet.Only a few weeks ago, United States President Obama released an executive orderrelated to information security. In it he calls for the private sector, public sector andacademia to work together in order to reduce the risk from information securitythreats. In the past almost 3 decades, we have built numerous products andmanagement frameworks to address threats and risks to our most valuable assetsbut it doesn’t seem like we have made much headway. As we made progress indefending our infrastructures, our adversaries have also leveled up. As we get betterat protecting they get better at thwarting our defenses. Threats are getting moreadvanced and the attacks we see today are extremely complex.We are not lackingthe technology to defend our assets but it becomes increasingly hard to findcompetent information security workers. We are unlimited in our creativity butlimited in resources.Through my work at (ISC)2, as a volunteer Board Director, I’ve had the opportunityto meet great people and support great initiatives. When I was invited to work withthe Abu Dhabi Polytechnic Institute I was excited. (ISC)2 is passionate abouteducating and supporting the worlds leading information security practitioners.Through our Global Workforce Study we keep a finger on the pulse of this greatindustry and we observe not only the current needs but also those that willmaterialize in the future. When we saw the results last year our suspicions wereconfirmed. We realized that organizations today are facing enormous challenges. Asthe economy has been unkind to almost everyone, budgets are under pressure. Atthe same time it is known that innovation is key to developing and maintaining aprofitable business. Organisations the world around are figuring out how tosecurely innovate through adopting technologies such as Cloud Computing andproviding “Bring Your Own Device” to their workforce. In parallel we are being hitby vulnerability after vulnerability in systems that we have built our lives on. Thelack of competent resources is for me personally the biggest challenge we face
today. Initiatives to take the lead in building a comprehensive information securitycurriculum such as the one here at the Abu Dhabi Polytechnic Institute are what theworld needs today to solve the information security challenges of tomorrow.Contrary to popular belief, it is not easy to step forward as a leader. I can onlyencourage more organizations to take note of the leadership here and follow theexample. We are limited in resources but unlimited in our power when workingtogether.As information practitioners we have arrived at a moment where security isunderstood by the world to be of the utmost importance. At this moment, whereeven the US President voices his concern about the challenges ahead, we realizethere aren’t enough of us. Financial institutions around the world are bleedingmoney because of attackers subverting the most complex defensive technology, oilcompanies are paralyzed by targeted attacks, online businesses see there profitsdwindle over prolonged Distributed Denial of Service attacks and individuals aregoing bankrupt just because it is that easy to steal their identities.It’s important to realize that none of us, individual or company, government oracademia, can solve these problems alone. We need to find eachother in a passion toprotect our most critical infrastructures and our people. We need to understand andaccept eachothers strengths and weaknesses. Only by working together there is apossibility that we will find the solutions we need. We have everything to gain fromcooperating.At this event today I feel like being at home because I know we are united in apassion for security. We are here to give the best that we have and allow our fellowparticipants to be the best they are. Not too long ago I saw a movie, a documentarycalled “Jiro dreams of Sushi”. This movie is about an old sushi chef with a smallrestaurant in the Tokyo underground. His restaurant only seats 10 people but yet hehas received every award known in the culinary world. Jiro runs a 3-star restaurantin the Tokyo underground and is envied by the greatest chefs in the world yet whenyou talk to him, it sounds like it doesn’t matter to him. His only desire is to createthe perfect piece of sushi, something he doesn’t seem to think he has achieved yet.Even though he has long passed the age of 80 years old, he gets up everyday tobecome better at his craft. Everyday he works from his passion to improve his craft.I believe that in information security we can be more like Jiro. Selling the mostproducts does not make us better, protecting our most valuable assets does and assuch I believe that our combined passion is the weapon that will help us most in thebattle against the threats we face.To conclude I come back to the place where we are. When I entered this buildingyesterday, I met a passionate Dr. Al-Karaki who showed me some of the results ofthe poster and video competition. I was impressed by the work done by the studentsand I hope you can take the time to go and check some of their work out later todayin the dedicated rooms. If it is our challenge to support these students, provide them
with the best possible information security education availableand work with themto prevent our worst nightmares from becoming reality, I feel privileged to be partof it and I am convinced you feel the same. We are limited in our resources but weare united in a passion to secure.