BEIJING, July 24, 2014 /PRNewswire/ — (ISC)²® ("ISC-squared"), the largest not-for-profit membership body of certified information and software security professionals with over 100,000 members worldwide, today recognizes four distinguished information security leadership initiatives and one Community Service Star special recognition, led by outstanding honorees at its eighth annual Asia-Pacific Information Security Leadership Achievements (ISLA™) Program Gala Dinner and Ceremony in Beijing, China.
The ISLA Program is held annually by (ISC)² in cooperation with the (ISC)² Asian Advisory Board to recognize outstanding leadership and achievements in workforce improvement of information security and management professionals in the Asia-Pacific region.
The distinguished workforce initiatives showcased this year include:
Senior Information Security Professional Category Showcased Honoree:
Dr. Daisuke Inoue, director of Cybersecurity Laboratory, Network Security Research Institute, National Institute of Information and Communications Technology (Japan)
Showcased Project: DAEDALUS: Novel Alert System based on Large-scale Darknet Monitoring
DAEDALUS is a real-time alert system based on a large-scale darknet monitoring facility. A darknet is a set of unused IP addresses and its monitoring is an effective way to grasp malicious activities on the Internet. In contrast to the conventional method, wherein the packets received from the "outside" are observed, DAEDALUS employs a large-scale distributed darknet that consists of several organizations that mutually observe the malicious packets transmitted from the "inside" of the organizations. Since 2013, Dr. Inoue and his laboratory have started to deploy the DAEDALUS into the real world. In particular, they have begun providing DAEDALUS alerts to Japanese local governments as a free service (as of March 2014,115 organizations have joined). Moreover, they also started providing the DAEDALUS alerts to ASEAN countries as a part of the Japan-ASEAN Security Partnership (JASPER) initiated by Japan’s Ministry of Internal Affairs and Communications.
"In order to execute the DAEDALUS to the real world, I have been encouraging my staff to implement practical and tolerant systems with a well-organized software development environment in the laboratory. With the support of my staff, we successfully established a front-line research group with a high implementation capability. The DAEDALUS might not have been established as a practical alert system without the enthusiastic efforts of researchers and engineers in our Cybersecurity Laboratory. I would like to share this honor with them all," said Dr. Inoue.
Senior Information Security Professional Category Showcased Honoree:
Hae-Sul Choi, CEO, WATCH I SYSTEM INC.
Showcased Project: Contribution to Convergence Managed Threat Defense System for Korea Army Cyber Security (South Korea)
Korea National Defense launched a Data Center project which aimed to compose and centralize all IT systems, networks, and applications (except for warfare network) in South Korea. Hae-Sul Choi and his team members proposed the architecture of the ‘Convergence Managed Threat Defense System (CMTDS)’ with core technologies such as a correlation analysis engine, detection and analyzing data leakage engine and big data analyzing engine to meet all requirements proposed by the Korea National Defense. Since CMTDS plays a vital role in strengthening and enhancing cyber protection for the Korean Army, Choi consolidated consensus with all project members and Army members by emphasizing the importance of cybersecurity for Korean national defense as well as the architecture design of a managed threat defense. His project team creatively prepared an analyzing algorithm and method that composes information security data and physical security data in real time.
"This project is almost the first case and first trial that involves integrating the physical security system with the IT security system. We need to handle physical data and digital data as well for analyzing correlation and scoring risk with two systems. Extracting correlational factors and scoring those factors into self-assessment risk levels are the challenge of this project. I am so proud to be selected as a Showcased Honoree, and I will do my best to promote the information security ecosystem and leverage information security technology in Korea and throughout Asia-Pacific," said Hae-Sul Choi.
Information Security Practitioner Category Showcased Honoree:
Anan Sony, CISSP, CISA, ITIL Expert, manager (Consulting Service Department), ACIS Professional Center Co., Ltd. (Thailand).
Showcased Project: Internet Banking and Mobile Banking Security Assessment
In his spare time outside of his regular job, Anan Sony tried all Internet and mobile banking applications in Thailand and found that the security level of each application was diverse. He started a formal assessment in February 2013 with the top eight online banks in Thailand. Then he reported the results to Bank of Thailand. He warned about this kind of attack at the Cyber Defense Initiative Conference 2013 and has shared information about information security awareness for online banking with the media and general public in Thailand. He compiled a security assessment checklist for Internet and mobile banking systems to which regulators can refer. Banks in Thailand can use his assessment checklist to improve the security of online banking in Thailand.
"As an information security consultant and a member of (ISC)² since 2008, I always follow the news about the annual ISLA recognition. I am so proud that my team and I accomplished this project outside of office hours, and am honored to have this project showcased this year. I hope that our project will enhance and raise the awareness for mobile banking system security," said Anan Sony.
Managerial Professional for an Information Security Project Category Showcased Honoree:
Lal Dias, MBA, MBCS, CITP, chief executive officer, Sri Lanka Computer Emergency Readiness Team | Coordination Centre (Sri Lanka).
Showcased Project: Establishment of Bank CSIRT (Computer Security Incident Response Team) in Sri Lanka
Lal has a wealth of experience in the information security field and has been working in the banking industry for more than two decades. He initiated the establishment of the Computer Security Incident Response Team for the banking sector (Bank CSIRT) in Sri Lanka, which serves as a security governance body for its constituents (ensuring that a baseline security standard has been adopted by its subscribers). Lal persuaded the banks in Sri Lanka to embrace the idea of the Bank CSIRT project by making bank CEOs realize that it will help not only the banks, but will also enhance the information security posture of the nation as a whole.
"The extensive lobbying with the Central Bank and Banks Association to take ownership of the Bank CSIRT project was no easy task. Funding the operations of Bank CSIRT was the other challenge; however, the successful establishment of Bank CSIRT makes it all worth the effort. It is indeed a honor for me, my fellow team members at Sri Lanka CERT | CC and the (ISC)² Colombo Chapter to be showcased this year," said Lal Dias.
2014 Community Service Star:
Dr. Yuejin Du, director, National Engineering Lab for Cyber Security Emergency Response Technology (China)
Community Service Star Project: Cyber Security Public Education Program
This project is a joint initiative among NELCERT(National Engineering Lab for Cyber Security Emergency Response Technology), CCF(China Computer Federation), and Beijing Chapter of Cloud Security Alliance. The objective of this initiative is to improve public awareness of cybersecurity and to foster public interest in cybersecurity research and innovation. It includes a series of seminars and development of courseware. Dr. Du is one of the major initiators and sponsors of this project. Leveraging his personal reputation and leadership, Dr. Du helped set up the project team, which consists of 10 high-profile experts from industry and academia. He provided guidance and was deeply involved in the planning, development, and delivery.
"It’s very challenging to explain cyber threats to the public; particularly to middle school students and non-infosec professionals. However, their awareness of cybersecurity is very critical to the security of the Internet as a whole. It’s been encouraging to see hundreds of middle school and university students take the courses produced by this program. The number of schools is still increasing. My team and I are also honored to be selected as Community Service Star for this project," said Dr. Du.
For a detailed list of all 2014 ISLA honorees, please visit:
Asia-Pacific ISLA™ 2014 is sponsored by BT Group plc.