Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
San Antonio Security Community
1. The San Antonio Security Community
– Past, Present and Future
John B. Dickson, CISSP
2. Denim Group Background
• Privately-held, professional services organization that builds secure
software and mitigates risk of existing software
• Takes a software-centric perspective on application security
– All consultants regularly build software systems
– Approach the problem of software security from a developers viewpoint
– Secure development methodology used on all software builds
• Solving the secure remediation challenge
– The next “hard” problem in application security
• Thought Leaders in Secure Development Practices
– Developed Sprajax – First Open Source AJAX vulnerability scanner
– Regular speakers at RSA, OWASP, CSI
– OWASP National Leaders
1
3. My Background
• Ex-Air Force Officer
– ESC, AFIWC, AFCERT
• Entrepreneur
• Security Practitioner
y
– Commercial Experience at Trident Data Systems, KPMG, SecureLogix, Denim
Group
• Founder and Former Chairman of SATAI & Past Chair of the North
Chamber
2
4. Cluster Theory and San Antonio’s Security Community
• Michael Porter’s Cluster Theory of Economic Development
– A Cluster: geographic concentration of competing and cooperating companies,
suppliers, service providers and associated institutions
• Sophisticated clusters produce an ecosystem of activity
• Examples:
– Silicon Valley semiconductor industry
– Hollywood film industry
• Cluster theory central to competitiveness
3
5. The Springs from which much flowed…
Emerging
Security
Community
in San
Antonio
4
6. Cluster Theory and San Antonio’s Security Community
• Economic analysis prepared by Silicon Valley think tank ICF
Consulting led by Jim Gollub
• Delivered in July 2000 for:
– The City of San Antonio, Economic Development Department
– San Antonio Technology Accelerator Initiative
• Captured an “emerging cluster” of IT activity centered around
information security
• “In order for San Antonio to economically benefit from the wealth of
competency in information security expertise, economic inputs must
be aligned to make it advantageous for local entrepreneurs to stay in
the region”
5
7. The Higher Education Component – A Crown Jewel
• UTSA’s Center for Infrastructure Assurance and Security (CIAS)
– Established 2001
– Certified by NSA as a Center of Academic Excellence in Information Assurance
Education 2002
– Missions
• Cyber Security Exercise Programs
• Cyber Security Training
• Cyber Defense Competitions
– Governor’s Emerging Technology Fund
• St. Mary’s
St Mary s Center for Terrorism Law
• OLLU InfoSec Program
• ACCD and the Information Technology & Security Academy
6
8. Early Case Studies of Successes
• WheelGroup Corporation
– NetRanger: First commercial network intrusion detection technology
– Acquired by Cisco Systems for $124m in February 1998
– First successful security firm liquidity event
– Founders turned around and founded SecureLogix Corporation in San Antonio
• Secure Network Consulting, Inc
Consulting Inc.,
– Led by ex-Air Force and Trident Data Systems security consultants
– Acquired by Axent Technologies, who subsequently were acquired by Symantec
7
9. Immediate Impact of Air Force Decision
• Reaffirms what we know in San Antonio
– Critical mass of talents, technologies, and higher ed framework
– Elected officials and business leaders now acknowledge importance
– Growing sense that this is an economic development opportunity for our community
• 600+ new jobs
– Air Force active duty and civilian positions
– Indirect jobs via contracts
• Immediate impact on DoD community perception
• Increased interest in contractor community outside SA
8
10. The Possibilities Going Forward
• Expand relocation of national contractors to San Antonio
– SRC, SAIC, CSC, BAH, et. al.
• Increase expansion of cyber security missions at:
I i f b it i i t
– NSA Texas
– 24th AF
– Other units
• Expand of R&D contract dollars via the 24th AF
– Replace the IW Battlelab?
• Increase R&D and commercialization via UTSA and others
– New commercial companies based on intellectual property spun out
• Communicate to the world that we have are a cyber security leader
• Pursue additional ETF opportunities
P dditi l t iti
9
11. The ISSA Chapter – How it can Contribute
• Current
– Conducting educational meetings on security topics of interest
– Networking via monthly meetings
– Success stories…
• Future (proposed)
– Grow the next generation of security leadership in San Antonio
– Help connect various security interests – cross pollination of security components in
San Antonio
– Increase profile of San Antonio via ISSA national
– Attract higher profile speakers
– Increase DoD presence!
– Increase identification outside of the security community
10
12. Contact Information
• John B. Dickson, CISSP
– john@denimgroup.com
– Twitter @johnbdickson
www.denimgroup.com
http://denimgroup.typepad.com/
p g p yp p
11