Jay Bavisi, President, EC-Council, warned thought-leaders from across the world- namely, from the Department of Homeland Security (DHS), the National Security Agency (NSA), and the finest academic minds of the NSA’s centers of academic excellence of the worsening Cyber Plague at the Colloquium for Information Systems Security Education (CISSE Colloquium). The event was hosted by the University of South Alabama in Mobile Bay on June 10, 2013. The CISSE Colloquium was created in 1997 to provide a forum for dialogue among leading figures in government, industry, and academia.
The Colloquium, one of the largest gatherings of academics, government, and industry, had Bavisi’s keynote address, entitled "The Cyber Security Quagmire: Finding the Panacea”, aimed to elucidate the information security industry’s successes, failures, and future out-of-the-box solutions that can be implemented, using the pharmaceutical industry’s fight against diseases as a model.
As the co-founder and President of one of the largest IT Security certification bodies in the world, EC-Council, and the co-creator of the groundbreaking Certified Ethical Hacker (CEH) certification that launched ethical hacking as a mainstream career, Bavisi lent an interesting and unique perspective to the event.
Bavisi pointed out that while the medical industry has been able to nearly eradicate diseases such as polio and small pox through medical vaccinations, the information security industry hasn’t yet been able to achieve similar success against the scourges of cyberspace because of the lack of implementation of its vaccine equivalent: secure coding.
Throwing more light on this Jay Bavisi said, “We have unknowingly followed on the same path as the pharma industry. We quarantined our networks from attacks via firewalls, intrusion detection systems, and intrusion prevention systems. When this was insufficient, we introduced cyber hygiene by introducing security awareness programs, which introduced policies, processes, and controls.” Bavisi went on to say that the next step should be a cyber-vaccine in order to propel the world’s organizations into a more secure future.
Bavisi continued by linking the results of a recent national level secure coding competition being conducted in India with nearly five thousand participants, Code Uncode, to the continuing plague of insecurity. Findings from the Code Uncode competition decisively prove there is a serious lack of knowledge in secure coding practices that could be a causative source of security breaches around the world.
The Colloquium is active throughout the year and holds an annual conference in June.