By Mano Paul, CSSLP, CISSP, ECSA, AMBCI, MCSD, MCAD, CompTIA Network +
On our flight to Austin, back from Orlando, on the 22nd September 2011, our five year old son, Reuben, asked me “Are you famous, dada?” Before I tell you how I answered him, let me first tell you the reason for his question.
The previous evening, we were gathered at the Peabody Hotel in Orlando, Florida for the inaugural (ISC)2 Americas Information Security Leadership Awards (ISLA) ceremony. As a finalist in the ISLA practitioner category, my emotions were a roller coaster, as I eagerly awaited the announcement of the winner with both excitement and anxiety. I was excited by the prospect of being the first ever recipient of the honorable Americas ISLA as a practitioner and anxious at the possibility of being there amongst family and peers, having made it to the final lap, and not winning. The evening was made even more special to me because Sangeetha, my beloved wife, and Reuben, our cherished son, were present with me to share in this experience. After the welcome address and the keynote speech, Hord Tipton, the Executive Director of (ISC)2, called to attention the people who had gathered in the room, stating that it was time to recognize the winners of the first Americas ISLAs.
The ISLAs are given to leaders in their profession for their outstanding achievements and leadership in the information security industry/workforce. As the sound of my name as the winner and the applause from all who had gathered resounded in my ears, I was euphoric. The look of happiness and joy in the faces of my family superseded every other emotion that I had thus far experienced. Getting up and buttoning my suit, I walked up to receive this honor and then gave my note of thanks.
I was nominated for my advocacy and efforts to raise awareness for the problems resulting from insecure software. In the 2011 (ISC)² Global Information Security Workforce Study, 72% of over 10,000 information security professionals identified application vulnerabilities as the number one threat they’re facing. With a background in software development and strong experience in information security program management and leadership, I am extremely passionate about this area. Earlier this year, the first edition of my book entitled The Official (ISC)2 Guide to the CSSLP, the only guide of its kind, was published. Readers have informed me that it serves as an excellent resource to build security in to the software development lifecycle (SLDC), while serving as a guide to the CSSLP certification as one aims to advance their career.
This award means a lot to me. The very thought of having been recognized as the winner of the first ever Americas ISLA in the practitioner category, gives me a great sense of accomplishment and humbles me to realize that there are many like myself who are working extremely hard and diligently to protect their organizations. I commend (ISC)2 for having taken the time to recognize practitioners in the field - practitioners who get their hands dirty and their feet wet in the trenches but who often get overlooked.
With that said, awareness of the threats around us and the role cyber security plays in our lives is the first critical step toward increasing the security posture of communities, governments and businesses worldwide. It’s for that reason that during my acceptance speech at the Americas ISLA ceremony, I dedicated my award to the (ISC)2 Safe and Secure Online Program. Safe and Secure Online aims to educate and arm our children with information security knowledge so that they can become responsible digital citizens and have a secure and bright future. My personal take on leadership is that “effective leaders do not create followers but instead they create other leaders”. Our children today are the leaders of tomorrow. By dedicating my award to this program, I was expressing that the practitioners in the future would also have a forum to be recognized in like manner and strive to create more leaders so we can all have a more secure future.
And so, as I attempted to answer my son’s inquisitive question, “Are you famous, dada?” my wife wisely answered him for me. She said, “What you get, like awards and recognition, are momentary, forgotten over time, but what you give to someone is what really matters.” So am I famous? Who cares? It is what I can give to the discipline of software security, the information security community and my local community that really matters.
