The 2016 Americas Information Security Leadership Awards (ISLA®) were held in conjunction with (ISC)²’s Security Congress in Orlando, Florida in September. Jennifer Chermoshyuk, paralegal – media and technology practices, legal holds manager at the law firm of Davis Wright Tremaine in Seattle, WA was named the winner of the Up-and-Coming Information Security Professional Award.
Jennifer, an alumna of the University of Washington, holds a bachelor’s degree in political science, as well as a certificate in information security and risk management from the university. The title “paralegal” may seem unique for an information security professional, but Jennifer has more than 15 years of experience managing electronic discovery. It was a logical move for her to go from the Electronic Discovery Reference Model (EDRM) framework to cyber and information security.
The project that was recognized in Jennifer's ISLA nomination was part of her certificate program at the University of Washington. She worked with other mid-career professionals from other industries to put together an information security evaluation and mitigation CLE for a group of in-house firm counsel, general counsel and risk/ethics counsel for most of the large and mid-sized firms in the Seattle area. The diversity of her team allowed them to address the challenges of the legal industry utilizing the depth and breadth of their collective experiences from a variety of backgrounds.
The team included:
- David Krasnove, solutions architect for The Standard, a financial services business. Krasnove specializes in technical design and strategy. Jennifer referred to him as “the funny one and the guru behind the survey design and analysis portion of the project.”
- Patrick Coleman, security policies and standards manager for Nordstrom department stores. Having a rich background in regulatory compliance and risk management, Coleman’s skillful presentation - both verbal and PowerPoint - gave the project the professional polish required for their audience.
- Dennis Dore, information security manager at the law firm of Perkins Coie, LLP. Joining the team with previous experience in security project management in the aviation industry, Dore kept the team in scope, on task, and provided pithy commentary to explain their legal quirks.
A true team player, Jennifer also called out support from colleagues at her law firm, for their key support. Those colleagues were:
- Nancy Dudley, paralegal manager, who championed Jennifer's participation in the program, and also participated in the project’s research.
- Marita Lesch, information security analyst, whose active and positive participation in research discussions helped to get other participants thinking and sharing.
- Bruce Johnson, attorney, who assisted with research participants and encouraged attorney participation.
Jennifer is in the process of studying for the CISSP® exam and said that her project also has helped with her preparation. Reading about encryption and PKI has played double-duty in working on her firm’s project and preparing for the exam.
The best lesson learned from the project, however, was agreed upon by the entire team: everyone should always be learning, and other professions and industries have much to teach us. Remembering the vastness of the field of information security, and keeping a perspective on that is key.
For more information on the (ISC)² awards program, visit https://www.isc2.org/awards/default.aspx