How to Keep Tabs on Technology

Today's unavoidable reality is that security execs need to stay on top of a plethora of emerging technologies and threats in order to keep disaster at bay

Turning to the importance of sharing information externally, Fredriksen points out that hackers have done a better job of communicating with each other than security professionals have. Computer criminals readily share code, exploits and other information via online bulletin boards, newsgroups and similar means. "On the other hand, we on the corporate side of information security have pulled back and said we'd better not talk to each other, lest we give something up. There's information about your corporate information security structure you must maintain confidentiality for, but we have to get better about sharing information on exploits and vulnerabilities," he says.

Although Fredriksen relies on the FS-ISAC, he does worry that national organizations like the ISACs and DHS may get bogged down in a bureaucracy that saps their effectiveness. So he advocates working at the local level as well. Fredriksen hosts an annual cybersecurity summit with the FBI at St. Petersburg College in Florida. Last year's event brought in more than 300 attendees. "We are all in it solely to raise security awareness and the level of knowledge throughout the area," he says. Fredriksen also serves as president of the Tampa Bay chapter of ISSA and is helping St. Petersburg College roll out a bachelor's degree in infosecurity management.

Fredriksen says information sharing is improving. "We used to be very aggressive about not even divulging what firewall we used. Now we're at the point where we are setting up user groups about different types of firewalls."