A few weeks ago, I asked a question out around what other certifications people took and which ones they found the most valuable. A somewhat related question is what other professional organizations or groups people are involved with in addition to (ISC)2 and what they find valuable about those associations that others might as well.
Expanding the sources of domain knowledge, as well as the ability for security professionals to influence those domains for the better is valuable in itself.
Since I'm asking, I'll start first:
- Most of my career has been lived in a Unix environment and I'm mostly interested in Unix-based technologies,. USENIX has been the premiere academic-type association for users and developers of Unix systems for decades. They have a quarterly journal which often has security-relevant topics in it, and usually about 1 issue a year is devoted to security stuff. They host many good conferences like USENIX Enigma, which is becoming one of the better technical security-focused events on an already saturated con calendar.
- A good source of information and various resources with good member benefits, including discounts on things and a monthly magazine covering technology topics. It crosses the boundary between industry and academia, and their working groups are responsible for coming up with many of the technological standards that are the basis of our work environment, including security technologies.
- IEEE Computer Society
- A sub-group of IEEE which focuses on computer science topics. They have a monthly magazine which often has articles or entire issues dedicated to security topics. Membership used to include a Safari Bookshelf membership, but they've switched over to a skillsoft membership with a reasonable selection of ebooks and trainings, including some trainings for CISSP and other security-related things.
- IEEE Information Theory Society
- Another IEEE subgroup, this one is more academic. There's a monthly journal covering information theory type things (encoding, signaling, etc.).
I also recently joined the Austin (ISC)2 chapter and attended last month's event. I'm planning on attending February's also. Previously, in the Baltimore area, I occasionally attended CharmSec which is a "CitySec"-style meetup group of a security professionals, as well as CharmBUG (BSD User's Group), the members of which also had a big security focus (which is no surprise, given the area).
I've been involved in OWASP in the past, but haven't been for a while. I'm thinking about revisiting that though.
-- wdf//CISSP, CSSLP