What is the GISWS? Since its first release in 2004, the biennial (ISC)²® Global Information Security Workforce Study (GISWS) has been gauging the opinions of information security professionals; and in turn, providing detailed insights into the important trends and opportunities within this increasingly crucial profession. This year, the study conducted its largest-ever global survey of cybersecurity professionals, with over 19,000 individuals taking part (3,694 of which hailing from Europe), further allowing it to ascertain an even clearer and progressively more complete profile of the information security workforce; with stronger understandings of areas and issues such as pay scales, skills gaps, training requirements, corporate hiring practices, security budgets and career progression. Additionally, the study explored corporate attitudes towards information security; presenting

Name: Aoba Mari Title: Security AnalystEmployer: LAC / JSOC (Japan Security Operation Center) Location: Tokyo, JapanDegree: Bachelor’s Degree in International PolicyYears in IT: 5 yearsYears in information security: 5 yearsCybersecurity certifications: SSCP   How did you decide upon a career in cybersecurity? Among the various fields in the IT industry, information security is the fastest growing and at the same time, I think there is a high demand for rare technical skills. For me, more than anything, that’s the biggest reason why I think it’s a very interesting field. I was involved in forensic analysis, and after that I have been working as a security analyst. Why did you get your SSCP®? I’ve always wanted to acquire a professional certification

A holiday week in the U.S. and U.K. means five days worth of headlines in four business days. Here’s what we saw this week… Wanna move on from WannaCry? Not so fast, my friend. BitSight looks at the global impact of the ransomware that spread two weeks ago and found that the ransom collected is only around $100,000. Dark Reading reports on cyber criminals attacking each other on the dark web. Can’t we all just get along? No, apparently not. The price of a breach is high. Bitdefender looks at the Ponemon Institute’s study of the impact on stock prices. China introduced a new cybersecurity law this week, with a penalty of 50K-500K yuan. CNN Tech looks at what this

Since 2013, (ISC)² has been a partner of Bugcrowd, running a public bug bounty program and offering CPE credits to our members. Bugcrowd is a leading provider of crowdsourced security and bug bounty programs, connecting organizations with more than 50,000 independent security researchers to identify vulnerabilities. As an (ISC)² member, you can participate in Bugcrowd’s bug bounty programs in exchange for CPE credits. We encourage you to participate in this program to continue honing your security skills, and to apply those skills to help inspire a safe and secure cyber world.   To participate, Sign up as a Bugcrowd researcher at bugcrowd.com Find a bug in one of Bugcrowd’s bug bounty programs, including the (ISC)² Bug Bounty Program Earn up