With news of the WPA2 KRACK (Key Reinstallation Attack) vulnerability ­– a security protocol flaw impacting nearly every Wi-Fi device– spreading quickly across the internet today, security professionals and novices alike are looking for clear guidance on what to do. With headlines like Serious flaw in WPA2 protocol lets attackers intercept passwords and much more and WPA2 security flaw puts almost every Wi-Fi device at risk of hijack, eavesdropping, it’s easy to understand why so many security pros woke up to another huge headache today. We asked our new Director of Cybersecurity Advocacy John McCumber to break down this news for us. Here is how he summed it up: “This weekend, the IT world woke up to the exposure of

From hacking U.S. intelligence, to blood test results, to your Facebook account. Here are the security headlines for the week of October 9, 2017: A recent study shows that privacy and security is only a concern for 15% of consumers when “performing work-related activities” (as opposed to 75% when visiting a doctor). So many that’s why so many companies are getting hacked? Spy vs Spy: Israeli officers watched in real time as agents in Russia searched for American intelligence information. Are iPhones conditioning us to fall for a phish? One researcher says so. It’s almost Halloween, so let’s call this healthcare data leak a BLOOD HACK. Sure, the title is cheesy, but this scary story is all too real. Cyberattacks

This year marks the first ever (ISC)² EMEA Information Security Leadership Awards (ISLA), a chance for our community to recognise fellow information security and management professionals going the extra mile to enhance security across Europe, the Middle East and Africa. Overall, we received a staggering number of impressive submissions, over 200, and these were shortlisted down to our finalists by our judges, members of the Europe, Middle East and Africa Advisory Council (EAC). Winners will be announced at our Secure Summit UK on 12 December 2017. In the meantime, we will be sharing their stories on the blog. Here is the first instalment: Bridget Kenyon, Head of Information Security at University College London (United Kingdom) After graduating from the University of

(ISC)² is excited to announce the launch of our new online Community. Created for cyber experts and IT security professionals – both (ISC)² certified members and non-members alike – this Community is a place for you to share your cybersecurity knowledge and experience with other professionals. The Community has several categories with discussion boards where you can post conversation topics, or message directly with other users. We hope that you’ll find this to be a place to connect with other professionals, collaborate on industry issues, share your career experiences and develop relationships with others in the field. So come on by! Post a question, join a discussion and earn your Early Adopter badge (as long as you join before November

By Yves Le Roux, (ISC)² EMEA Advisory Council Co-Chair & Privacy Workgroup Lead Yves will be hosting the half-day workshop  GDPR: Charting Experience on the March to May 2018 at (ISC)² Secure Summit MENA, in Dubai on the 21st and 22nd November 2017. The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). The regulation was adopted in April last year. It becomes enforceable from 25th May 2018 and, unlike a directive, it does not require national governments to pass any enabling legislation; and is thus directly binding