Name: Ramana Krothapalli Title: Consultant - Information Security & GRCEmployer: Self-EmployedLocation: Hyderabad, IndiaEducation: M.Sc., PGDCAYears in IT: 7Years in cybersecurity and/or privacy: 17Cybersecurity certifications: CISSP, HCISSP, CISA, CISM, ISO 27001 LA   How did you decide upon a career in healthcare security and/or privacy? It’s rather a chance than a choice. As the chief information security officer (CISO) of a software development firm, I was tasked to implement information security and privacy in multiple healthcare development projects. I am happy that I could contribute to security of healthcare.   Why did you decide to pursue your HCISPP? Apart from learning and educating myself about privacy concepts, I wanted to acquire a global certification in privacy, specific to the healthcare industry, to

The National Cyber Security Centre (NCSC) has outlined new rules of the road for earning its Certified Cyber Professional (CCP) specialist certification. The new pilot program for the certification commences in 2019 and focuses on assessing two main areas of specialism: risk management and security architecture. Why is this of interest to you? The NCSC has outlined three ways in which candidates can demonstrate foundational cybersecurity knowledge in order to qualify for the scheme. One of those ways is to hold a CISSP certification and a full (ISC)2 membership. This is yet another signpost that highlights the industry recognition of our noted certification. As the NCSC blog post states: “As you’d expect, we’ve spent a lot of time reviewing professional

Our own John McCumber, director of cybersecurity advocacy for North America, was provided a great opportunity this week to present the findings from our recent 2018 Cybersecurity Workforce Study to the National Initiative for Cybersecurity Education Working Group (NICEWG) at its monthly meeting. As you may well know – or can guess –  this working group covers the NICE Framework published by the National Institute for Standards and Technology (NIST) and brings together a diverse group of public and private sector cybersecurity experts to discuss ways to advance cybersecurity education, training and workforce development. To be invited to present to this group is a big step for our association and shows the recognition that (ISC)2 and our membership enjoy among

Name: Shawn O’Reilly Title: Information Security Officer Employer: SUNY Upstate Medical UniversityLocation: Syracuse, New YorkEducation: Master’s in Information Management, Syracuse UniversityYears in IT: 25Years in cybersecurity and/or privacy: 20Cybersecurity certifications: CISSP, CCSP, HCISPP, CISM, CISA   How did you decide upon a career in healthcare security and privacy? The opportunity to move into a healthcare security and privacy career presented itself about 15 years ago when I was searching for a new job. I was previously employed by a Big 4 accounting firm, where I got my start as a cybersecurity consultant. I was looking to move to another company where I could take my skills and knowledge learned as a consultant and make a significant impact at one organization

Cyberattacks rank as the number one risk of doing business in North America, Europe and the East Asia-Pacific region, according to a World Economic Forum report, Regional Risks of Doing Business. While business leaders in other areas of the globe are more concerned about unemployment, unstable governments and oil prices, cyber risks rank as the fifth highest worldwide. The concern about cyberattacks shows just how critical cybersecurity has become, ranking even higher than terrorism in the global top 10. Not surprisingly, cyber risks are a bigger concern among the most industrialized areas of the globe such as North America, where cyberattacks have become an all-too-common occurrence. “In Canada, 87% of businesses reported being the victim of a successful breach in