Graham Cluley Despite the substantial increase in remote working since the start of the COVID-19 pandemic, security breaches have stayed about the same for the vast majority of people and businesses, according to security expert Graham Cluley, an award-winning blogger who provided the Tuesday keynote speech at this year’s virtual (ISC)2 Security Congress. Only one in 10 businesses say they have experienced a dramatic increase in attacks, Cluley said, before quickly adding that attacks don’t always result in breaches. As a matter of fact, research shows breaches increased by only one percentage point over the past 12 months, to 16% from 15% in the previous 12-month period, Cluley said. “Let’s not be too glum,” Cluley said. While he struck a

When does technology become too easy to use? And when does simplicity start working against you? These were among the many the questions tackled by a group of panelists during a 2020 (ISC)² Security Congress virtual session called “Easily Deployed and Sold Short.” At issue was whether easy-to-use user interfaces on complex security tools make it more difficult for cybersecurity team leaders to figure out what skills their team members have mastered. Timothy Robnett, vCISO at Wavefront Consulting, made no bones about it: “A simple UX makes it harder to promote somebody,” he said. Simplicity of use, he said, doesn’t erase the need for critical thinkers who tackle hard questions and know how to dig into a problem. But it

5G is coming, bringing with it speedier connections and higher bandwidth. But what about security? As with most things related to technology, there’s good and bad, according to Kevin McNamee, director of threat intelligence at Nokia. It’s a two-sided coin. 5G is inherently more secure than previous wireless standards, but also vastly increases the attack surface as Internet of Things (IoT) devices proliferate, McNamee said. Monitoring, automation and secure communications will be essential to securing 5G investments, he added. His remarks came during a breakout session as part of (ISC)2 Security Congress 2020, taking place virtually this week. Kevin McNamee, director of threat intelligence, Nokia On the positive side, McNamee said, 5G uses HTML2/TLS-based secure services, which are more robust

Bruce Schneier The relationship between technology and public policy is the defining challenge of the current century, according to Bruce Schneier, the keynote speaker at (ISC)2 Security Congress 2020, taking place virtually this week. “Today technology is deeply intertwined with society. It’s literally creating our world. It’s no longer sustainable for technology and policy to be in different worlds,” said Schneier, a security expert, best-selling author and Fellow at Harvard University’s Berkman-Klein Center for Internet & Society. When the internet was first commercialized, governments didn’t want to stifle the development of an important and profitable industry. As a result, the internet grew and evolved without any real planning as it became closely linked with financial systems, election systems and so many

Take the CISSP practice quiz to find out if you’re ready for the exam The CISSP certification is the ideal credential for those with the technical and managerial competence, skills, and experience to design, engineer, implement, and manage an overall cybersecurity program. Considered the industry’s premier security credential, the CISSP differentiates leaders giving them the competitive advantage across the industry. The CISSP covers eight broad domains, so it’s no surprise that preparing for the exam can be a daunting task. To help you assess your readiness, we’ve developed the CISSP practice quiz. The free online quiz is designed to test your knowledge on topics found in each of the eight CISSP domains found in the Common Body of Knowledge (CBK).