Martin R. Okumu lived through the ransomware attack on the City of Baltimore in 2018, which affected 90% of the municipality’s applications. As the then-director of IT infrastructure for the city, he learned a lot of valuable lessons about defending against and recovering from a ransomware attack. On Tuesday afternoon, he shared those lessons with (ISC)² Security Congress 2021 attendees during a virtual session. He is now the Chief Information Officer for the City and County of San Francisco. In many ways, Okumu said, Baltimore was not prepared for the attack. The city did not have a cyber incident response team (CIRT), or well-defined plans for activating an incident response, or how to handle communication and escalation. These are elements

"Perseverance” and “Ingenuity” aren’t just the names of spacecraft on Mars; they are also the human qualities we need to get us through the post-pandemic world, said Adam Steltzner, chief engineer and mission leader of NASA's Mars 2020 mission. Steltzner, who works at NASA’s Jet Propulsion Laboratory (JPL) in Pasadena, CA, was the keynote speaker on the second day of the (ISC)² Security Congress 2021, taking place virtually through Wednesday, October 20. After NASA landed the nuclear-powered “Curiosity” rover on Mars in 2012, the agency worked to send another rover to the Red Planet. That rover, “Perseverance,” landed on Mars in February 2021, accompanied by a helicopter-like robotic spacecraft called “Ingenuity.” Getting there wasn’t easy, Steltzner recalled. It required adjusting to

Picking up on the theme of diversity, equity and inclusion (DEI) that (ISC)² CEO Clar Rosso says is critical to solving the cybersecurity skills gap, a panel discussion on Monday addressed the challenges that get in the way of successful DEI implementations. Several themes emerged during the late-afternoon panel session, which was part of (ISC)2 Security Congress 2021, taking place virtually this week: Don’t expect change to occur immediately Diversity, equity and inclusion requires a step-by-step approach Keep talking about the issue so it stays at the forefront Measure success by looking at numbers within the organization The session, moderated by Tara Wisniewski, executive vice president of Advocacy, Global Markets and Member Engagement at (ISC)², kicked off with a quick

The number of connected devices will continue to increase in the next five years, widening the attack surface for cyber adversaries. If we hope to have a fighting chance against them, we need a shift in thinking about defenses as well as increased cooperation between the private sector and government. That was the message delivered by Chris Krebs in the opening keynote of (ISC)2 Security Congress 2021, taking place virtually today through Wednesday. His keynote was the first of about 130 sessions scheduled for the three-day event. Krebs is the former director of the Cybersecurity and Infrastructure Security Agency (CISA), which is part of the U.S. Department of Homeland Security. He served in the role from November 2018 to November

(ISC)² CEO Clar Rosso kicked off Security Congress 2021 this morning and wasted no time addressing two of the industry’s most pressing topics – the workforce gap and the need for diversity in cybersecurity. This year’s Congress, taking place today through Wednesday, is once again virtual as a result of the COVID-19 pandemic. In welcoming attendees to the yearly event, Rosso had some praise for the cybersecurity community. “You’ve proven yourself ready for any challenge,” she said. “For almost two years, in the midst of an ongoing pandemic and unrelenting threats, you continue onward, defending our critical assets and keeping us safe.” She then wasted no time pivoting to the challenges the industry faces on a daily basis, starting with