The Role of the Board in Effective Risk Assessment The growing sophistication of cybercrime is making it a necessity for companies to discuss its challenges and defense methods regularly at the board level. The results of an attack may involve refusal of an insurance company to pay, the potential for class action lawsuits, infections that penetrate too deep into the IT system to be removed, and violation of data protection rules. Boards and directors must approach cybersecurity as an enterprise-wide risk management issue. They must embrace their organization’s cyber risk appetite and understand the types of internal and external threats the company faces. An experienced CAP certified professional helps guide directors by blending their education and experience with a capacity

The end of the year is a good time to reflect on the past 12 months and create a plan to improve in 2022. Like years past, 2021 revealed more of the same for the cybersecurity industry—more breaches, bigger ransomware attacks, higher stakes. Some of the most disruptive cyberattacks occurred this year, such as JBS Foods, Kaseya and Colonial Pipeline. These attacks received global attention and spotlighted the need for even more attention on cybersecurity best practices. To help CEOs around the globe better understand cyber risks and how to make their businesses more secure, (ISC)² conducted an online poll of 200 cybersecurity practitioners, whose roles range from cybersecurity leadership to cybersecurity team member, and asked them a simple question:

In cloud computing environments, files are not stored in a hierarchical way. Most cloud architectures use a combination of splitting data vertically, horizontally and replication to improve response times, scalability, availability and fault tolerance. This is called object storage. Objects are accessible through APIs or through a web interface. Object storage introduces new challenges related to data consistency, which are not present in relational databases. One of the more fundamental decisions cloud professionals need to make is whether they will choose eventual consistency for data in corporate systems or strong consistency. Selecting a data consistency model is a decision that cloud security professionals must make. Both models are useful tools in the hands of cloud professionals, who must determine the

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP professional. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted. In this installment, we talk Chinyelu Philomena Karibi-Whyte. Chinyelu shares with us why she pursued CISSP and how achieving it enabled her to develop her career and negotiate a better salary. What job do you do today? I am a Cyber Security Consultant within the Cloud Infrastructure Service at a Consulting Organisation. What problems does your company solve? My team and I help organisations deliver secure cloud