In 2018, the UK’s Department for Digital, Culture, Media and Sport (DCMS) funded the creation of the UK Cyber Security Council, which launched in March 2021. The UK government will look to the council as the authority on the cyber profession as it works to implement and enforce consistent standards for the industry. In January 2022, DCMS issued a public consultation on proposals to develop the cybersecurity profession in the UK. The proposal looks to provide clarity to the industry by looking at similar established fields such as accounting, law, and engineering that already have professional standards and pathways in place. Additionally, the proposals set out to address pathways into the profession and make it more accessible to a wider

Finding qualified cybersecurity personnel is never easy. Recruitment has become an even bigger challenge in the last two years as workforce shortages intensified and corporate networks expanded into employees’ homes. Worldwide, 60% of organizations say they are struggling to recruit cybersecurity talent, while 52% struggle to retain qualified people, according to a new report by Fortinet. The report is based on a survey of 1,223 IT and cybersecurity decision-makers across the globe. The struggle has a cost: 67% of respondents say the cybersecurity talent shortage creates additional risks for their organizations. Already, 80% of organizations have suffered at least one cybersecurity breach attributable to “a lack of cybersecurity skills and/or awareness.” When it comes to staffing cybersecurity teams, organizations have

Have you ever considered joining the (ISC)² Board of Directors? Our all-member and all-volunteer Board of Directors give their time and expertise to help guide our association forward and lead us in our vision of Inspiring a Safe and Secure Cyber World.   New this year, (ISC)² is hosting an open call for self-nominations for its available (ISC)² Board of Directors positions. All (ISC)² members in good standing and interested in serving are encouraged to submit their applications before June 12.   This new process enables more (ISC)² members to step forward and volunteer for the Board by submitting their nomination. This is an unprecedented opportunity for members to share their passion, experiences and what they hope to contribute to the Board

By Ruchika Sachdeva, CISSP, Certified Lead Auditor ISO 27001, Partner Trainer ISO 27001 with PECB. With the advent of the pandemic, the plethora of enterprises has turned inside out. The accelerated digital business has led to an exponential increase in cognition of both the service providers as well as the user community. Nevertheless, the hacktivists (a combination of hacker and activist) have found a persistent playground to play their part and constantly outsmart modern cyber security technologies. As per the Cost Of Data Breach Report (CODB), there has been 10% increase in the average total cost of a breach, 2020-2021. Does that end the fight against cyber crime? Definitely ‘NO’. Security is a journey, not a finish line. We must respond by reassessing

By Jon France, CISSP, CISO at (ISC)². Following our last quarterly meeting with our Board of Directors, Jon began to think about what a CISO should present, how to present it and, of course, what you hope the key takeaways are.   Board priorities are clear – protect the organisation, discharge duty of care, grow the business and set or correct strategic direction, but what and how does the CISO tell the board what the cyber landscape is?   The purpose of a Board – like the (ISC)² Board of Directors – is to consider strategic directions, bring expertise, balance risk and have fiduciary responsibility and duty of care. They need relevant information, opinions and insights on how to discharge their