Russian cybercrime, social media corruption and a tidal wave of malicious app downloads…. ​​Here are the latest threats and advisories for the week of September 30, 2022. Threat Advisories and Alerts CISA Issues Warning to OT/ICS Owners and Operators Operational technology/industrial control system (OT/ICS) assets continue to be an attractive target for cybercriminals, and ICS networks are rife with risk. OT/ICS technology has vulnerable IT components and large attack surfaces—and traditional security measures don’t adequately address modern threats. System owners should assume that they will be targeted. To mitigate attacks, operators and owners can limit the exposure of system information, conduct regular security audits and secure remote access points. Source: https://www.cisa.gov/uscert/ncas/alerts/aa22-265a Zero-Day Vulnerability Exploited in Sophos Firewall A new critical

One month after launching three new initiatives, (ISC)² Candidates, (ISC)² Certified in Cybersecurity SM and (ISC)² One Million Certified in Cybersecurity, aimed at addressing the cybersecurity workforce gap, we are thrilled to share our initial successes. We have seen a rapid adoption within the past 30 days of these programs among cybersecurity candidates looking to enter the field. The quick embrace highlights the importance of developing new and unique pathways to make cybersecurity careers more accessible worldwide. Through these initiatives, we are laying a strong foundation to encourage more people to explore the opportunities of a cybersecurity career. In fact, in the past month, we have seen 55,000 individuals sign up to become an (ISC)² Candidate – a program for individuals looking to pursue or consider a

This continues our recognition of our Global Achievement Award recipeints. Click here to read more about our award honorees in part one.  (ISC)² Government Professional Award Recognizing government information security leaders whose commitment to excellence has helped to improve government information security and to advance an in-demand workforce. The 2022 honorees: Americas: Jermone Andre Leach, CAP, CISSP, Defensive Cyber Operations Lead, United States Coast Guard For his efforts in ensuring industry standard awareness and threat remediation. This includes a focus on International Defensive Cyber’s Hunt Forward Operations. EMEA: H.E. Dr. Mohamed Hamad Al-Kuwaiti, Head of Cybersecurity, UAE Government For being instrumental in elevating the UAE’s position as a global leader in the cybersecurity field, improving the national cybersecurity capabilities and

Congratulations to the following security professionals recognized for their outstanding contributions to the cybersecurity industry. The annual (ISC)² awards honor exceptional practitioners for their commitment to a safer cyber world for one and all. Each will be honored at next month’s (ISC)2  Security Congress in Las Vegas. (ISC)² Senior Professional Award Recognizing individuals who have significantly contributed to the enhancement of the information security workforce by demonstrating a leadership role in an information security workforce improvement initiative, program or project. The 2022 honorees: Americas: Shawn Harris, CCSP, CISSP, CISSP-ISSAP, Senior Director of Information Security and Compliance, Chipotle Mexican Grill For his involvement in the development and implementation of the Cloud Controls Matrix (CCM), a cybersecurity control framework for cloud computing

What is the true value of a cybersecurity certification? Many people may underestimate the depth of knowledge that is required to earn the designation of a certified security professional.  Along with that, many do not recognize the global reach of a certification.  We spoke to Jonas Björk, of Cygate, which is a Swedish telecommunications organization. His decades-long passion for cybersecurity is only eclipsed by his love of skateboarding. Jonas attested to both the gravity of knowledge required, and the value of the Certified Cloud Security Professional (CCSP) credential.  His sincere and candid conversation is extremely motivating.Q: What is your current role at Cygate? A: My role at Cygate is a Security Pre-sales representative, as well as an engineer and security