One of the biggest draws to (ISC)² Security Congress is networking and engaging with other experts in the cybersecurity industry. Despite the lack of gathering together in-person, #ISC2Congress 2020 will not be lacking in the opportunities for connecting with others, learning best practices and providing career enhancement in five networking lounges throughout the conference. With more than 4,500 attendees registered, there is something for everyone at all career levels. Each of the five topic-specific lounges will allow attendees to participate in a discussion forum, access resources, view presentations, ask questions and even earn CPEs for attending. Attendees and Members Lounge While it is everyone’s first virtual (ISC)² Security Congress, if this is your first year as a member of (ISC)²

A corporate security policy is the cornerstone document of a company’s risk management. Does your business have the appropriate security controls in place to implement the policy, or is the policy a forgotten document in a dusty drawer? Although most companies have established security policies at the strategic level these are not always enforced, because they lack foundational support at the tactical level. The key to solving this is knowledgeable and skilled security practitioners who can take the lead and implement security controls aligned to the policy’s goals. Many security incidents may have been avoided if the proper security controls had been in place. As a result, affected businesses are running the operational risks of huge penalties by not being

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP professional. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted. In support of this, (ISC)2 has launched a series of interviews to explore where CISSP certification has led security professionals. Our first installment features Javvad Malik, a security awareness advocate at KnowBe4, as well as blogger and YouTuber at JavvadMalik.com. He’s also contributes on two podcasts,  The State Sponsored Podcast and Host Unknown, a company he founded. What job do you do today? I’m a security awareness

(ISC)² Security Congress is virtual for the first time this year making it even easier for CISSPs, and all certified (ISC)² members, to earn CPEs. Taking place November 16-18, we’ll been presenting 3 expert keynotes, a Town Hall meeting, virtual expo hall and networking opportunities, along with nearly 50 hours of educational breakout sessions. To attend, you’ll need to create an account and purchase your pass for the conference. Member pricing is U.S. $395 for an All Access Pass which is your best value for price and CPEs. Keynote sessions will be available on-demand for 60 days after the event. However, all the breakout sessions will be available to attendees for a full year after Security Congress. This means that

by Anastasios Arampatzis Cyberattacks in the Healthcare Industry are Increasing The use of technology in the healthcare sector can be both life-saving and life-threatening. Advancements in technology, like 3D printing, virtual reality, robotics, and Internet of Medical Things (IoMT), improve the ability of healthcare organizations to provide better care for their patients. At the same time, criminals leverage this new technology to execute their malevolent causes by either stealing protected health information (PHI) and other sensitive data or disrupting the operation of healthcare providers. The recent COVID-19 pandemic serves as a good example of the attack vectors criminals are using. Taking advantage of the people’s increased need for timely and accurate information about the pandemic, cybercriminals launched an unprecedented campaign