By James Packer (ISC)² London Chapter President I’m very much looking forward to moderating the diversity panel at the Secure Summit in September. The topic of skills and diversity in the industry is a deep passion of mine as I feel we need to continue to be a forward looking industry, carefully considering the demands of the current age of technology and the trends of technology consumption amongst the next generation. As President of the (ISC)2 London Chapter, this is an area of focus for us as a Chapter; we are currently developing our Education Framework, which is a strategy that outlines areas where the Chapter perceives risks that we have some capacity to influence for the better which includes information

By Steve Mair Senior Cyber Security Consultant, PGI On 18th June 2018, the Department for Culture, Media and Sport (DCMS) made an announcement to the effect that PGI are going to run a 10 to 12 week training programme for women with little or no cyber security background.  Candidates will be employed from the outset of training, moving straight into a guaranteed job on completion with a leading employer within the sector. This programme is called Women in Cyber and currently PGI have had over 160 expressions of interest from women around the UK. At the forthcoming (ISC)² Secure Summit, I will be taking part in a panel discussion on Diversity and Skills in Cybersecurity. I am a passionate advocate of skills

It has been one year since the Equifax breach was first disclosed to the public. It has been one year and six weeks since Equifax first became aware of the breach. The delay in the public announcement of the breach after executives became aware may have proven just as damaging as the delay in installing a patch for the known vulnerability that led to the breach itself. The repercussions of the failure to communicate the breach is just part of our cover story in the latest issue of (ISC)²’s member magazine, InfoSecurity Professional. The article, “One Year Later” is a retrospective on the lessons learned from the breach that exposed the personal information of as many as 147 million Americans.

By Adrian WincklesDirector of Cyber Security, Networking and Big Data Research Group, Anglia Ruskin University Whilst figures differ depending on which report you read, Gartner estimates the average time between a breach and detection to be about 285 days. By this time, an attacker has long gone. With all the security products in an enterprise network today, why is this still so long? One reason maybe because threat detection is a big data problem. Particularly for network traffic based solutions. A handful of probes, or mirror ports, across a high-speed enterprise network and you could be capturing Terabytes of network packets a day. This then needs to be correlated to your SIEM. This all poses several problems. One, this data

You asked – we listened! We are excited to announce new Online Self-Paced Training for the CISSP-ISSAP and CISSP-ISSEP concentrations. These courses are available in the recently updated (ISC)² Learning Management System. Both self-paced courses include online access for 134 days, as well as flash cards, a post-course assessment, case studies, quizzes, videos and other learning activities. The ISSAP concentration is ideal for a CISSP who specializes in designing security solutions and providing management with risk-based guidance to meet organizational goals. The Official (ISC)² ISSAP Self-Paced Training covers the six domains of the CISSP-ISSAP CBK®: Identity and Access Management Architecture Security Operations Architecture Infrastructure Security Architect for Goverance, Compliance, and Risk Management Security Architecture Modeling Architect for Application Security The