by Tamer Gamali, CISSP, CISO Mashreq Bank, and member of the (ISC)² EMEA Advisory Council Is the CISO well positioned to mitigate operational risk? (ISC)² will be asking this probing question of Security leaders at the kick-off session for Infosecurity Europe’s Leaders Programme in London next month. A round table discussion conducted under the Chatham House Rule, the session creates an opportunity to offer up frank comment and illuminate the challenges currently hampering companies from appreciating and truly gaining control of cyber risks. Infosecurity Europe’s Leaders Programme is open to CISOs and Heads of Information Security, who are the final decision-makers and budget holders for information security in end-user organisations, making this a bespoke session for those charged with managing the

Name: Kreesan Govender Title: Information Security Risk and Compliance SpecialistEmployer: MiWay Insurance (Santam Group)Location: Johannesburg, South AfricaEducation: National Diploma Computer Network EngineeringYears in IT: 5Years in Cybersecurity: 4Cybersecurity certifications: SSCP How did you decide upon a career in cybersecurity? I have always found hacking and data breaches interesting since my days at campus, and when I was given the opportunity to start my career within the cybersecurity field, I jumped at the opportunity. Since starting my career in cybersecurity, I have enjoyed every bit and have never looked back.   How did you decide to pursue your SSCP? I was fortunate enough to be mentored by my previous manager Mr. Stanley Langa, who introduced me to (ISC)² and the SSCP certification,

Nearly 900 cybersecurity professionals attended Secure Summit DC at the beautiful MGM National Harbor hotel. The two-day training event included more than 35 sessions in four tracks. Keynote speakers covered topics from resourcefulness to security culture, sociology to workforce development and beyond. A noteworthy theme evolved throughout the event, as speakers from both the private and public sectors – including many from the (ISC)² Board of Directors – acknowledged the need for a greater understanding of the cybersecurity basics both inside and outside the industry. “We’re in the golden age of threats,” said John McCumber, director of cybersecurity advocacy at (ISC)². Meanwhile Dr. Eric Cole lamented the fact that we’re still talking about passwords and patching. Dr. Jessica Barker presented

By and large, female and male cybersecurity professionals share the same workplace values, priorities and aspirations. Both place about the same level of importance on matters such as salary and working close to home – and both apply roughly the same skills to their work and view protecting people and data as their primary function, according to recent (ISC)2 research. In a survey of 250 cybersecurity professionals, (ISC)2 also discovered the number of men and women looking for new employment is exactly the same: 85 percent of cybersecurity workers are open to new employment opportunities, including 14 percent who are actively looking for a new job. Despite these mirror-image figures, women expressed a higher degree of satisfaction with their current

Name: Paul Bryant Title: CIOEmployer: phew! Cyber SecurityLocation: Auckland, New ZealandEducation: MCom (Hons), LLB (Hons)Years in IT: 20Years in cybersecurity: 15Cybersecurity certifications: CISSP   How did you decide upon a career in cybersecurity? In my roles designing and managing financial services technology infrastructures and leading technology teams I had a good deal of both technical and non-technical exposure to information security considerations and solutions. It is a complex and ever-changing area that bridges business and technology, and requires both technical and commercial engagement. It is also an area that is under-served in industry.   Why did you decide to pursue your CISSP? I wanted to consolidate my experience to date. The CISSP is still one of the broadest and most well-recognised programmes for