James Bond has entertained millions for decades. While he’s engaged in many battles and comes out victorious, his name is not a good password. Hopefully end users can learn from Manaford’s poor password practices. As the Facebook, Google, and Twitter hearings came to a close, Mark Zuckerberg assured the public that company earnings take a back seat to security. In a public announcement Zuckerberg said, “We're investing so much in security that it will impact our profitability. Protecting our community is more important than maximizing our profits." Hopefully the rest of the community follows suit. Looking at the other news of the week, it’s worth asking whether maximizing security over profits will someday be the top priority for organizations large

(ISC)² Community weighs in on Cyber Shield Act of 2017 Senator Ed Markey (D-Mass) has long been concerned about securing new technology as it bleeds into our everyday lives. In 2015, Sen. Markey, a member of the Commerce, Science and Transportation Committee, released the report, Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk. Since then, smart cars have made frequent headlines, which has had the residual effect of bringing securing connecting cars to front of mind for the auto industry. We posed the question, “What do you think?” to members of the (ISC)² Community, and received a wide range of opinions on whether industry experts think the legislation will make a difference. If the goal with the newly

Name: Richard Carpenter Title: Information Security ManagerEmployer: Global Media and EntertainmentLocation: Devon, United KingdomYears in IT: 10Years in cybersecurity: 7Cybersecurity certifications: CISSP   How did you decide upon a career in cybersecurity? In my previous role supporting Identity and Access Management, a certain amount of due diligence was required when auditing user accounts, logon usage, permissions and security best practices for Access brokers. This sparked my interest in a cybersecurity practice outside the traditional ‘Security Operations’ role. Why did you get your CISSP®? While reviewing the market for training opportunities to upskill in my new chosen career, I came across the (ISC)² CISSP certification in many places from online training, infosec seminars and colleague referrals. The industry as a whole held

This year marks the first ever (ISC)² EMEA Information Security Leadership Awards (ISLA), a chance for our community to recognise fellow information security and management professionals going the extra mile to enhance security across Europe, the Middle East and Africa. Overall, we received a staggering number of impressive submissions, over 200, and these were shortlisted down to our finalists by our judges, members of the Europe, Middle East and Africa Advisory Council (EAC). Winners will be announced at our Secure Summit UK on 12 December 2017. In the meantime, we will be sharing their stories on the blog. Here is the fourth installment: André Koenegras, Security Consultant at Motiv ICT Security (Netherlands) André is currently working towards gaining his CISSP

This week’s National Cybersecurity Awareness campaign focused on feeding the pipeline to narrow the skills gap in the cybersecurity workforce. While StaySafeOnline declared “The Internet Wants You: Consider a Career in Cybersecurity,” Ransomware hopped to the headlines.   Rabbit on the run ‘Bad Rabbit’, the third global outbreak of the year with similarities to NotPetya, struck companies throughout Russia and Eastern Europe with file-encrypting malware. This strand of ransomware metaphorically knocks on the user’s door by way of a malicious pop-up offering a Flash update. Though the outbreak was first reported, it’s suspected that the group behind the attack has been preparing since at least July.   Bountiful Rewards Security researchers got good news at the start of the week