• It’s rare to have a day go by without some security news making headlines. This week saw #KRACK trending on social media, which raised lots of questions about the security of cybersecurity. Here’s a look at what went on this week in passwords, automation, and more. The big flaw. Undoubtedly, the most notable news in security this week was the Krack attack, which impacted millions of Wi-Fi users. Around the world, businesses and homes were vulnerable because of flaws in Wi-Fi networks that use the (WPA)2 protocol. The good news, according to Anthony Lim, member of the (ISC)2 Asian Advisory Council, is that companies that have strong security measures in place are less at risk. Additionally, hacking into the myriad

    Oct 20,
  • Name: Tony HarrisTitle: Consultant, Cyber SecurityEmployer: KPMG LLP Location: Vancouver, CanadaEducation: MSc, Cyber Security (in progress) from the University of Liverpool, and Bachelor of Arts in American Studies & International Relations from the University of British ColumbiaYears in IT: 8Years in cybersecurity: 7Cybersecurity certifications: CISSP, CISM   How did you decide upon a career in cybersecurity? I began my career in general IT processes eight years ago as your typical jack-of-all-trades IT. I wanted to narrow my focus into a specialty that I'd be interested in and cybersecurity ultimately was that choice. The reason was because cybersecurity was a fast-paced and challenging environment, which kept me going compared to other specialties (i.e. DevOps, Systems Administration, and Helpdesk). Why did you

    Oct 18,
  • John McCumber is the newest member of the (ISC)² family. He joined the team last month and will be our first ever director of cybersecurity advocacy. John is based out of our North America Region office in Alexandria, Virginia and will be supporting the (ISC)² membership by advocating for them and the profession across the U.S. and Canada. John got his start in infosec in late 1986, when – in the middle of the night – he received a call that the DEC VAX 11/780 he was responsible for was under attack. Someone had figured out the vulnerability for the computer and it was being targeted by “bulletin board hackers.” John figured out what they were doing and how to

    Oct 17,
  • With news of the WPA2 KRACK (Key Reinstallation Attack) vulnerability ­– a security protocol flaw impacting nearly every Wi-Fi device– spreading quickly across the internet today, security professionals and novices alike are looking for clear guidance on what to do. With headlines like Serious flaw in WPA2 protocol lets attackers intercept passwords and much more and WPA2 security flaw puts almost every Wi-Fi device at risk of hijack, eavesdropping, it’s easy to understand why so many security pros woke up to another huge headache today. We asked our new Director of Cybersecurity Advocacy John McCumber to break down this news for us. Here is how he summed it up: “This weekend, the IT world woke up to the exposure of

    Oct 16,
  • From hacking U.S. intelligence, to blood test results, to your Facebook account. Here are the security headlines for the week of October 9, 2017: A recent study shows that privacy and security is only a concern for 15% of consumers when “performing work-related activities” (as opposed to 75% when visiting a doctor). So many that’s why so many companies are getting hacked? Spy vs Spy: Israeli officers watched in real time as agents in Russia searched for American intelligence information. Are iPhones conditioning us to fall for a phish? One researcher says so. It’s almost Halloween, so let’s call this healthcare data leak a BLOOD HACK. Sure, the title is cheesy, but this scary story is all too real. Cyberattacks

    Oct 13,