By Dustin Perkins, CISSP, Senior Governance, Risk and Compliance Consultant for the US Region of CyberCX. Cybersecurity has proven a growing interest and concern among both the private and public sectors and, for those contracted to do business with the U.S. Department of Defense, this is increasingly important with the protection of potentially sensitive information by those in the private sector. On the heels of Federal Information Security Management Act (FISMA), every government agency is hyper focused on developing a hardened level of cyber hygiene by which to mitigate as much risk as possible. The Department of Defense is fulfilling this requirement in the creation of the Cybersecurity Maturity Model Certification (CMMC). The CMMC was created as an assessment framework

Organizations around the world are being targeted – often from an unseen enemy. Cyberthreats are a plague on systems and data, and combatting them is costly and time-consuming. In order to defend against bad actors, organizations need the talent and skills on staff to detect and mitigate cyberthreats. This has led to massive opportunity in the field of cybersecurity. Research shows the global workforce needs a staggering influx of 2.7 million cybersecurity professionals to meet demand.1 Cybersecurity is a strong career choice for many reasons. It offers opportunities globally and in all industries. There are more than 50 career paths to choose from and it’s widely seen as a field that’s future-proof. For those looking to get their foot in

World Cup fraud, Chinese tech bans and a social media cyberstorm hit headlines this week. Here are the latest threats and advisories for the week of December 2, 2022. Threat Advisories and Alerts NCSC Urges Christmas Shoppers to be Vigilant As Christmas shopping kicks into gear, the UK’s National Cyber Security Centre (NCSC) has launched a campaign releasing a series of secure online shopping articles to spread awareness about cybercrime this festive season. During this same time last year, thousands of holiday shoppers were scammed, resulting in £15.3m being stolen and victims losing on average £1,000 per person. Shoppers can protect themselves by setting up two-step verification where it’s offered, researching online retailers and using credit cards that protect online

A member recap of “Achieving Data Security and Analytics with AI” presented by Glendon Schmitz at (ISC)² Security Congress 2022. By Angus Chen, CISSP, CCSP, PMP, MBA Although “data is the new oil”, there are many problems with working on production data directly.  Organizations encounter regulations to protect privacy such as General Data Protection Regulation (GDPR). The fine for violating GDPR is 17 million British Pounds or 4% annual global turnover. Amazon was charged with U.S. $887 million, WhatsApp U.S. $267 million and Marriott 18 million British Pounds for data breaches. The list goes on and on. Furthermore, organizations sharing data with third parties infringe on user’s privacy without consent such as the Facebook and Cambridge Analytica cases. Production data

The following individuals were elected to the Board and will begin their three-year term in January 2023:  Laurie-Anne Bourdain, CISSP – Belgium   Edward Farrell, SSCP, CISSP – Australia   Nalneesh Gaur, CISSP-ISSAP – United States   Guy Ngambeket, CISSP – United Arab Emirates   Yiannis Pavlosoglou, CISSP – Greece  Congratulations to our directors! The election ran from November 1-14, 2022, and 4,717 (ISC)² certified members voted in the election and results were independently tabulated and verified by our third-party election facilitator and audited by an independent third-party.  The (ISC)² Board of Directors is responsible for:  Strategic direction, governance and oversight for (ISC)²  Developing policies and procedures  Granting certifications  Enforcing the (ISC)² Code of Ethics  For the first time this year, self-nominations to serve