In a thought-provoking presentation during Security Congress, Walmart’s chief security architect challenged cybersecurity professionals to take a more scientific approach to their work. Ira Winkler urged organizations to implement comprehensive behavioral cybersecurity programs that use statistical analysis to understand human actions. With this approach, he argued, you can better address bad habits that contribute to security vulnerabilities. It also allows you to learn and address the needs and wellness of cybersecurity teams. Too often, he says users get wrongly blamed for security issues. “If you have a user that creates harm, the harm is a result of a poorly designed system,” he said. Organizations run awareness programs that seek to change behavior through entertainment by, for instance, showing users funny

When an organization suffers a ransomware attack, how well they can respond comes down to preparedness. An up-to-date, comprehensive incident response plan (IRP) can make a big difference, said Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea. Joseph spoke about ransomware response on Monday as part of the annual (ISC)² Security Congress, taking place through Wednesday in Las Vegas. To illustrate the importance of being prepared when responding to an attack, Joseph walked his audience through an experience he had with a client. The company’s security team was notified of an attack by the hackers through email and text. In response, the company activated its response plan and called Joseph to help them with recovery and investigation. The

(ISC)² CEO Clar Rosso opened Security Congress in Las Vegas today by revealing this year’s event theme – EMPOWER. “Security Congress is about (ISC)² helping to empower you to strengthen your efforts against the bad guys, helping you to more effectively secure our information and our systems, and helping you to be more successful,” she said. Clar told attendees at the event, taking place today through Wednesday, that they are stronger together. Drawing on the power of community, the community will create “a more safe and secure cyber world.” Cybersecurity, she said, has taken center stage across the world. While in the past it was a luxury that only governments and big enterprise could afford, it is now a critical need

U.S. government cyber alerts, updates on major data breaches and U.K. privacy crime…. Here are the latest threats and advisories for the week of October 7, 2022. Threat Advisories and Alerts Voters Should Remain Vigilant of Cyber-tampering Ahead of U.S. Midterm Elections As the U.S. midterm elections near, voters may be concerned about tampering by cybercriminals. There’s a good reason. U.S. election systems continue to be a target for malicious threat actors. While cybercriminals may spread false claims about disrupting election infrastructure, the FBI and CISA have found no evidence that cyberactivity has ever affected the accuracy of voter registration information, prevented a voter from casting a ballot or compromised the integrity of cast ballots. Voters should, however, report suspicious

One of the many things that makes the (ISC)² community special is we have members who seek out challenges and we see that demonstrated by our (ISC)² Board of Directors. The board, elected by members, is made up of all (ISC)² certified volunteers. Through their meetings in 2022, they have proposed amendments to the current bylaws which will be presented to the members for a vote.   Over the past two years, our board has dedicated significant attention to a review of the association’s practices related to committees, nominations and governance. The goal of this effort has been to ensure that we create an inclusive organization that is well poised to serve the needs of the profession into the future. Additionally,