The modern software developer faces an enormous amount of challenges. From continuously creating innovative apps to ensuring high quality and meeting tight deadlines, developers need to cope with many responsibilities. As a result, security is still one of the last priorities on many developers’ minds during the software development lifecycle. Vulnerable Apps Increase Cyber Threats Despite that the 2020 Verizon Data Breach Investigations Report indicates that most data breaches happen through vulnerable web applications, many developers are still hesitant to adopt a security mindset. Even though the news headlines are filled with the names of companies being compromised every day, they make the mistake of thinking it could not happen to them. Many software developers do not typically worry about

Haven’t had a chance to nominate a colleague, peer or mentor yet for the Global Achievement Awards? Great news, the deadline has been extended to April 23! There are a few updates to the awards this year. With so many awards to choose from, let’s take a look at a few of them. These awards are similar in that they recognize individuals who have made a significant impact on the security industry during the past year. (ISC)² Government Professional Award This award recognizes regional government information security leaders who have made significant security developments at the federal, state or local level in a department, agency or the entire government. Candidates must have at least three years of work experience. The

Is There Ever Too Much Data? As a security practitioner, you know that businesses are fuelled not only by people but by data. Years ago, the phrase “Big Data” was a new, innovative way to gain a business advantage. Now, big data is the norm. When we think of all the data that has been gathered, we must stop and wonder about what is contained in that data. Many important, and often private details are stored about the clients of a particular business. Over time, it became clear that this data, if obtained by criminals, could be damaging to an individual. Personally Identifiable Information (PII), Protected Health Information (PHI), private financial records, and a selection of other sensitive data hold

Clar Rosso, (ISC)² CEO and Casey Marks, Chief Product Officer and VP, (ISC)² recently hosted the latest in our new Inside (ISC)² webinar series, a quarterly series designed to give members a glimpse of the latest developments from inside the association, as well as an opportunity to ask questions. The March 23 session included milestones from the first quarter, as well as a deep dive into (ISC)²'s process for developing exams and certifications. Q1 Recap Rosso kicked off the discussion with a recap of the association’s response to the pandemic, and its transition to online learning. Recognizing that 2021 still means travel restrictions for most people, (ISC)² is increasing its free online courses and increasing its webinar program by 40%,

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP professional. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted. In support of this, (ISC)2 has launched a series of interviews to explore where CISSP certification has led security professionals. Last time we spoke to Chris Clinton. This installment features Mari Aoba, a security analyst at Japan Security Operation Center. What job do you do today? I work as a security analyst at Japan Security Operation Center (JSOC) in LAC. JSOC provides Managed Security Service to over