Blog

When Uber’s massive data breach made it to the public’s ears recently, it became a member of an infamous group of companies who not only had vital customer data stolen, but who sat on the story and did not inform the public or the media until much later. The reasons for data breaches vary, but are heavily tinted by human errors and the presence of unprotected files or weaknesses on cloud servers. This is something that should make all cloud service providers (CSPs) sit up and take notice. Bad PR for one is bad PR for all.   The fact is, applications running in the cloud are not completely immune from breaches. Experts state clearly that IT teams need more robust

By Cevn Vibert, ICS Industrial Cyber Physical Security Advisor Cevn will be hosting the session Grass Roots Industrial Control Security at (ISC)² Secure Summit UK, between 12th and 13th December 2017. The industrial cybersecurity market is facing rapid changes as more threats are discovered, more impact is felt by end-users and cybersecurity vendors vie for leadership. My session will highlight both alerts and advice for end-users of automation and control systems (ICS/OT), as well as selected advisory notes for practitioners of Industrial Cyber Physical Security. Strategic methodologies and programmes of activities for mitigation of impacts on IIOT, IOT and how holistic integrated security can provide comprehensive situational awareness will additionally be provided. Multiple types of security are addressed, together with some mythical attack and defense scenarios.

Name: Mario Damar BardowellTitle: Security AnalystEmployer: LeidosLocation: Orlando, Florida, U.S.A.Degree: B.S. in Network Systems CommunicationsYears in IT: 8Years in information security: 2Cybersecurity certifications: SSCP, CISSP, CompTIA’s CASP and Security +, CEH   How did you decide upon a career in cybersecurity? The decision to pursue a career in cybersecurity was made due to the impression I received when I got a chance to work with an information security professional in my very first role as a help desk analyst. The man was sharp and always did things by the book. He didn't cut corners and showed me why securing systems was critical to a business’s success. It was then that I knew I wanted to put my time and effort

It’s not only the tech sector that’s talking about cybersecurity.  The cybersecurity industry has been advocating for awareness training for the better part of the last decade, and since the Equifax breach, security has gone mainstream. With its new popularity, cybersecurity has evolved into a hot political issue as well. One result of the attention is increased regulations, which has many defense contractors scrambling to meet the December 31, 2017 deadline for Defense Federal Acquisition Regulation Supplement (DFARS) compliance. In a year of many major breaches, legislators are eager to move forward on the Consolidated Audit Trail (CAT) project to improve Wall Street’s records collection. While Apple’s root flaw made headlines as a huge vulnerability, McAfee soared skyward with more

Following the jubilant moment of finding out you have achieved a passing score on your (ISC)² exam, you’re now ready for the endorsement process – but what does that actually mean? First, believe us when we say that the hard part is over! You’ve already passed the exam, and there’s no reason to be anxious or delay your endorsement. Especially if you’ve heard any of the endorsement myths below we are about to bust. Endorsement isn’t important It sure is! Becoming a certified member of (ISC)² is more than simply passing an exam, no matter how rigorous and challenging that exam may be. Earning your certification requires a certain amount of verifiable work experience – unless you’re an Associate of

The (ISC)² EMEA Secure Webinar series features live and on-demand online events where industry thought leaders, (ISC)² members and solution providers share their views on a variety of topics to help cybersecurity professionals in tackling the current threats and challenges they may be facing today. From GDPR to malware, the themes vary greatly, offering valuable insight into a wide range of areas concerning information security. The webinars are also free to members and non-members, timed conveniently for European, Middle East and African audiences and provide opportunities to earn CPEs. If you’re not familiar with the series or are perhaps interested in revisiting some topical issues facing the profession, why not explore our current top ten webinars, as ranked by fellow