Blog

If no news is good news, we’ve got trouble. Here are the top security headlines for the week of June 26, 2017: Is your security team down with IoT? Yeah, you know that 48% of U.S. companies aren’t. Just when you thought ransomware was out of the news, Petya pulls you back in. A two-step guide to dealing with ransomware: 1. Back up your data. 2. Never pay. The source code is out there. Windows 10 code was released, causing even more security concerns for the operating system. Snapchat maps? Time to activate Ghost Mode. Heard a cybersecurity story we should share? Tweet us @ISC2!

By Yves Le Roux, CISSP, CISM, Co-Chair, Europe, Middle East and Africa Advisory Council (EAC) Recently our GDPR Task Force has found that despite efforts to prepare for the incoming regulation, many practitioners are finding that there is actually a lot more to do than originally anticipated, and are still in “discovery mode” about what data they hold. Data being fragmented and contained within individual business units means that knowing where data sets reside and mapping their flow is proving challenging. Businesses have just realised the mammoth task ahead of them Many businesses are still stuck in the initial stages of establishing their inventories of information, or not yet having support from the board and business units of their organisations,

This month marked the opening of nominations for the first-ever (ISC)² EMEA ISLA, allowing you to nominate fellow information security and management professionals throughout the private and public sectors across Europe, the Middle East and Africa. The nomination categories are: Senior Information Security Professional, Information Security Practitioner, Up-and-Coming Information Security and Woman Information Security Professional. Nominations must be put forward by a colleague, so we hope that many of you will feel inspired to put forward your professional peers. We do appreciate that nominating someone may seem like a daunting task, or you may be unsure whether who you have in mind even fits the bill altogether. So, by way of inspiration we have profiled past ISLA winners from the

 Name: Jae H. Moon Title: Sr. Systems (Linux/IA) EngineerEmployer: Cray, Inc.Location: Salt Lake City, Utah, U.S.A.Degree: Master’s degree in Information Systems (emphasis on information security)Years in IT: 16+Years in information security: 10+Cybersecurity certifications: CompTIA Security +, SSCP   How did you decide upon a career in cybersecurity? I had the opportunity to work as a summer intern at Scott Air Force Base in Illinois for the Department of Defense. I also worked as a Unix System Administrator for AT&T (after graduating from college) which focused heavily on implementing various information security principles and practices to maintain their operating systems. These two opportunities allowed me to explore the field of cybersecurity. Why did you get your SSCP®? I felt that the

Two of the most pressing cybersecurity tasks of our time are the need to dramatically grow the size of the workforce, and to create one that is agile enough to keep up with the shifting sands of today’s business landscape. Infosec Europe’s keynote panel session “Building an Agile Security Team for the Future,” chaired by (ISC)²s EMEA managing director Adrian Davis, saw leading frontline professionals from travel search giants Skyscanner, to transport operator Network Rail and the UK government, discuss how these challenges might be addressed.  The first key insight was that an agile cybersecurity team cannot have fixed, traditional role boundaries. Having fluid job roles allows cybersecurity professionals the ability to learn new skills, aspire to achieve managerial positions

While the projected 1.8 million cybersecurity workforce gap is a staggering number, the Global Information Security Workforce Study did reveal which sectors are most aggressively looking to address this talent shortfall. Healthcare, retail and manufacturing top the list of industries looking to increase their cybersecurity workforce by more than 20% over the next year. Healthcare, in particular, is aiming for a 39% increase. It’s not surprising that they’re leading the charge to staff up, as Privacy Rights Clearninghouse reports that there were 223 known breaches to healthcare organizations in the United States in 2016 - and another 46 disclosed so far this year.   Hospitals and clinics face the unique challenge of securing paper files, as well as digital, and