Blog

U.S. government cyber alerts, updates on major data breaches and U.K. privacy crime…. Here are the latest threats and advisories for the week of October 7, 2022. Threat Advisories and Alerts Voters Should Remain Vigilant of Cyber-tampering Ahead of U.S. Midterm Elections As the U.S. midterm elections near, voters may be concerned about tampering by cybercriminals. There’s a good reason. U.S. election systems continue to be a target for malicious threat actors. While cybercriminals may spread false claims about disrupting election infrastructure, the FBI and CISA have found no evidence that cyberactivity has ever affected the accuracy of voter registration information, prevented a voter from casting a ballot or compromised the integrity of cast ballots. Voters should, however, report suspicious

One of the many things that makes the (ISC)² community special is we have members who seek out challenges and we see that demonstrated by our (ISC)² Board of Directors. The board, elected by members, is made up of all (ISC)² certified volunteers. Through their meetings in 2022, they have proposed amendments to the current bylaws which will be presented to the members for a vote.   Over the past two years, our board has dedicated significant attention to a review of the association’s practices related to committees, nominations and governance. The goal of this effort has been to ensure that we create an inclusive organization that is well poised to serve the needs of the profession into the future. Additionally,

Managers who hire entry- and junior-level cybersecurity practitioners may do so to free up senior staff for more advanced work. But what they often find is that new hires contribute more than expected. Those new to cybersecurity bring fresh perspectives and excitement. They are open to different ideas, are generally eager to learn and want to succeed. Consider the following comments from respondents to an (ISC)² study on cybersecurity hiring practices:  Entry- and junior-level staff “bring new ideas to the table. The fact that they have less experience means that they are also more flexible to new ideas. That is a very important factor to have in an ever-growing company and market,” survey participant.  Said another: “They can bring new ideas

The month of October is widely acknowledged as Cybersecurity Awareness Month and an opportunity for the global community to join together in the mission of educating those outside of the profession with daily practices that can be implemented so that we may all live in a safer and more secure cyber world. This month reminds us that cybersecurity is for all and doesn’t have to be overly complicated. Together we can showcase the vast resources our community has to support all organizations and industries to keep their valuable information secure.   Access Resources  (ISC)² has curated a collection of informational resources to promote practical cybersecurity knowledge ranging from research reports to eBooks and videos, as well as training offerings. Check

Russian cybercrime, social media corruption and a tidal wave of malicious app downloads…. ​​Here are the latest threats and advisories for the week of September 30, 2022. Threat Advisories and Alerts CISA Issues Warning to OT/ICS Owners and Operators Operational technology/industrial control system (OT/ICS) assets continue to be an attractive target for cybercriminals, and ICS networks are rife with risk. OT/ICS technology has vulnerable IT components and large attack surfaces—and traditional security measures don’t adequately address modern threats. System owners should assume that they will be targeted. To mitigate attacks, operators and owners can limit the exposure of system information, conduct regular security audits and secure remote access points. Source: https://www.cisa.gov/uscert/ncas/alerts/aa22-265a Zero-Day Vulnerability Exploited in Sophos Firewall A new critical

One month after launching three new initiatives, (ISC)² Candidates, (ISC)² Certified in Cybersecurity SM and (ISC)² One Million Certified in Cybersecurity, aimed at addressing the cybersecurity workforce gap, we are thrilled to share our initial successes. We have seen a rapid adoption within the past 30 days of these programs among cybersecurity candidates looking to enter the field. The quick embrace highlights the importance of developing new and unique pathways to make cybersecurity careers more accessible worldwide. Through these initiatives, we are laying a strong foundation to encourage more people to explore the opportunities of a cybersecurity career. In fact, in the past month, we have seen 55,000 individuals sign up to become an (ISC)² Candidate – a program for individuals looking to pursue or consider a