Insights from the 2017 Global Information Security Workforce Study show that the IT players in your organization may be the key to filling the looming cybersecurity workforce gap. The survey was taken by 10,584 cyber and information security professionals in North America, and showed a projected 265,000 industry jobs will be left unfilled in 2022. Practitioners back up that data, with 68 percent indicating their organizations had too few security professionals. Filling a gap of that size with qualified professionals is daunting, but the help may already be in your organization in the information technology department. In North America, 87 percent of survey respondents indicated that cybersecurity was not their first career – and of those professionals, 70 percent were

From IoT to GoT, budget issues to interview busts, here are the top security headlines for the week of July 17, 2017: Who is a target for ransomware? Short answer: everyone. But education, government and healthcare organizations top the list. In math that doesn’t seem to add up, UK businesses estimate they would spend £1.1m to recover from a breach, but only 14.4% of their organisation’s operation budget is spent on infosec. We’ve mentioned the cybersecurity workforce gap a time or two, but what are entry-level job seekers doing that keeps them from getting the gig? Verizon has been breached and as many as 14 million subscribers may have had their records revealed. So maybe you should be asking, “Can

By Yves Le Roux, CISSP, CISM, Co-Chair, Europe, Middle East and Africa Advisory Council (EAC) Recently our GDPR Task Force has found that despite efforts to prepare for the incoming regulation, many practitioners are finding that there is actually a lot more to do than originally anticipated, and are still in “discovery mode” about what data they hold. Data being fragmented and contained within individual business units means that knowing where data sets reside and mapping their flow is proving challenging. Businesses have just realised the mammoth task ahead of them Many businesses are still stuck in the initial stages of establishing their inventories of information, or not yet having support from the board and business units of their organisations,

Nominations are open for the first-ever (ISC)² EMEA Information Security leadership Awards (ISLA) to recognize the achievements of your fellow cyber, information, software and infrastructure security professionals across Europe, the Middle East and Africa. This is a great opportunity to showcase the outstanding work and remarkable contributions the profession is making despite the challenges and widening skills gap we face. The 2017 Global Information Security Workforce Study confirms more than two thirds of the region’s hiring managers are looking to expand their teams in the next 12 months, and about half are struggling to find qualified talent for their roles. This stems in part from a poor articulation of the profession and the opportunities it presents. The ISLAs are designed

If you’ve attended any of our (ISC)² ThinkTank Webinars (and we hope you have!) you know that moderator Brandon Dunlap shares your questions with panelists to answer during the session. While we can’t get to all questions, we’d like to address a few more here on our blog. Last week’s webinar was “The Human Target – The Tip of the Spear is Aimed at You”, with panelists Ira Winkler, president of Secret Mentem, Sylvester Gray, security product specialist at Sophos and Johnny Deutsch, senior manager, advanced security center at Ernst & Young, LLP. Thank you to our panelists for sharing their expertise - let’s continue the conversation, shall we?  To what extent are the “phishermen” sharing information about potential targets