We held our first-ever (ISC)² SECURE Singapore event earlier this month. The in-person event saw leading cybersecurity experts from around the region engaging in discussions around cybersecurity amid profound changes and disruption around the world, and a global workforce gap.  David Koh, Commissioner of Cybersecurity and Chief Executive of the Cyber Security Agency of Singapore (CSA), started off the event with a keynote address. He argued that cybersecurity is akin to a team sport, where all organizations and individuals have a vital part to play in combating cyber crimes. Clar Rosso, CEO of (ISC)², and Zachary Tudor, CISSP, chair of the (ISC)² Board of Directors and Associate Laboratory Director of Idaho National Laboratory's National and Homeland Security Directorate, then joined

Callback scams, ransomware, Windows attacks and phishing … here are the latest cybersecurity threats and advisories for the week of July 15, 2022. Threat Advisories and Alerts North Korea State-Sponsored Cybercriminals Target U.S. Healthcare Organizations North Korea state-sponsored cyber actors are infecting the systems of U.S. healthcare organizations with Maui ransomware. The malware encrypts the servers of healthcare services—which can freeze up their electronic health care records, diagnostic services, imaging services and other critical functions—disrupting their operations for prolonged periods. Why are healthcare organizations targets? They are more likely to pay ransoms. According to Sophos' State of Ransomware in Healthcare 2022 report, 61% of healthcare organizations agreed to pay, which is a rate 15% higher than the global average. Source:

Infosecurity Europe is unquestionably the biggest and most significant cybersecurity conference and event on the European calendar, a mainstay that is enjoyed by the entire industry and that serves as an important opportunity for members to meet each other and engage with the (ISC)² team on our stand. Like so many key industry events, Infosecurity Europe has been operating as a virtual event for the last two years due to the pandemic but made a triumphant return to physical being this year along with a move to a brand new venue. 2022 saw the show move from London’s Olympia Exhibition Center to ExCel in East London, a larger and more modern facility capable of accommodating the growing show and expanding

By Ala' F. Wrikat, MSc, CISSP, CISM. Ala' is currently a specialist in policies and strategic studies at the Financial-sector's CERT of Jordan. Defense in depth strategy has proven its effectiveness in preventing cyber threats over the years. At the abstract level, most technical security controls are designed with two main components; 1) a knowledge base, and 2) a matching engine. Each security product has its own version of a growing knowledge base of feeds (whatever these feeds are). The content and how frequent these knowledge bases get updated are often the basis of competition between vendors. In this context, where these knowledge bases are complementary, defense in depth is meaningful. However, with the emergence of Artificial Intelligence (AI) and

Internet of Things (IoT) devices are now everywhere. Ever since the earliest devices started to appear on the market, in homes, and worse, in corporations, security professionals have sounded the alarm about how these devices were built with no security in mind. Now, the National Institute of Standards and Technology (NIST) has released new draft guidance documents on securing these devices, both before release, as well as acquisition, and integration. These new publications will serve both corporations and consumers in a positive way. However, like any technical directions, the ideas set forth are only effective in capable and qualified hands.  To learn more about this topic, read our latest article. Read the Article. Want to Learn More About CISSP? To