Tag: (ISC)² Blog

LATEST CYBERTHREATS AND ADVISORIES – APRIL 14, 2023

Companies target sextortion victims, Google Play malware is hawked on dark marketplaces and zero-click spyware infects iPhones. Here are the latest threats and advisories for the week of April 14, 2023. By John Weiler Threat Advisories and Alerts Predatory Companies…

IDENTITY MANAGEMENT DAY 2023: Advice from Cyber Pros

Tomorrow, April 11 is Identity Management Day. This day serves as an annual reminder to increase awareness and education for leaders, IT decision-makers and the general public on the importance of identity management. The dangers of improper management of digital…

LATEST CYBERTHREATS AND ADVISORIES – APRIL 7, 2023

The U.S. government takes down another dark web forum, Western Digital suffers a cyberattack and the fastest acting ransomware to date. Here are the latest threats and advisories for the week of April 7, 2023. By John Weiler Threat Advisories…

(ISC)² Supports Cyber Newcomers

With more than 14,000 new Certified in Cybersecurity members joining (ISC)² last year and an additional 180,000+ Candidates gearing up to earn their first certification, (ISC)² will be supporting these cyber newcomers every step of the way. Recently, the Center…

Latest Cyberthreats and Advisories – March 31, 2023

By John Weiler Microsoft patches the “aCropalypse” vulnerability, ChatGPT leaks users’ billing information and the Latitude Financial breach expands to 14 million records. Here are the latest threats and advisories for the week of March 31, 2023. Threat Advisories and…

New CISSP Exam Registration Process for 2023

Looking to earn your (ISC)² CISSP certification? Make sure you follow these updated steps to register for your exam. Here is how you can register for the CISSP exam: Log in to your account at www.isc2.org and visit the Register…

Cybersecurity Industry News Review – March 28, 2023

By Joe Fay The U.K. writes a cybersecurity prescription for the NHS and for social care, data protection hardware is becoming a big security gap, security specialist MITRE partners up to tackle supply chain security threats, while the E.U. turns…

Cybersecurity Industry News Review – March 21, 2023

By Joe Fay The U.K. writes a cybersecurity prescription for the NHS and for social care, data protection hardware is becoming a big security gap, security specialist MITRE partners up to tackle supply chain security threats, while the E.U. turns…

Women in Cybersecurity – History to Today

This March, Women’s History Month, we shared the legacy of Grace Hopper and her trailblazing innovations in software development and computing, highlighted the must-watch webinars by in cybersecurity and met with cyber newcomer and (ISC)² Candidate Nidhi Kannoujia on the…

LATEST CYBERTHREATS AND ADVISORIES – MARCH 24, 2023

By John Weiler FBI arrests Breached hacking forum leader, smartphones hijacked without any user involvement and 330,000 customers compromised in Australia by a data breach. Here are the latest threats and advisories for the week of March 24, 2023. Threat…

Real Talk with CCSPs: An Interview with Panagiotis Soulos

“Cloud is the present, and the future. It affects everything, every day, both in business and our personal lives.” With these words Panagiotis Soulos summarizes his philosophy of why the CCSP credential is important to any cybersecurity professional. Panagiotis holds…

Cybersecurity Industry News Review – March 21, 2023

KillNet is bad for your health, TikTok facing further bans, ransomware impacts cancer test results, Russia allegedly increasing its cyberwarfare efforts. By Joe Fay Microsoft Demonstrates How KillNet Is Bad for Our Healthcare Sector Microsoft has highlighted a rise in…

(ISC)² Listens: Women Working in Cybersecurity

This month, we asked women in the (ISC)² Blog Volunteers group to weigh in on a few questions from their perspective as a female working in cybersecurity. While their experiences in the industry have varied, this group unanimously responded that…

Meet the 2023 (ISC)² Bylaws Committee

You spoke, and we listened – you want more opportunities to be involved and contribute to the decision-making process at (ISC)². Let’s get started. The (ISC)² Board of Directors Bylaws Committee will host the first in a series of webinars…

Cybersecurity Industry News Review – March 14, 2023

The U.K. Online Safety Bill triggers a security rebuke from WhatsApp, the Czech Republic concerned about TikTok, an international law enforcement effort shuts down the NetWire RAT infrastructure, while a study suggests workforce malaise towards reporting security incidents. By Joe…

Latest Cyberthreats and Advisories – March 10, 2023

By John Weiler Mexico timeshare scams, the DoppelPaymer ransomware gang gets busted and a major data leak rocks Oakland, California. Here are the latest threats and advisories for the week of March 10, 2023. Threat Advisories and Alerts FBI Issues…

LATEST CYBERTHREATS AND ADVISORIES – MARCH 10, 2023

By John Weiler Mexico timeshare scams, the DoppelPaymer ransomware gang gets busted and a major data leak rocks Oakland, California. Here are the latest threats and advisories for the week of March 10, 2023. Threat Advisories and Alerts FBI Issues…

What We Learned from The Royal Mail Ransomware Chat

By Dave Cartwright, CISSP In February 2023, something very unusual happened. Following a ransomware attack on Royal Mail International, a division of the U.K.’s (formerly state-owned) mail and parcel delivery service, the negotiation between the firm’s representatives and the LockBit…

Voices of Women in Cyber – (ISC)² Candidate Nidhi Kannoujia

By Nidhi Kannoujia, (ISC)² Candidate The cybersecurity industry is a dynamic and promising field that welcomes diverse perspectives. It requires individuals who understand the intricacies of other industries since security is a collective responsibility. While the security industry is embracing…

Grace Hopper: The Women Who Changed How We Code and Test

On International Women’s Day, we look back at the legacy of Rear Admiral Grace Hopper, an innovator and trailblazer in software development and standards for testing computer systems and components. It would be wrong, as we reach International Women’s Day…

Can a Barista Become Your Next SOC Analyst?

Spoiler alert: the obvious answer is not always the correct one! Migrating services, apps and data to the cloud is both promising and challenging. The advantages of scalability, flexibility, reduced operational costs and supporting a hybrid workforce can be eliminated…

Cybersecurity Industry News Review: March 7, 2023

Cybercrime may have less of a gender issue than cybersecurity, LastPass gives attack update, CISA warns on Royal ransomware gang while WHSmith and DISH Network count the cost after both suffer cyber attacks. Study: Gender No Barrier To Participating In…

LATEST CYBERTHREATS AND ADVISORIES – MARCH 3, 2023

Major U.S. government and corporate breaches, the White House enforces TikTok ban and the NCSC issues zero trust guidance. Here are the latest threats and advisories for the week of March 3, 2023. Threat Advisories and Alerts NCSC Publishes Guidance…

The Top Five Most Fun Cybersecurity Mistakes in TV and Movies

By Dave Cartwright, CISSP The mysterious world of cybersecurity can sometimes be wildly misrepresented on-screen, causing challenges for professionals charged with educating colleagues and other users. Movie and TV screenwriters have been known to play fast and loose with the…

Cybersecurity Industry News Review: February 28, 2023

By Joe Fay Australia to scrap cybersecurity rules as part of a new regime, ransoms bankroll further ransomware attacks, Dole and PyPi attacked, while the European Commission calls time on TikTok. Australia to Overhaul Cybersecurity Rules The Australian government is…

The Top 5 New Social Engineering Attacks in 2023

By John E. Dunn Forget vanilla phishing attacks – cybercriminals today have much more interesting tricks up their sleeves. MFA Fatigue Attacks When push notification via smartphone first appeared, it looked as if the industry had finally found a type…

The Significance of Key Risk Indicators in Organisations

By Vivek Soni, CCSP Key Risk Indicators (KRIs) are critical predictors/indicators of undesirable events that can adversely impact the organisation. These are the kind of metrics which are forward looking and contribute to the early warning sign that facilitates enterprise…

(ISC)² Security Congress 2023 Begins Call for Presentations

Practitioners from across the cybersecurity industry and the (ISC)² member community are invited to submit their session proposals as the cyber world begins its journey to Nashville. (ISC)² today launched its call for presentations for its annual (ISC)² Security Congress…

Provide Your Feedback on the CISSP-ISSEP Exam Outline

At (ISC)², we pride ourselves in our steadfast dedication to maintaining the relevance and quality of all the certifications in our portfolio. (ISC)² certifications are constantly being reviewed and updated to make sure they are serving the needs of professionals…

Succession Wealth Fails to Keep Cyber Attackers at Bay

By Joe Fay Aviva subsidiary assessing impact on data and customers. Wider group unaffected. Financial services giant Aviva’s recently acquired subsidiary Succession Wealth has been hit by a cyberattack, leaving it trying to assess the impact on a customer base…

Cybersecurity Industry News Review: February 21, 2023

By Joe Fay Think tank warns as economic, political, and cybersecurity risks collide. Accenture heads to Brazil, quantum security firm Sandbox fills up on cash and Biden loses cyber director. Washington Think Tank Warns on Economic Risk and Cybersecurity Increased…

Latest Cyberthreats and Advisories – February 17, 2023

Romance scams, high-profile attacks on major U.S. companies and an inside look at Royal Mail/Lockbit negotiations. Here are the latest threats and advisories for the week of February 17, 2023. Threat Advisories and Alerts U.S. And South Korean Governments Publish…

Cybersecurity Industry News Review: February 15, 2023

By Joe Fay NHS still recovering from ransomware incidents. Network firm employee confesses to data extortion, as U.S. cyber ambassador admits their Twitter account was hacked as the President turns to industry leaders to advise him. NHS Still Reconnecting After…

CAP Is Now Certified in Governance, Risk and Compliance (CGRC)

Effective today, the (ISC)² Certified Authorization Professional (CAP) certification is known as the Certified in Governance, Risk and Compliance (CGRC)TM. This name better represents the knowledge, skills and abilities required to earn and maintain this certification. Those who earn and…

Cybersecurity Industry News Review: February 15, 2023

By Joe Fay NHS still recovering from ransomware incidents. Network firm employee confesses to data extortion, as U.S. cyber ambassador admits their Twitter account was hacked as the President turns to industry leaders to advise him. NHS Still Reconnecting After…

LATEST CYBERTHREATS AND ADVISORIES – FEBRUARY 10, 2023

Cyberattacks wreak havoc on the U.K., LockBit brings big business to its knees and a massive VMware ransomware campaign. Here are the latest threats and advisories for the week of February 10, 2023. Threat Advisories and Alerts Massive Ransomware Campaign…

Calling All CISSP-ISSMP and CISSP Certification Holders

With the ever-changing landscape of the cybersecurity industry, it is important to keep certifications current, accurate and relevant – and we need help from you, the cybersecurity professionals, who hold certifications in the field. (ISC)² is exploring a new security…

Cybersecurity Industry News Review: February 7, 2023

By Joe Fay Derivatives traders, trainer trainers, and finger lickers all hit by ransomware. Russian hackers lash out after Ukraine tanks deal announced. Apple patches decade old devices. ION Markets Hit by “Cyber Security Event” Dublin-based data and software firm…

Juggling the Demands of a Multicloud Environment

Digitization has evolved to include cloud computing in the delivery of computing services, reduction of costs, improvement of agility, and cloud security. The emergence of various cloud solutions has led organizations towards migrating assets from on-prem to the cloud with…

Essential Team Building for Strong Cloud Security

Dependence on the cloud in the modern era is no secret. The growth in cloud applications for both professional and personal use has proved unrelenting as critical applications and services are made solely available through cloud access. In a press…

LATEST CYBERTHREATS AND ADVISORIES – FEBRUARY 3, 2023

Cybercriminals for hire, Hive ransomware is busted and the JD Sports breach impacts millions of sportswear buyers. Here are the latest threats and advisories for the week of February 3, 2023. Threat Advisories and Alerts U.S. Security Agencies Warn of…

Cybersecurity Industry News Review – 31 January 2023

By: Joe Fay U.S. looks for half a million cybersecurity professionals, ransomware victims less likely to pay up, analyst warns on Chinese smart device spy threat…but RSA encryption safe from Quantum cracking for now. U.S. struggles with shortage of cybersecurity…

Essential Team Building for Strong Cloud Security

Dependence on the cloud in the modern era is no secret. The growth in cloud applications for both professional and personal use has proved unrelenting as critical applications and services are made solely available through cloud access. In a press…

Cybersecurity Industry News Review – 31 January 2023

By: Joe Fay U.S. looks for half a million cybersecurity professionals, ransomware victims less likely to pay up, analyst warns on Chinese smart device spy threat…but RSA encryption safe from Quantum cracking for now. U.S. struggles with shortage of cybersecurity…

How are you marking data privacy day?

By: Joe Fay Data Privacy Day (known as Data Protection Day in Europe) falls this Saturday (January 28) and if you haven’t worked out how to mark the day yet, tech vendors and organizations are more than willing to help.…

Latest Cyberthreats and Advisories – January 27, 2023

Alerts from national cybersecurity agencies, gaming developer attacks and the Mailchimp/FanDuel breach. Here are the latest threats and advisories for the week of January 27, 2023. Threat Advisories and Alerts CISA Publishes Report to Help Protect Schools from Cyberthreats The…

LATEST CYBERTHREATS AND ADVISORIES – JANUARY 27, 2023

Alerts from national cybersecurity agencies, gaming developer attacks and the Mailchimp/FanDuel breach. Here are the latest threats and advisories for the week of January 27, 2023. Threat Advisories and Alerts CISA Publishes Report to Help Protect Schools from Cyberthreats The…

How to Earn Your (ISC)² Certification

We are excited to have more than 130,000 individuals become (ISC)² Candidates since launching in September 2022. Many of them will go on to earn their Certified in Cybersecurity (CC) as part of our One Million Certified in Cybersecurity pledge.…

LATEST CYBERTHREATS AND ADVISORIES – JANUARY 20, 2023

TikTok is fined for a privacy violation, major corporations suffer breaches and Vice Society attacks another school. Here are the latest threats and advisories for the week of January 20, 2023. Threat Advisories and Alerts U.K. School Survey Reveals Surprising…

LATEST CYBERTHREATS AND ADVISORIES – JANUARY 13, 2023

Cybercriminals attack schools, the FCC looks to change data breach rules and artificial intelligence alters the cybersecurity landscape. Here are the latest threats and advisories for the week of January 13, 2023. Threat Advisories and Alerts How Businesses Can Securely…

Help Shape the CGRC Exam – Formerly Known As CAP

As practitioners know all too well, it is paramount to remain up to date with the changing landscape of cybersecurity. We regularly conduct Job Task Analysis (JTA) studies to review exam content and outlines to ensure the accuracy, relevance and…

Latest Cyberthreats and Advisories – January 6, 2023

The LockBit ransomware gang apologizes, Google settles privacy lawsuits and cybercriminals impersonate brands and the U.K. government. Here are the latest threats and advisories for the week of January 6, 2023. Threat Advisories and Alerts Cybercriminals Impersonate Brands with Search…

CISSP-ISSAPs – We Need Your Input

With more than 150,000 CISSPs around the world, some of you have asked – what’s the next step? For many of you, that next step is one of the CISSP concentrations focused on security architecture, engineering or management. The CISSP-ISSAP…