Tag: (ISC)² Blog

The rise of new ransomware gangs, and cyberattacks on Uber and California’s Department of Finance make headlines this week. Here are the latest threats and advisories for the week of December 16, 2022. Threat Advisories and Alerts UK Government Sets…

Read more →

The success of our membership-driven organization is closely linked to the effort that each certification holder puts into the organization. At (ISC)², we are fortunate to have a highly engaged membership that actively contributes to our success through volunteer opportunities.…

Read more →

The (ISC)² Annual Meeting was held today (December 14, 2022), and below are the key outcomes from the meeting: Bylaw Vote Results The (ISC)² Board of Directors submitted bylaw amendments to the membership. The amendments were put to a vote…

Read more →

As you know, cybersecurity is a constantly changing field. In order to maintain the accuracy, relevance and excellence of (ISC)² exams, we regularly conduct Job Task Analysis (JTA) studies to review and update exam outlines. JTAs are a methodical process…

Read more →

As organizations, applications, and users alike continue their journey toward the cloud, the demand for cybersecurity professionals with experience in cloud security increases. The knowledge and skills gap are the biggest concerns for all cloud-first organizations. According to the 2022…

Read more →

Chinese actors attack North America, Cuba ransomware and vendors start their predictions for 2023…. Here are the latest threats and advisories for the week of December 9, 2022. Threat Advisories and Alerts CISA Sounds the Alarm on Cuba Ransomware The…

Read more →

By Dustin Perkins, CISSP, Senior Governance, Risk and Compliance Consultant for the US Region of CyberCX. Cybersecurity has proven a growing interest and concern among both the private and public sectors and, for those contracted to do business with the…

Read more →

Organizations around the world are being targeted – often from an unseen enemy. Cyberthreats are a plague on systems and data, and combatting them is costly and time-consuming. In order to defend against bad actors, organizations need the talent and…

Read more →

World Cup fraud, Chinese tech bans and a social media cyberstorm hit headlines this week. Here are the latest threats and advisories for the week of December 2, 2022. Threat Advisories and Alerts NCSC Urges Christmas Shoppers to be Vigilant…

Read more →

A member recap of “Achieving Data Security and Analytics with AI” presented by Glendon Schmitz at (ISC)² Security Congress 2022. By Angus Chen, CISSP, CCSP, PMP, MBA Although “data is the new oil”, there are many problems with working on…

Read more →

The following individuals were elected to the Board and will begin their three-year term in January 2023: Laurie-Anne Bourdain, CISSP – Belgium Edward Farrell, SSCP, CISSP – Australia Nalneesh Gaur, CISSP-ISSAP – United States Guy Ngambeket, CISSP – United Arab…

Read more →

A member recap of Dr. Thomas Scanlon’s session at (ISC)² Security Congress 2022 by Angus Chen, CISSP, CCSP, MBA, PMP. Dr. Scanlon started his talk by showing images of women and posing a question to the audience: Can you spot…

Read more →

Beware the BatLoader, the NSA calls for more memory-safe programming language use and ransomware causes more trouble in Australia….Here are the latest threats and advisories for the week of November 18, 2022. Threat Advisories and Alerts Researchers Sound Alarm on…

Read more →

Beware the BatLoader, The NSA calls for more memory safe programming language use and ransomware causes more trouble in Australia….Here are the latest threats and advisories for the week of November 18, 2022. Threat Advisories and Alerts Researchers Sound Alarm…

Read more →

(ISC)² recently announced an expansion of its diversity, equity and inclusion (DEI) initiative through partnerships with several organizations around the world. “It’s no secret that the cybersecurity industry isn’t nearly as diverse as it should be,” said Dwan Jones, director…

Read more →

By Dr. Fulvio Arreghini, CSSLP, Head of International Sales at INFODAS GmbH. Fulvio is a CDR of the Italian Navy (reserve). He has an Master Degree in communication engineering and a PhD in Information engineering. During his active service in…

Read more →

(ISC)² recently announced an expansion of its diversity, equity and inclusion (DEI) initiative through partnerships with several organizations around the world. “It’s no secret that the cybersecurity industry isn’t nearly as diverse as it should be,” said Dwan Jones, director…

Read more →

What do you get when you cross a teacher with an entrepreneur who also has a passion for cybersecurity? You get Matt Lee. Matt is the Senior Director of Security and Compliance at Pax8, where he is a force multiplier…

Read more →

Microsoft security updates, Trojans attack Google and the SEC announces enforcement action for SolarWinds….Here are the latest threats and advisories for the week of November 11, 2022. Threat Advisories and Alerts FBI Announces That Hacktivist DDoS Attacks Can Have Minimal…

Read more →

By Chinatu Uzuegbu, CISSP, CEO/Managing Cyber Security Consultant at RoseTech CyberCrime Solutions Ltd. (ISC)² Security Congress 2022 was a huge success with engaging speakers from around the world filled with insights. The theme of this year’s event was Empower a…

Read more →

Regardless of what the economy or job market is doing, a career in cybersecurity promises near limitless possibilties. And with the current threats to cyber stability around the world, there’s never been a greater urgency for cybersecurity professionals. The latest…

Read more →

Cyberattacks on Dropbox, Europe’s biggest copper producer and another Australian business make this week’s headlines. Here are the latest threats and advisories for the week of November 4, 2022. Threat Advisories and Alerts Google Chrome Suffers Seventh Zero-Day Vulnerability of…

Read more →

Over the past two years, the workforce has changed in unimaginable ways. Hybrid work is now the norm, leadership strategies have evolved to encompass the new way of work, and workers are taking the time to decide if they actually…

Read more →

(ISC)² has added additional insights to the Bylaws amendment documentation to address specific questions raised by our members. You can review the entire Bylaws packet here, and we are sharing the added rationale for changes below. All members are encouraged…

Read more →

This Cybersecurity Awareness Month we are reviewing the three sides of mentorship by speaking with members who are experienced mentors, mentees and those who have taken part in reverse mentorship. Review our part one blog and hear from experienced mentors.…

Read more →

As cyberthreats continue to make daily headlines, the need for security experts is at an all-time high. Yet talent is scarce. Research shows the cybersecurity workforce needs an influx of 2.7 million professionals to meet global demand. Near limitless job…

Read more →

Over the past two years, the workforce has changed in unimaginable ways. Hybrid work is now the norm, leadership strategies have evolved to encompass the new way of work, and workers are taking the time to decide if they actually…

Read more →

(ISC)² has added additional insights to the Bylaws amendment documentation to address specific questions raised by our members. You can review the entire Bylaws packet here, and we are sharing the added rationale for changes below. All members are encouraged…

Read more →

A reminder to all (ISC)² certified members in good standing as of October 2, voting is now open for the amendments to the (ISC)² Bylaws. Any individual who has earned an (ISC)² certification and is an active member in good…

Read more →

This Cybersecurity Awareness Month we are reviewing the three sides of mentorship by speaking with members who are experienced mentors, mentees and those who have taken part in reverse mentorship. Review our part one blog and hear from experienced mentors.…

Read more →

As cyberthreats continue to make daily headlines, the need for security experts is at an all-time high. Yet talent is scarce. Research shows the cybersecurity workforce needs an influx of 2.7 million professionals to meet global demand. Near limitless job…

Read more →

This Cybersecurity Awareness Month we are looking at three sides of mentorship from the mentor’s perspective, the mentee’s insights and reverse mentorship. Follow along with us though this three-part interview series highlighting member perspectives from varying industries. In this first…

Read more →

A reminder to all (ISC)² certified members in good standing as of October 2, voting is now open for the amendments to the (ISC)² Bylaws. Any individual who has earned an (ISC)² certification and is an active member in good…

Read more →

Many developing countries lack the resources to secure valuable information and data effectively. To strengthen cyber defenses in these economies, additional cybersecurity professionals are needed – with the right skills and knowledge – to defend critical assets. Understanding the challenge…

Read more →

Ransomware derails big businesses as the Australian cyberattack spree and student loan forgiveness scam highlight a disturbing week in the cybersecurity world. Here are the latest threats and advisories for the week of October 21, 2022. Threat Advisories and Alerts…

Read more →

The cybersecurity field has become larger than ever, but as the ranks of cybersecurity professionals increase, so does the workforce gap. The 2022 (ISC)² Cybersecurity Workforce Study reveals the workforce has grown to 4.7 million, an 11% increase from a…

Read more →

The UK Cyber Security Council, the self-regulatory body for the UK’s cyber security profession, today announced the commencement of a pilot project to award professional standards titles to cybersecurity professionals, up to Chartered status. (ISC)² is one of two bodies,…

Read more →

This Cybersecurity Awareness Month we are looking at three sides of mentorship from the mentor’s perspective, the mentee’s insights and reverse mentorship. Follow along with us though this three-part interview series highlighting member perspectives from varying industries. In this first…

Read more →

Many developing countries lack the resources to secure valuable information and data effectively. To strengthen cyber defenses in these economies, additional cybersecurity professionals are needed – with the right skills and knowledge – to defend critical assets. Understanding the challenge…

Read more →

The cybersecurity field has become larger than ever, but as the ranks of cybersecurity professionals increase, so does the workforce gap. The 2022 (ISC)² Cybersecurity Workforce Study reveals the workforce has grown to 4.7 million, an 11% increase from a…

Read more →

The UK Cyber Security Council, the self-regulatory body for the UK’s cyber security profession, today announced the commencement of a pilot project to award professional standards titles to cybersecurity professionals, up to Chartered status. (ISC)² is one of two bodies,…

Read more →

With the ongoing threat of data breaches and cyberattacks in our increasingly connected world, organizations everywhere need professionals to protect their operations, data and critical assets. Yet talent to fill these vital roles is scarce. Near limitless job opportunities in…

Read more →

Many developing countries lack the resources to secure valuable information and data effectively. To strengthen cyber defenses in these economies, additional cybersecurity professionals are needed – with the right skills and knowledge – to defend critical assets. Understanding the challenge…

Read more →

A common theme that permeates (ISC)² Security Congress each year is the need to work collaboratively against cyber adversaries. This year was no different, as speaker after speaker during the event in Last Vegas stressed the importance of collaboration, information-sharing…

Read more →

The UK Cyber Security Council, the self-regulatory body for the UK’s cyber security profession, today announced the commencement of a pilot project to award professional standards titles to cybersecurity professionals, up to Chartered status. (ISC)² is one of two bodies,…

Read more →

With the ongoing threat of data breaches and cyberattacks in our increasingly connected world, organizations everywhere need professionals to protect their operations, data and critical assets. Yet talent to fill these vital roles is scarce. Near limitless job opportunities in…

Read more →

A common theme that permeates (ISC)² Security Congress each year is the need to work collaboratively against cyber adversaries. This year was no different, as speaker after speaker during the event in Last Vegas stressed the importance of collaboration, information-sharing…

Read more →

A new world order is taking shape as private enterprise, in the form of technology companies, start playin a decisive role in geopolitical events, said Ian Bremmer, the president and founder of Eurasia Group. Speaking to an audience gathered in…

Read more →

With the current threats to cyber stability around the world, there’s never been a greater urgency for cybersecurity professionals than now. Organizations are investing more time, money and talent to detecting and mitigating cyberattacks. The result is a boom in…

Read more →

The cybersecurity community grew by 11% over the past year to 4.7 million professionals around the globe, but so did the skills gap. In fact, the gap widened at the faster pace of 25%, leading to 3.4 million vacancies, according…

Read more →

A new world order is taking shape as private enterprise, in the form of technology companies, start playin a decisive role in geopolitical events, said Ian Bremmer, the president and founder of Eurasia Group. Speaking to an audience gathered in…

Read more →

In a thought-provoking presentation during Security Congress, Walmart’s chief security architect challenged cybersecurity professionals to take a more scientific approach to their work. Ira Winkler urged organizations to implement comprehensive behavioral cybersecurity programs that use statistical analysis to understand human…

Read more →

With the current threats to cyber stability around the world, there’s never been a greater urgency for cybersecurity professionals than now. Organizations are investing more time, money and talent to detecting and mitigating cyberattacks. The result is a boom in…

Read more →

When an organization suffers a ransomware attack, how well they can respond comes down to preparedness. An up-to-date, comprehensive incident response plan (IRP) can make a big difference, said Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea. Joseph…

Read more →

The approach to cybersecurity historically has revolved around self-interest. It’s time to change that to think about the collective, according to Ciaran Martin, founder of the U.K.’s National Cyber Security Centre. “We’re all interested in cybersecurity because we’re professionals, but…

Read more →

The cybersecurity community grew by 11% over the past year to 4.7 million professionals around the globe, but so did the skills gap. In fact, the gap widened at the faster pace of 25%, leading to 3.4 million vacancies, according…

Read more →

The approach to cybersecurity historically has revolved around self-interest. It’s time to change that to think about the collective, according to Ciaran Martin, founder of the U.K.’s National Cyber Security Centre. “We’re all interested in cybersecurity because we’re professionals, but…

Read more →

The approach to cybersecurity historically has revolved around self-interest. It’s time to change that to think about the collective, according to Ciaran Martin, founder of the U.K.’s National Cyber Security Centre. “We’re all interested in cybersecurity because we’re professionals, but…

Read more →

In a thought-provoking presentation during Security Congress, Walmart’s chief security architect challenged cybersecurity professionals to take a more scientific approach to their work. Ira Winkler urged organizations to implement comprehensive behavioral cybersecurity programs that use statistical analysis to understand human…

Read more →

When an organization suffers a ransomware attack, how well they can respond comes down to preparedness. An up-to-date, comprehensive incident response plan (IRP) can make a big difference, said Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea. Joseph…

Read more →

(ISC)² CEO Clar Rosso opened Security Congress in Las Vegas today by revealing this year’s event theme – EMPOWER. “Security Congress is about (ISC)² helping to empower you to strengthen your efforts against the bad guys, helping you to more…

Read more →

One of the many things that makes the (ISC)² community special is we have members who seek out challenges and we see that demonstrated by our (ISC)² Board of Directors. The board, elected by members, is made up of all…

Read more →

U.S. government cyber alerts, updates on major data breaches and U.K. privacy crime…. Here are the latest threats and advisories for the week of October 7, 2022. Threat Advisories and Alerts Voters Should Remain Vigilant of Cyber-tampering Ahead of U.S.…

Read more →

This continues our recognition of our Global Achievement Award recipeints. Click here to read more about our award honorees in part one. (ISC)² Government Professional Award Recognizing government information security leaders whose commitment to excellence has helped to improve government…

Read more →

Russian cybercrime, social media corruption and a tidal wave of malicious app downloads…. ​​Here are the latest threats and advisories for the week of September 30, 2022. Threat Advisories and Alerts CISA Issues Warning to OT/ICS Owners and Operators Operational…

Read more →

One month after launching three new initiatives, (ISC)² Candidates, (ISC)² Certified in Cybersecurity SM and (ISC)² One Million Certified in Cybersecurity, aimed at addressing the cybersecurity workforce gap, we are thrilled to share our initial successes. We have seen a…

Read more →

Congratulations to the following security professionals recognized for their outstanding contributions to the cybersecurity industry. The annual (ISC)² awards honor exceptional practitioners for their commitment to a safer cyber world for one and all. Each will be honored at next…

Read more →

This continues our recognition of our Global Achievement Award recipeints. Click here to read more about our award honorees in part one. (ISC)² Government Professional Award Recognizing government information security leaders whose commitment to excellence has helped to improve government…

Read more →

What is the true value of a cybersecurity certification? Many people may underestimate the depth of knowledge that is required to earn the designation of a certified security professional. Along with that, many do not recognize the global reach of…

Read more →

Congratulations to the following security professionals recognized for their outstanding contributions to the cybersecurity industry. The annual (ISC)² awards honor exceptional practitioners for their commitment to a safer cyber world for one and all. Each will be honored at next…

Read more →

What is the true value of a cybersecurity certification? Many people may underestimate the depth of knowledge that is required to earn the designation of a certified security professional. Along with that, many do not recognize the global reach of…

Read more →

The Deadline is Approaching, Your Voice Can Make a Difference in Protecting Privacy The U.S. Federal Trade Commission (FTC) is looking for public input regarding new cybersecurity regulations. (ISC)² members and trained cybersecurity professionals can provide valuable insight into best…

Read more →

Cyberattacks on the video game industry, big-name brand data breaches and the Tea Pot gangster make headlines this week. Here are the latest threats and advisories for the week of September 23, 2022. Threat Advisories and Alerts Iranian Cybercriminals Target…

Read more →

This year’s (ISC)² Security Congress will feature increased opportunities to network with your peers and will be engaging whether you are joining in-person or virtually. We are looking forward to our first ever hybrid Security Congress where we will be…

Read more →

The Deadline is Approaching, Your Voice Can Make a Difference in Protecting Privacy The U.S. Federal Trade Commission (FTC) is looking for public input regarding new cybersecurity regulations. (ISC)² members and trained cybersecurity professionals can provide valuable insight into best…

Read more →

This year’s (ISC)² Security Congress will feature increased opportunities to network with your peers and will be engaging whether you are joining in-person or virtually. We are looking forward to our first ever hybrid Security Congress where we will be…

Read more →

Vulnerabilities in popular tech, major WordPress plugin attacks and phishing, highlight this week’s cybersecurity news. Here are the latest threats and advisories for the week of September 16, 2022. Threat Advisories and Alerts Security Updates Released for Apple Zero-Day Vulnerabilities…

Read more →

We look forward to seeing you in the Expo Hall, the heart of Security Congress. On-site, we will be filling up the Octavius Ballroom at Caesars Palace with 30+ partners, sponsors and exhibitors and can’t miss events. Kick off your…

Read more →

Earlier this year, (ISC)² hosted a webinar about a new kind of challenge facing cybersecurity: machine identity management. Although this security component has only received sizable attention over the last couple of years, Gartner ranked it among the top eight…

Read more →

A ransomware onslaught, a massive IRS data leak and cyberattacks on public transit and school systems…. Here are the latest threats and advisories for the week of September 9, 2022. Threat Advisories and Alerts Ransomware Group Vice Society Preys on…

Read more →

Depending on the organization, entry- and junior-level cybersecurity professionals are assigned an assorted mix of tasks, according to new (ISC)² research. Junior-level employees typically are trusted to handle most tasks, the research shows. The findings come from a survey of…

Read more →

Congratulations to the more than 1,500 individuals who passed the (ISC)² Certified in Cybersecurity℠ during our pilot program. They are now on their path to full certification! If you’ve passed the Certified in Cybersecurity exam, our entry-level certification, you have…

Read more →

Cryptocurrency crime, tech vulnerabilities and high-profile breaches rock the cybersecurity world this week. Here are the latest threats and advisories for the week of September 2, 2022. Threat Advisories and Alerts Over $1 Billion Stolen in Cryptocurrency on Decentralized Finance…

Read more →

(ISC)² is making a cybersecurity career more accessible. As part of our commitment to help close the cybersecurity workforce gap and diversify those working in the field, we are offering FREE (ISC)² Certified in Cybersecurity Online Self-Paced Training and exams…

Read more →

“The unfilled demand of cybersecurity positions is 2.72 million, down from 2020. However, it is primarily coming from Asia because every region around the globe went up, demand outpacing supply, except for in Asia,” Clar Rosso said in discussing the…

Read more →

The following letter was sent by (ISC)² CEO Clar Rosso to all (ISC)² members and associates, sharing insights into several developments at (ISC)² focused on addressing the workforce gap and creating cybersecurity career opportunities for more people worldwide. Dear Members,…

Read more →

Today, (ISC)² launched a new initiative so that anyone can join our association as an (ISC)² Candidate. When you become an (ISC)² Candidate, you’ll gain access to many of the benefits and resources that (ISC)² certified members and Associates of…

Read more →

The Career Center is back at (ISC)² Security Congress, and this year it’s hybrid! Open October 10-12, the Career Center will offer on-site and virtual events on the first two days, with the final day reserved exclusively for virtual sessions.…

Read more →

We are excited to announce that more than 1,500 individuals, who passed the exam during our pilot program, are now on their path to full certification with the (ISC)² Certified in Cybersecurity℠, – our entry-level certification. These newly awarded certified…

Read more →

IT fiascos in healthcare, a dramatic rise in cyberattacks and an FBI warning highlight this week’s cybersecurity news. Here are the latest cybersecurity threats and advisories for the week of August 26, 2022. Threat Advisories and Alerts Credential Stuffing Attacks…

Read more →

As organizations consider recalling workers back to the office, many are finding resistance – and in some cases, open revolt. Employees have become accustomed to the work-from-home (WFH) lifestyle and they aren’t necessarily willing to trade it for commutes and…

Read more →

Did you catch The ‘Hottest’ IT Security Technologies in 2022 webinar? If not, we are here to share the key takeaways. Steve Piper, CISSP, CEO and Founder of CyberEdge Group joined moderator Brandon Dunlap in this initial kickoff of a…

Read more →

The need for cybersecurity professionals has been building for years, and nearly exponentially since the beginning of the global pandemic. At this point, it’s painfully evident there’s a wide talent gap in the field, and research proves it — the…

Read more →

Big tech breaches, the rise of callback phishing and joint advisories issued by CISA…here are the latest cybersecurity threats and advisories for the week of August 19, 2022. Threat Advisories and Alerts Cybercriminals Exploit Zimbra Vulnerabilities CISA and MS-ISAC have…

Read more →

One of the biggest challenges cybersecurity teams face, aside from constantly having to foil threat actors, is to integrate data from the various tools they use to protect their organizations. But relief may be on the way in the form…

Read more →

The Small Business Cybersecurity Act, S.4701 has been introduced by U.S. Sen. Maggie Hassan, D- N.H. Designed to bolster small businesses’ cybersecurity by providing funding to Small Business Development Centers. In 2020, Senator Hassan worked to secure federal funding to…

Read more →

By Jagadish Paranthaman, CISSP, Global Cybersecurity Solutions Architect at Avanade Zero Trust is a cybersecurity model centered around an end-to-end approach for resource and data protection with a principle not to trust completely but conduct continual verification. Zero Trust assumes…

Read more →

Cyberattacks hit global companies, critical vulnerabilities discovered in top tech products and the top malware strains of 2021 make headlines this week. Here are the latest cybersecurity threats and advisories for the week of August 12, 2022. Threat Advisories and…

Read more →

Build confidence for exam day or expand your knowledge by attending Official (ISC)² Pre-Conference Training the weekend ahead of (ISC)² Security Congress. Participate by arriving in Las Vegas a couple of days early or maximize your time by joining in…

Read more →

In late 2021, the Open Web Application Security Project® (OWASP®) Foundation released a revised list of the 10 most critical security risks to web applications. The OWASP Top 10 list is the foundation’s flagship project for guidance on securing web…

Read more →