This is (ISC)² Management's Typepad Profile.
Join Typepad and start following (ISC)² Management's activity
Join Now!
Already a member? Sign In
(ISC)² Management
A compilation of thoughts from members of the (ISC)2 leadership team.
Recent Activity
Image
Name: James Packer Title: Security and Cloud Specialist Employer: KPMG UK LLP Location: London, UK Education: Information Technology and Security Years in IT: 10 Years in Cybersecurity: 5 Cybersecurity Certifications: CISSP, CCSP, CIS F ISO27001 How did you get in to a career in cybersecurity? I’d say I’m like countless security professionals out there, I first started in IT and security was just a part of my job, inherent in every role I performed. I started in desktop support, progressing through the service desk lines to a managerial role, before moving in to projects and architecture- “solutionising” as I call... Continue reading
Posted 8 hours ago at (ISC)² Blog
Image
If leadership truly does come from the top, having Kirstjen Neilsen as the newest Homeland Security secretary may prove promising when it comes to filling the jobs gap. After all, she’s the first person to bring industry experience to the role. Few things have the ability to obliterate people’s passion for their work like a terrible boss, especially when that boss lacks the knowledge and skills needed to guide an organization’s growth. But Kirstjen Neilsen certainly has the potential to really reform and improve the Department of Homeland Security. It’s exciting times, but that is not all the notable news... Continue reading
Posted 3 days ago at (ISC)² Blog
Image
When Uber’s massive data breach made it to the public’s ears recently, it became a member of an infamous group of companies who not only had vital customer data stolen, but who sat on the story and did not inform the public or the media until much later. The reasons for data breaches vary, but are heavily tinted by human errors and the presence of unprotected files or weaknesses on cloud servers. This is something that should make all cloud service providers (CSPs) sit up and take notice. Bad PR for one is bad PR for all. The fact is,... Continue reading
Posted 4 days ago at (ISC)² Blog
Image
By Cevn Vibert, ICS Industrial Cyber Physical Security Advisor Cevn will be hosting the session Grass Roots Industrial Control Security at (ISC)² Secure Summit UK, between 12th and 13th December 2017. The industrial cybersecurity market is facing rapid changes as more threats are discovered, more impact is felt by end-users and cybersecurity vendors vie for leadership. My session will highlight both alerts and advice for end-users of automation and control systems (ICS/OT), as well as selected advisory notes for practitioners of Industrial Cyber Physical Security. Strategic methodologies and programmes of activities for mitigation of impacts on IIOT, IOT and how... Continue reading
Posted 5 days ago at (ISC)² Blog
Image
Name: Mario Damar Bardowell Title: Security Analyst Employer: Leidos Location: Orlando, Florida, U.S.A. Degree: B.S. in Network Systems Communications Years in IT: 8 Years in information security: 2 Cybersecurity certifications: SSCP, CISSP, CompTIA’s CASP and Security +, CEH How did you decide upon a career in cybersecurity? The decision to pursue a career in cybersecurity was made due to the impression I received when I got a chance to work with an information security professional in my very first role as a help desk analyst. The man was sharp and always did things by the book. He didn't cut corners... Continue reading
Posted 6 days ago at (ISC)² Blog
Image
It’s not only the tech sector that’s talking about cybersecurity. The cybersecurity industry has been advocating for awareness training for the better part of the last decade, and since the Equifax breach, security has gone mainstream. With its new popularity, cybersecurity has evolved into a hot political issue as well. One result of the attention is increased regulations, which has many defense contractors scrambling to meet the December 31, 2017 deadline for Defense Federal Acquisition Regulation Supplement (DFARS) compliance. In a year of many major breaches, legislators are eager to move forward on the Consolidated Audit Trail (CAT) project to... Continue reading
Posted Dec 1, 2017 at (ISC)² Blog
Image
Following the jubilant moment of finding out you have achieved a passing score on your (ISC)² exam, you’re now ready for the endorsement process – but what does that actually mean? First, believe us when we say that the hard part is over! You’ve already passed the exam, and there’s no reason to be anxious or delay your endorsement. Especially if you’ve heard any of the endorsement myths below we are about to bust. Endorsement isn’t important It sure is! Becoming a certified member of (ISC)² is more than simply passing an exam, no matter how rigorous and challenging that... Continue reading
Posted Nov 29, 2017 at (ISC)² Blog
Image
The (ISC)² EMEA Secure Webinar series features live and on-demand online events where industry thought leaders, (ISC)² members and solution providers share their views on a variety of topics to help cybersecurity professionals in tackling the current threats and challenges they may be facing today. From GDPR to malware, the themes vary greatly, offering valuable insight into a wide range of areas concerning information security. The webinars are also free to members and non-members, timed conveniently for European, Middle East and African audiences and provide opportunities to earn CPEs. If you’re not familiar with the series or are perhaps interested... Continue reading
Posted Nov 28, 2017 at (ISC)² Blog
Image
In light of Uber’s most recent breach news, that comes on the heels of several other notable breaches, some question whether the cybersecurity industry is able to keep up. Brian Krebs engaged a wide audience on Twitter when he asked whether Uber’s choice to pay hackers to cover up a major breach was any different from paying a ransomware fee to have files decrypted. Optimists hope that the recent attacks will serve to raise the bar in cybersecurity policies and practices. Yet, here we are at the start of the holidays, bombarded with lists of ways to beware of cyber... Continue reading
Posted Nov 27, 2017 at (ISC)² Blog
Image
Name: Marco Fernandes Title: Lead Security Solutions Architect Employer: Hewlett Packard Enterprise Location: Dallas/Ft. Worth, Texas, U.S.A. Degree: Bachelor of Science in Business Computer Information Systems Years in IT: 4 Years in information security: 8 Cybersecurity certifications: SSCP How did you decide upon a career in cybersecurity? I grew up with a love of technology and cybersecurity, along with a curiosity for business. So when I got to college, I wasn’t sure what I should major in. My brilliant brother, Roger Fernandes, encouraged me to pursue a degree in Business Computer Information Systems (BCIS). After seeing news of so many... Continue reading
Posted Nov 22, 2017 at (ISC)² Blog
Image
This year marks the first ever (ISC)² EMEA Information Security Leadership Awards (ISLA), a chance for our community to recognise fellow information security and management professionals going the extra mile to enhance security across Europe, the Middle East and Africa. Overall, we received a staggering number of impressive submissions, over 200, and these were shortlisted down to our finalists by our judges, members of the Europe, Middle East and Africa Advisory Council (EAC). Winners will be announced at our Secure Summit UK on 12 December 2017. In the meantime, we have been sharing their stories on the blog over the... Continue reading
Posted Nov 21, 2017 at (ISC)² Blog
Image
Security experts and practitioners from around the world gathered at the 11th annual SecTor conference in Toronto last week. Among other highlights, there was a lot of focus on the evolution of technology in addressing cybersecurity challenges. In his keynote address, IBM Resilient CTO Bruce Schneier called for increased government regulations in order to improve cybersecurity. If you were side tracked by the industry news coming out of SecTor, there might have been some happenings that flew under your radar. Here’s a look at other interesting headlines to help get you up to speed on different news worthy stories across... Continue reading
Posted Nov 20, 2017 at (ISC)² Blog
Image
If you are a cloud service provider (CSP), much of your credibility will come from your transparency. Clients will constantly worry about your ability to remain secure and reliable in all areas of operations, and they will compare it to what they know best – their own in-house system. Bedside manner and customer experience are vital components of a CSP’s offerings, but they are underused commodities. Cloud Tweaks most recent blog, How Security Certification Helps Cloud Service Providers Stay Transparent and Credible, reveals how partnering up with a Certified Cloud Security Professional (CCSP) can make all the difference in ensuring... Continue reading
Posted Nov 16, 2017 at (ISC)² Blog
Image
If earning a professional certification were easy, everyone would have one. The truth is, making the decision to advance your career is a major undertaking. Planning for the process is the best way to set yourself up for success on the certifications you need to advance your infosec career. In order to manage your expectations, it is important to be realistic about the commitment you’re making. Following these five steps will set you up for success by ensuring that you are choosing the certifications you need based on the skills you currently have and where you want to take your... Continue reading
Posted Nov 15, 2017 at (ISC)² Blog
Hi Jan! We don't know how many have programs, no. But we are hoping to see more growth as the success of the professionals coming through programs like that - and in turn the success of those organizations - is appreciated!
Image
By Kaya Kazmirci, Managing Director, Kazmirci Associates Kaya will be hosting the session Mobile Payment Systems: Disruptive Development and Cyber Risks at (ISC)² Secure Summit MENA, between 21st and 22nd November 2017. Two fundamental shifts in traditional payment methods are changing the landscape of spending. Emerging blockchain-based currencies and alternative payment channels are disrupting time honored cash and credit card-based transaction service providers. Enabling cheap transactions when traditional banking services are expensive is critical for supporting business growth, especially in the developing world, where banking services are not always cheap or available. At the same time, ensuring appropriate privacy, security... Continue reading
Posted Nov 14, 2017 at (ISC)² Blog
Image
This year marks the first ever (ISC)² EMEA Information Security Leadership Awards (ISLA), a chance for our community to recognise fellow information security and management professionals going the extra mile to enhance security across Europe, the Middle East and Africa. Overall, we received a staggering number of impressive submissions, over 200, and these were shortlisted down to our finalists by our judges, members of the Europe, Middle East and Africa Advisory Council (EAC). Winners will be announced at our Secure Summit UK on 12 December 2017. In the meantime, we will be sharing their stories on the blog. Here is... Continue reading
Posted Nov 13, 2017 at (ISC)² Blog
Image
New guidelines, increased government oversight, and mounting stress in cybersecurity With the 4th quarter underway, we are starting to see lots of predictions about what the cybersecurity industry can expect to see come 2018. Thinking about the future makes it easy to forget about what is happening right now, though. Let’s take a look back at the news that happened this week to remind us of where we are, before we focus too much on where we’re going. Arguably the biggest industry-wide news of the week was the Senate Commerce Committee hearing, “Protecting Consumers in the Era of Major Breaches.... Continue reading
Posted Nov 10, 2017 at (ISC)² Blog
Image
By Tony Chebli, Senior Manager, Information Security Department/Risk Management Division, Credit Libanais S.A.L Tony will be hosting the session ISO 27001 Between the Reality and the Myth at (ISC)² Secure Summit MENA in Dubai on the 21st and 22nd November 2017. It seems like yesterday, but actually it has been over 13 years, since I obtained my ISO 27001 Lead Auditor certification and started travelling from country to country around the Middle East, preaching the benefits of ISO 27001 certification and its importance to companies that are looking to secure their information assets. I admit it was (and still is)... Continue reading
Posted Nov 9, 2017 at (ISC)² Blog
Image
Name: Greg Harris Title: Senior Security Consultant and Adjunct Professor Employer: Big 4 Firm and Kennesaw State University Location: Alpharetta, Georgia, U.S.A. Degree: MBA, MS in Information Systems, BS in Computer Science & Mathematics Years in IT: 15+ Years in cybersecurity: 13+ Cybersecurity certifications: CISSP, CCSP, CRISC, CISM, CISA, GCFA How did you decide upon a career in cybersecurity? McKesson Corporation hired me as a Security Infrastructure Engineer through a campus-recruiting program at Kennesaw State University in 2003. My undergraduate degree was a Bachelor of Science with a double major in Computer Science and Mathematics. With my Navy Electronic Warfare... Continue reading
Posted Nov 8, 2017 at (ISC)² Blog
Image
This year marks the first ever (ISC)² EMEA Information Security Leadership Awards (ISLA), a chance for our community to recognise fellow information security and management professionals going the extra mile to enhance security across Europe, the Middle East and Africa. Overall, we received a staggering number of impressive submissions, over 200, and these were shortlisted down to our finalists by our judges, members of the Europe, Middle East and Africa Advisory Council (EAC). Winners will be announced at our Secure Summit UK on 12 December 2017. In the meantime, we will be sharing their stories on the blog. Here is... Continue reading
Posted Nov 7, 2017 at (ISC)² Blog
Image
By Lorna Trayan, Associate Partner Security at IBM Security Services Lorna will be hosting the session Security Threats and Trends - Middle East Region at (ISC)² Secure Summit MENA in Dubai on the 21st and 22nd November 2017. I’m one of those speakers that every year presents a topic that has the same title. I wonder if people at some point ask themselves ‘Is she presenting this topic again?!’. I started this in 2010 and have been repeating it every year since then. What’s this miraculous topic that never gets old you wonder? The topic is Security Trends and Threats... Continue reading
Posted Nov 4, 2017 at (ISC)² Blog
Image
James Bond has entertained millions for decades. While he’s engaged in many battles and comes out victorious, his name is not a good password. Hopefully end users can learn from Manaford’s poor password practices. As the Facebook, Google, and Twitter hearings came to a close, Mark Zuckerberg assured the public that company earnings take a back seat to security. In a public announcement Zuckerberg said, “We're investing so much in security that it will impact our profitability. Protecting our community is more important than maximizing our profits." Hopefully the rest of the community follows suit. Looking at the other news... Continue reading
Posted Nov 3, 2017 at (ISC)² Blog
Image
(ISC)² Community weighs in on Cyber Shield Act of 2017 Senator Ed Markey (D-Mass) has long been concerned about securing new technology as it bleeds into our everyday lives. In 2015, Sen. Markey, a member of the Commerce, Science and Transportation Committee, released the report, Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk. Since then, smart cars have made frequent headlines, which has had the residual effect of bringing securing connecting cars to front of mind for the auto industry. We posed the question, “What do you think?” to members of the (ISC)² Community, and received... Continue reading
Posted Nov 1, 2017 at (ISC)² Blog
Image
Name: Richard Carpenter Title: Information Security Manager Employer: Global Media and Entertainment Location: Devon, United Kingdom Years in IT: 10 Years in cybersecurity: 7 Cybersecurity certifications: CISSP How did you decide upon a career in cybersecurity? In my previous role supporting Identity and Access Management, a certain amount of due diligence was required when auditing user accounts, logon usage, permissions and security best practices for Access brokers. This sparked my interest in a cybersecurity practice outside the traditional ‘Security Operations’ role. Why did you get your CISSP®? While reviewing the market for training opportunities to upskill in my new chosen... Continue reading
Posted Nov 1, 2017 at (ISC)² Blog