This is (ISC)² Management's Typepad Profile.
Join Typepad and start following (ISC)² Management's activity
Join Now!
Already a member? Sign In
(ISC)² Management
A compilation of thoughts from members of the (ISC)2 leadership team.
Recent Activity
Image
Name: Shelly Epps, MS, HCISPP Title: Information Security Analyst and Program Lead, Security Outreach & Education Employer: Duke University Health System Location: Durham, NC Education: BS in Biology from Kansas State University, Master’s in Genetic Counseling from University of Pittsburgh Years in IT: 6 Years in cybersecurity: 6 Cybersecurity certifications: HCISPP How did you wind up in a career in cybersecurity? I stumbled into it! I had been working in healthcare, research, data and employee management and administration for about 20 years when I chose to take a step off of that pathway without a solid backup plan. I was... Continue reading
Posted 6 hours ago at (ISC)² Blog
Image
It may seem obvious: A strong commitment to cybersecurity from an organization’s top management equals better protection. The cybersecurity staff have more confidence and focus on the right things – fighting threats as opposed to worrying about who will leave next for greener pastures. These were among the findings of (ISC)2’s latest study, Building a Resilient Cybersecurity Culture. The study of cybersecurity professionals set out to pinpoint what companies with a good cybersecurity track record do better than others. As you might suspect, a strong cybersecurity culture is key. And it manifests itself in multiple ways: Top management understands the... Continue reading
Posted 4 days ago at (ISC)² Blog
Image
To effectively deliver value as cybersecurity professionals, (ISC)² Singapore Chapter is focusing on working closely with other Singapore cybersecurity-focused organizations. This collaboration is a clear path forward to managing and mitigating risks connected with electronic secrets, according to the Singapore Chapter’s president, Matthias Yeo. “That is what we believe cybersecurity of the 21st century needs: ecosystem partnership,” he said. Formalization of relationships with global organizations such as ISACA and ITSMF, and local organizations such as the Association for Information Security Professionals (AISP), engages cybersecurity professionals across multiple disciplines. The opportunity to network with other practitioners and an increased variety of... Continue reading
Posted 4 days ago at (ISC)² Blog
Image
Name: Hayato Kiriyama Title: Senior Security Solutions Architect Employer: Amazon Web Services Japan K.K. Degree: MBA, Master’s of Science Years in IT: 14 Years in cybersecurity: 8 Cybersecurity certifications: CISSP How did you decide upon a career in cybersecurity? Around 2010, I was involved in developing an application for Data Loss Protection at IBM. Such a data-oriented approach looked quite different to me because it was connected with the value of data in the business. It was this kind of business-oriented security which I wanted to research and develop further. Why did you get your CISSP? When I was working... Continue reading
Posted 6 days ago at (ISC)² Blog
Image
Name: Patrick Wai Keun Liu Title: Deputy Chief Information Security Officer Employer: DBS Bank (Hong Kong) Limited Degree: Computer Engineering Years in IT: 20 Years in cybersecurity: 15+ Cybersecurity certifications: CISSP-ISSAP, CRISC, CGEIT, CIA, CISA, ABCP How did you decide upon a career in cybersecurity? I started my cybersecurity career as a customized professional service for a high-end customer. I was working in an ISP and the company provided network connectivity services. My team focused on new initiatives and we believed security had potential. I have dedicated myself to this area ever since. Why did you get your CISSP-ISSAP? As... Continue reading
Posted Sep 11, 2018 at (ISC)² Blog
Image
By James Packer (ISC)² London Chapter President I’m very much looking forward to moderating the diversity panel at the Secure Summit in September. The topic of skills and diversity in the industry is a deep passion of mine as I feel we need to continue to be a forward looking industry, carefully considering the demands of the current age of technology and the trends of technology consumption amongst the next generation. As President of the (ISC)2 London Chapter, this is an area of focus for us as a Chapter; we are currently developing our Education Framework, which is a strategy... Continue reading
Posted Sep 11, 2018 at (ISC)² Blog
Image
By Steve Mair Senior Cyber Security Consultant, PGI On 18th June 2018, the Department for Culture, Media and Sport (DCMS) made an announcement to the effect that PGI are going to run a 10 to 12 week training programme for women with little or no cyber security background. Candidates will be employed from the outset of training, moving straight into a guaranteed job on completion with a leading employer within the sector. This programme is called Women in Cyber and currently PGI have had over 160 expressions of interest from women around the UK. At the forthcoming (ISC)² Secure Summit,... Continue reading
Posted Sep 10, 2018 at (ISC)² Blog
Image
It has been one year since the Equifax breach was first disclosed to the public. It has been one year and six weeks since Equifax first became aware of the breach. The delay in the public announcement of the breach after executives became aware may have proven just as damaging as the delay in installing a patch for the known vulnerability that led to the breach itself. The repercussions of the failure to communicate the breach is just part of our cover story in the latest issue of (ISC)²’s member magazine, InfoSecurity Professional. The article, “One Year Later” is a... Continue reading
Posted Sep 7, 2018 at (ISC)² Blog
Image
By Adrian Winckles Director of Cyber Security, Networking and Big Data Research Group, Anglia Ruskin University Whilst figures differ depending on which report you read, Gartner estimates the average time between a breach and detection to be about 285 days. By this time, an attacker has long gone. With all the security products in an enterprise network today, why is this still so long? One reason maybe because threat detection is a big data problem. Particularly for network traffic based solutions. A handful of probes, or mirror ports, across a high-speed enterprise network and you could be capturing Terabytes of... Continue reading
Posted Sep 7, 2018 at (ISC)² Blog
Image
Name: Rema Deo Title: Managing Director Employer: 24By7Security, Inc. Location: Coral Springs, Florida Education: MBA Years in IT: 25+ Years in Cybersecurity: 5+ Cybersecurity Certifications: HCISPP How did you decide upon a career in healthcare security and/or privacy? I have been in risk management technology and compliance technology career for banking for several years, so when it was time for a change, Cybersecurity and Compliance related work was a logical next choice. 24By7Security has a client portfolio consisting of healthcare organizations as well as several other industries. Healthcare security and privacy work is still more nascent compared to financial technology,... Continue reading
Posted Sep 4, 2018 at (ISC)² Blog
Image
Tony Vizza, CISSP, is the newest addition to the (ISC)² Cybersecurity Advocacy team! Based in Sydney, Australia, Tony works with corporations, government agencies and academic institutions to encourage collaboration across the industry, effective cybersecurity curriculums and strong legislation to attract and enable the workforce we need to manage the Asia-Pacific region’s most critical security issues. Tony has worked in the field for more than 25 years and has earned the CISSP certification, as well as the CRISC, CISM and is certified as an ISO/IEC 27001 Lead Auditor. To get to know Tony a bit better, we asked him five questions... Continue reading
Posted Aug 30, 2018 at (ISC)² Blog
We have information about registering for an exam on our website >> https://www.isc2.org/Register-for-Exam
Image
By 2020, 60 percent of enterprises will be implementing a digital transformation strategy as they seek to leverage technologies such as cloud and software-defined infrastructures. However, as they embark on a digitization journey, too many are ignoring security risks that could bite them back later. Earlier this year, telecommunications giant AT&T developed a cybersecurity report based on interviews with 15 subject matter experts, including several (ISC)² members, to determine who holds responsibility for this transformation process. The report cautions organizations to be sure they evaluate and update their defense systems before implementing digitization plans. “Security models are changing as infrastructure... Continue reading
Posted Aug 27, 2018 at (ISC)² Blog
Image
The (ISC)² Chapter program provides opportunities for chapter leaders to gather together at regional Security Congress events. These chapter-specific events are called Chapter Leadership Meetings, or CLMs. At these events, chapters leaders can meet Chapter Program Staff, network with chapter officers, exchange resources, and learn how they can develop and grow their chapter. Recently, there were CLM events in both the Asia-Pacific (APAC) and Latin-America (LATAM) regions. The CLM meetings had chapter leaders represented from local many regional chapters such as: LATAM: Argentina, Chile, Costa Rica, Peru, and Uruguay APAC: Beijing, Guangzhou, Hong Kong, Jakarta, Japan, Korea, Shanghai, and Singapore... Continue reading
Posted Aug 16, 2018 at (ISC)² Blog
Image
Patrick Strijkers is a 43-year-old information risk security officer at a pension funds firm in the Netherlands. He works in the IT security department in security incident management. Patrick’s employer runs a job rotation program, allowing him to gain experience in a variety of roles, with his next position coming invulnerability management this September. He holds the following security certifications: CompTIA Security+ CompTIA Network+ EC-Council Certified Ethical Hacker v8 EC-Council Certified Security Analyst v8 EC-Council Computer Hacking Forensics Investigator v8 Rapid7 Nexpose Rapid7 Metasploit Pro Patrick’s goal last year was to earn his CISSP certification. He attended a five-day boot... Continue reading
Posted Aug 7, 2018 at (ISC)² Blog
Image
Security Congress is less than three months away! This year’s biggest and best cybersecurity conference will be held in New Orleans, Louisiana from October 8-10. Attending this year’s event can earn you as many as 46 CPEs for the year. To make sure you get the most out of #ISC2Congress, here are five things to do before you get to NOLA: Register for workshops Reserved seating workshops are new to Security Congress this year. We will have five workshops available throughout the conference that require a registration. If you’ve already signed up for Security Congress, great! You can login to... Continue reading
Posted Jul 26, 2018 at (ISC)² Blog
Hi Varun! The cert you choose can be based equally on your experience thus far AND your career aspirations. The CISSP requires 5 years of experience, but you can still take the exam and upon passing become an Associate of (ISC)². Or you might consider the SSCP, as that certification only requires 1 year of experience (along with passing the exam and being endorsed, of course). This page has some more info on the SSCP - https://www.isc2.org/Certifications/SSCP
Image
Bad bots make up more than one third of internet traffic, and although some of them try to influence elections and feed conflict on social media, most are targeting business websites, according to a newly published report. Set loose across the internet, armies of bad bots constantly carry out a multitude of misdeeds against businesses in just about every industry. Their activities include scraping prices by competitors looking to gain an upper hand in price SEO searches, stealing proprietary content, taking over accounts with stolen credentials, perpetrating credit card fraud, skimming money from gift card accounts and executing DDoS (distributed... Continue reading
Posted Jul 23, 2018 at (ISC)² Blog
Image
The (ISC)² London chapter received its official (ISC)² Charter on March 16, 2018, after completing the chartering process and attending the (ISC)² Secure Summit UK earlier this spring. The London Chapter’s president, James Packer, outlined the chapter’s goals at the Secure Summit UK event, which included plans for hosting the chapter’s own events, forming industry partnerships, and spawning beneficial initiatives such as in education and healthcare. As a result of the Chapter’s presence at the Summit, over 50 people signed up to become a member of the Chapter. This is a record number of people who have ever signed up... Continue reading
Posted Jul 19, 2018 at (ISC)² Blog
Image
(ISC)²’s ThinkTank webinar channel has just been named the 2018 Highest Growth Channel in IT by BrightTALK, an online webinar platform aimed at providing professionals with business and professional growth. ThinkTank is a free cybersecurity webinar channel that features 60-minute roundtable discussions with influential security experts. These discussions cover a range of thought-provoking topics that are among the most pressing cybersecurity challenges. BrightTALK awarded 10 organizations for accomplishments in the IT category. Those winners included Palo Alto Networks, Symantec, and more with (ISC)² being the only certifying body to be recognized. So far this year, ThinkTank webinars have been viewed... Continue reading
Posted Jul 16, 2018 at (ISC)² Blog
Image
The sweeping new privacy law that went into effect in the European Union in May has significantly boosted demand for data protection expertise, according to job postings site Indeed. A report from the popular recruitment site found that job openings for data protection officers (DPO) have skyrocketed 829 percent since 2016 as organizations took steps to comply with the General Data Protection Regulation (GDPR). The need for the expertise is about to get even greater, thanks to a newly approved data privacy law in California, the world’s fifth largest economy. The new law was rushed through the state’s legislation to... Continue reading
Posted Jul 12, 2018 at (ISC)² Blog
Image
Cybersecurity job searches increased nearly six percent between March 2017 and March 2018, according to recently published research by job listings site Indeed. The increase actually outpaced a 3.5 percent uptick in jobs posted. These numbers do not mean that supply is exceeding demand – far from it. The reality is that finding cybersecurity talent remains a major challenge for employers, both in and outside the tech field. But the Indeed findings seem to confirm what (ISC)² discovered earlier this year: There is a big appetite among cybersecurity workers for a change of employment. In our “Hiring and Retaining Top... Continue reading
Posted Jul 9, 2018 at (ISC)² Blog
Image
By Ravindra Krishna, CISSP In a recent Operational Technology (OT) cyberattack, Monero Crypto-currency mining malware was discovered in the ICS network of a water utility company located in Europe. The company found the malware during a routine monitoring check of their OT network and confirmed that the malware infected five servers including the Human machine interface (HMI), which is used to control and manage physical components of OT networks. This attack provides further evidence that OT networks are not simply vulnerable, but actually easy targets. The Post-Stuxnet OT Cyberattack Era I believe that we can divide OT attacks into two... Continue reading
Posted Jul 3, 2018 at (ISC)² Blog
Image
Like many chapters, the (ISC)² Hawaii Chapter has had challenges with officer vacancies, legal registration, and low attendance at events over the past three years that the chapter has held its official charter. In early 2018, the new officer board took over and began to plan events to get the information security professionals in the area together to better connect, educate, inspire, and secure the communities of Hawaii. While the chapter has held its official charter with (ISC)², the chapter has been somewhat dis-engaged from the local community. The new chapter officers have made it their mission to re-invigorate the... Continue reading
Posted Jun 21, 2018 at (ISC)² Blog
Image
Data breaches are happening far too often. Stories about personal information being compromised are part of the daily news cycle. But even after the fact, many people are still not taking internet safety seriously. Let’s not forget that human error causes 90 percent of security incidents. Training employees about cybersecurity is essential but educating younger generations from the moment they gain access to the internet, should be a priority. This year, at (ISC)² Security Congress in New Orleans, cyber, information, software and infrastructure security professionals will learn about cyber safety education thanks to the Center for Cyber Safety and Education,... Continue reading
Posted Jun 12, 2018 at (ISC)² Blog