This is (ISC)² Management's Typepad Profile.
Join Typepad and start following (ISC)² Management's activity
Join Now!
Already a member? Sign In
(ISC)² Management
A compilation of thoughts from members of the (ISC)2 leadership team.
Recent Activity
This month marked the opening of nominations for the first-ever (ISC)² EMEA ISLA, allowing you to nominate fellow information security and management professionals throughout the private and public sectors across Europe, the Middle East and Africa. The nomination categories are: Senior Information Security Professional, Information Security Practitioner, Up-and-Coming Information Security and Woman Information Security Professional. Nominations must be put forward by a colleague, so we hope that many of you will feel inspired to put forward your professional peers. We do appreciate that nominating someone may seem like a daunting task, or you may be unsure whether who you have... Continue reading
Posted yesterday at (ISC)2 Blog
Name: Jae H. Moon Title: Sr. Systems (Linux/IA) Engineer Employer: Cray, Inc. Location: Salt Lake City, Utah, U.S.A. Degree: Master’s degree in Information Systems (emphasis on information security) Years in IT: 16+ Years in information security: 10+ Cybersecurity certifications: CompTIA Security +, SSCP How did you decide upon a career in cybersecurity? I had the opportunity to work as a summer intern at Scott Air Force Base in Illinois for the Department of Defense. I also worked as a Unix System Administrator for AT&T (after graduating from college) which focused heavily on implementing various information security principles and practices to... Continue reading
Posted 5 days ago at (ISC)2 Blog
Two of the most pressing cybersecurity tasks of our time are the need to dramatically grow the size of the workforce, and to create one that is agile enough to keep up with the shifting sands of today’s business landscape. Infosec Europe’s keynote panel session “Building an Agile Security Team for the Future,” chaired by (ISC)²s EMEA managing director Adrian Davis, saw leading frontline professionals from travel search giants Skyscanner, to transport operator Network Rail and the UK government, discuss how these challenges might be addressed. The first key insight was that an agile cybersecurity team cannot have fixed, traditional... Continue reading
Posted 6 days ago at (ISC)2 Blog
While the projected 1.8 million cybersecurity workforce gap is a staggering number, the Global Information Security Workforce Study did reveal which sectors are most aggressively looking to address this talent shortfall. Healthcare, retail and manufacturing top the list of industries looking to increase their cybersecurity workforce by more than 20% over the next year. Healthcare, in particular, is aiming for a 39% increase. It’s not surprising that they’re leading the charge to staff up, as Privacy Rights Clearninghouse reports that there were 223 known breaches to healthcare organizations in the United States in 2016 - and another 46 disclosed so... Continue reading
Posted 7 days ago at (ISC)2 Blog
Nominations are open for the first-ever (ISC)² EMEA Information Security leadership Awards (ISLA) to recognize the achievements of your fellow cyber, information, software and infrastructure security professionals across Europe, the Middle East and Africa. This is a great opportunity to showcase the outstanding work and remarkable contributions the profession is making despite the challenges and widening skills gap we face. The 2017 Global Information Security Workforce Study confirms more than two thirds of the region’s hiring managers are looking to expand their teams in the next 12 months, and about half are struggling to find qualified talent for their roles.... Continue reading
Posted Jun 19, 2017 at (ISC)2 Blog
From malware built to disrupt our critical infrastructure to front-line cyber soldiers, here are some of the top security headlines from the week of June 12: The malware cometh. The “nightmare” malware has been attacking power plants in Europe, causing blackouts and Daily Beast reports that U.S. companies have been warned. “I’m a Mac.” “You still might be in trouble.” That’s what security researchers are saying to Bleeping Computer after two new strains of Mac malware have been offered through the Dark Web over the last few weeks. Is the cloud really safer? Help Net Security found that most IT... Continue reading
Posted Jun 17, 2017 at (ISC)2 Blog
If you’ve attended any of our (ISC)² ThinkTank Webinars (and we hope you have!) you know that moderator Brandon Dunlap shares your questions with panelists to answer during the session. While we can’t get to all questions, we’d like to address a few more here on our blog. Last week’s webinar was “The Human Target – The Tip of the Spear is Aimed at You”, with panelists Ira Winkler, president of Secret Mentem, Sylvester Gray, security product specialist at Sophos and Johnny Deutsch, senior manager, advanced security center at Ernst & Young, LLP. Thank you to our panelists for sharing... Continue reading
Posted Jun 16, 2017 at (ISC)2 Blog
Name: Haruhiko Kurita Title: Senior Security Consultant Employer: NetOne Systems Location: Tokyo, Japan Degree: Master of Science, Physics Years in IT: 24 Years in cybersecurity: 21 Cybersecurity certifications: CISSP, CCSP, CISA, PCI DSS QSA How did you decide upon a career in cybersecurity? My career in cybersecurity started around 1995, when the internet was becoming popular here in Japan. My first product was HSM (Hardware Security Module) and I was interested in cryptography, as technology was very attractive to me. After three mergers, the company (Tandem) became bigger and I covered various parts of security, like F/W, antivirus, identity management,... Continue reading
Posted Jun 11, 2017 at (ISC)2 Blog
Infosecurity Europe took over London this week with “everyone and everything you need to know about information security.” Here are the headlines from the event that caught our eye this week: Are you ready for GDPR? With just under a year to go until implementation, SC Magazine UK asked the question “Can you purchase your way to GDPR compliance?” Short answer: No. No you can’t. No surprise here. In a room full of security pros, the U.K. government’s approach to encryption was a point of discussion following the recent terror attacks in the country. As expected, there were strong opinions... Continue reading
Posted Jun 9, 2017 at (ISC)2 Blog
What is the GISWS? Since its first release in 2004, the biennial (ISC)²® Global Information Security Workforce Study (GISWS) has been gauging the opinions of information security professionals; and in turn, providing detailed insights into the important trends and opportunities within this increasingly crucial profession. This year, the study conducted its largest-ever global survey of cybersecurity professionals, with over 19,000 individuals taking part (3,694 of which hailing from Europe), further allowing it to ascertain an even clearer and progressively more complete profile of the information security workforce; with stronger understandings of areas and issues such as pay scales, skills gaps,... Continue reading
Posted Jun 7, 2017 at (ISC)2 Blog
Name: Aoba Mari Title: Security Analyst Employer: LAC / JSOC (Japan Security Operation Center) Location: Tokyo, Japan Degree: Bachelor’s Degree in International Policy Years in IT: 5 years Years in information security: 5 years Cybersecurity certifications: SSCP How did you decide upon a career in cybersecurity? Among the various fields in the IT industry, information security is the fastest growing and at the same time, I think there is a high demand for rare technical skills. For me, more than anything, that’s the biggest reason why I think it’s a very interesting field. I was involved in forensic analysis, and... Continue reading
Posted Jun 4, 2017 at (ISC)2 Blog
A holiday week in the U.S. and U.K. means five days worth of headlines in four business days. Here’s what we saw this week… Wanna move on from WannaCry? Not so fast, my friend. BitSight looks at the global impact of the ransomware that spread two weeks ago and found that the ransom collected is only around $100,000. Dark Reading reports on cyber criminals attacking each other on the dark web. Can’t we all just get along? No, apparently not. The price of a breach is high. Bitdefender looks at the Ponemon Institute’s study of the impact on stock prices.... Continue reading
Posted Jun 2, 2017 at (ISC)2 Blog
Since 2013, (ISC)² has been a partner of Bugcrowd, running a public bug bounty program and offering CPE credits to our members. Bugcrowd is a leading provider of crowdsourced security and bug bounty programs, connecting organizations with more than 50,000 independent security researchers to identify vulnerabilities. As an (ISC)² member, you can participate in Bugcrowd’s bug bounty programs in exchange for CPE credits. We encourage you to participate in this program to continue honing your security skills, and to apply those skills to help inspire a safe and secure cyber world. To participate, Sign up as a Bugcrowd researcher at... Continue reading
Posted Jun 1, 2017 at (ISC)2 Blog
Name: Samana Haider Title: Manager, Forcepoint Security Labs Employer: Forcepoint Location: Dublin, Ireland Education: MSc Computer Science Years in IT: 15 Years in cybersecurity: 7 Cybersecurity certifications: CISSP How did you decide upon a career in cybersecurity? I started my career in IT in the education sector where I was a lecturer at a university back home in Pakistan. I started working in HP managing SAP administration. I got the opportunity to work with one of the leading Irish banks where I was responsible for implementing security controls for SAP administration and ensuring SOX compliance. The security aspect of that... Continue reading
Posted May 29, 2017 at (ISC)2 Blog
What are the EMEA ISLAs? After eleven consecutive years of success in the Americas and Asia-Pacific, the Information Security Leadership Awards (ISLA) program is finally coming to EMEA! The (ISC)² EMEA ISLAs are a unique opportunity for you to nominate fellow information security and management professionals who go the extra mile to enhance security throughout the private and public sectors across Europe, the Middle East and Africa. There are four nomination categories: Senior Information Security Professional, Information Security Practitioner, Up-and-Coming Information Security and Woman Information Security Professional. It’s not long now until the nominations will be open (between the 12th... Continue reading
Posted May 25, 2017 at (ISC)2 Blog
Name: Frederico Hakamine Title: Principal Curriculum Developer Employer: Okta Inc. Location: San Francisco, CA, U.S.A. Degree: Bachelor in System Analysis Years in IT: 10 years Years in cybersecurity: 9 years Cybersecurity certifications: CISSP, CCSP, ISFS, ITIL, CobIT, Oracle Certified Architecture Specialist, Okta Certified Professional How did you decide upon a career in cybersecurity? I started working for Oracle as consultant 10 years ago, with a challenge: develop a portal with independent web applications, that should require a single login and display restricted information depending on where you were located (intranet or internet). Developing the application was a straightforward task. The... Continue reading
Posted May 24, 2017 at (ISC)2 Blog
Not surprisingly, WannaCry remained top of mind last week. We’re sure you’re doing everything you can to patch your environment and prevent similar ransomware attacks in the future. Here are some WannaCry headlines (and other security news) that caught our eye last week. WannaCry Rolls On According to the Dark Reading article WannaCry's 'Kill Switch' May Have Been a Sandbox-Evasion Tool, researchers early last week were looking into the “kill switch” and consensus seemed to be building that it was a poorly constructed VM analysis/sandbox evasion technique. WIRED went a bit deeper with their assessment The WannaCry Ransomware Hackers Made... Continue reading
Posted May 22, 2017 at (ISC)2 Blog
Name: George McPherson Title: Information Security Analyst Employer: Duke Energy Location: Charlotte, North Carolina Degree: Currently working towards Associates Degree in "Cyber Security" Years in IT: 4 Years Years in information security: 3 Years Cybersecurity certifications: SSCP, Security+, MTA Security How did you decide upon a career in cybersecurity? When I first entered IT and started sitting for IT certifications I noticed that when I received my score report, I would always score the highest on security-related questions. When reflecting on this revelation, I realized that I also got excited about security and investigating security-related issues. Why did you get... Continue reading
Posted May 18, 2017 at (ISC)2 Blog
Top security news from the week of May 8, 2017 ... Kazuar, Windows Defender and Worst-Case Scenarios The WannaCry Ransomware attack continues to dominate the news cycle, and we’re sure you’re closely watching developments and taking appropriate US-CERT precautions. But from Microsoft issuing an emergency patch for Windows Defender to the NSA director sharing his cyber fears to Gizmodo phishing for Trump administration officials, last week didn’t disappoint in delivering a rich trove of other security news. In case you missed it, here are some other stories that got our attention. Meet Kazuar From the pages of “Oh great, they’re... Continue reading
Posted May 16, 2017 at (ISC)2 Blog
(ISC)² has had the honor of celebrating leaders in cyber, information, software and infrastructure security since 2004. The 2017 Americas Information Security Leadership Awards (AM-ISLA®) are now open for nominations. We can’t wait to hear about your latest achievements, so please tell us about a cybersecurity leader whose work deserves recognition by the industry and by their peers. The categories for nomination are: Information Security Practitioner Senior Information Security Professional Up-and-Coming Information Security Professional Community Awareness The deadline to submit is June 7, 2017 at 11:59pm EST. Nominations and awards are open to (ISC)² members and non-members alike. Winners will... Continue reading
Posted May 15, 2017 at (ISC)2 Blog
(ISC)² is proud to present the 2017 F. Lynn McNulty Tribute Award to Brigadier general (ret.) Gregory Touhill, CISSP, former Federal Chief Information Security Officer. Serving active duty for the Air Force from 1983 to 2013, retired Brig. Gen. Touhill’s distinguished military career culminated as the Chief Information Officer and Director of Command, Control, Communications and Cyber Systems at U.S. Transportation Command – one of the nation’s 10 combatant commands. As the Senior Cyberspace Operations Officer, he led the command’s cyberspace defense mission and oversaw a $500 million information technology portfolio. Greg transitioned to civilian service at the Department of... Continue reading
Posted May 10, 2017 at (ISC)2 Blog
Other than a college degree, how can you validate your knowledge and skills? Certifications represent a way for professionals to validate their knowledge and expertise, as well as a path for continued education and professional development. But what about value? Why are cybersecurity certifications essential today? What is the value of a cybersecurity certification? Proves Your Worth According to the 2017 (ISC)² Global Information Security Workforce Study (GISWS), when respondents were asked for the reasons why their organization requires staff to have information security certifications, employee competence was the most common answer. You can spend years working to prove your... Continue reading
Posted May 9, 2017 at (ISC)2 Blog
According to the latest research from the Center for Cyber Safety and Education™ and the Executive Women’s Forum on Information Security, Risk Management & Privacy (EWF), conducted by Frost & Sullivan, women continue to comprise only 11 percent of the information security workforce. That number, despite women making up approximately half of the global population, has remained stagnant since 2013. This information is detailed in the latest infographic created using data from the 2017 Women in Cybersecurity report, which was part of the Global Information Security Workforce Study (GISWS), sponsored by Booz Allen Hamilton. The study found that women in... Continue reading
Posted May 8, 2017 at (ISC)2 Blog
With less than 150 days until Security Congress, the full agenda has been released. Keynote speakers include Ben Makuch, national security reporter for VICE News, Donald W. Freese, deputy assistant director at the FBI, and Juliette Kayyem, founder of Kayyem Solutions. The seventh annual conference will be hosted at the JW Marriott Austin, September 25-27, 2017. There will be 11 tracks at this year’s event, including: Cloud Security Cyber Crime Critical Infrastructure Incident Response & Forensics Governance, Regulation & Compliance Identity Access Management People & Security Professional Development Software Assurance/Application Security Swiss Army Knife Threats We listened to the feedback... Continue reading
Posted May 4, 2017 at (ISC)2 Blog
Name: Ajet Ibraimoski Title: System/Network Administrator Employer: PBS Systems Inc. Location: Calgary, Alberta, Canada Degree: MSc. in Computer Networks and e-Technologies; B.Sc. in Informatics and computer engineering Years in IT: 9 Years in information security: 5 Cybersecurity certifications: SSCP, CEH, Security+, Cybersecurity: Technology, Application and Policy – MIT, Information Security Foundation based on ISO/IEC 27002 How did you decide upon a career in cybersecurity? Security has always been my passion. Information security blogs and magazines kept me awake at night during my university years. After graduation, I had the chance to work in various positions and industries that presented unique... Continue reading
Posted May 2, 2017 at (ISC)2 Blog