31 August 2023

The ISC2 Blog Has Evolved

As part of the ISC2 brand evolution, the ISC2 blog has transitioned to ISC2 Insights. Here you will find the great content you have come to expect from ISC2 including member blogs, cybersecurity news, exclusive features, press releases and more. If you are interested in contributing to this collection or participating in member surveys and more, please register as an ISC2 Volunteer. Should you have any questions related to content, email [email protected]. Read more →

Posted by on 31 August 2023 at 01:01 PM | | Comments (1)

Tags: Cyber Blog, Cyber News, Cybersecurity Blog, ISC2, ISC2 Blog, ISC2 Rebrand

| |

11 August 2023

Latest Cyberthreats and Advisories - August 11, 2023

Breaches hit the U.K. Electoral Commission, the Colorado public education system and retailer Hot Topic, the rise of cyberattacks in sports and the sound of laptop keystrokes could lead to password theft. Here are the latest threats and advisories for the week of August 11, 2023. Threat Advisories and Alerts Microsoft Warns That Cyberattacks Impacting Sporting Events Are Likely to Increase Major sporting events are becoming a growing target for cybercriminals, warns Microsoft. In the past several years, notable sport franchises have suffered cyberattacks, including Manchester United, the Houston Rockets and the San Francisco 49ers. While sporting events seem like... Read more →

Posted by on 11 August 2023 at 08:51 AM in Government , IT Security, Privacy, Ransomware | | Comments (0)

Tags: chatgpt, clop ransomware, colorado department of higher education, cybersecurity alerts, cybersecurity news, cybersecurity research, cybersecurity threats, hot topic cyberattack, MOVEit transfer, n-day vulnerabilities, sports cyberattacks, uk electoral commission, wormgpt

| |

10 August 2023

Thinking about a Career in Cloud Security? Follow this Path.

As more critical data and assets move to the cloud, they’ve become prime targets for cybercriminals. Organizations worldwide need cloud security professionals who understand the evolving complexities to identify and mitigate security risks. Complicating matters, most are operating under a multicloud strategy that uses two or more cloud service providers. Are you ready to take your career higher into the cloud? (ISC)², creator of the leading advanced cybersecurity certification, the CISSP®, recommends these specific steps. Become an (ISC)² Candidate. Begin your journey by joining (ISC)², the world’s leading cybersecurity professional organization, more than 450,000 members, associates and candidates strong. As... Read more →

Posted by on 10 August 2023 at 07:00 AM in Cloud Security | | Comments (0)

Tags: CCSP, certificate, certification, cloud, exam, training

| |

09 August 2023

Effective Board Communication

As part of our recent Conversations with Leaders virtual conference, a roundtable of current and former CISOs and a cybersecurity attorney discussed key messages and how to deliver them to ensure Board interactions are relevant, educational, and impactful for their governance. At the top of any company is the Board. These are the directors who generally don’t manage the business day-to-day but provide governance, guidance and oversight to the senior executives who do. Most importantly, in a legal sense the buck stops with the Board – they are the ones who have a legal obligation to ensure the business is... Read more →

Posted by on 09 August 2023 at 10:52 AM | | Comments (0)

Tags: board, CISO, communication

| |

07 August 2023

(ISC)² DEI Summit: Amplifying Our Impact

(ISC)² held its first annual global DEI summit on Wednesday, July 12, at George Mason University in Arlington, Virginia. The theme of the in-person summit, "Amplifying Our Impact: Advancing DEIB in Cybersecurity," brought cybersecurity leaders together to discuss how they can ensure the cyber ecosystem is a more diverse, equitable, and inclusive space for incoming and existing talent. The all-day event fostered a unique opportunity for professionals in the government, nonprofits, academia and the private industry to learn insightful information from peers who hail from places around the world, such as Australia, Europe, and Africa. Attendees gained a deeper understanding... Read more →

Posted by on 07 August 2023 at 08:00 AM in Cybersecurity Workforce | | Comments (0)

Tags: (ISC)² DEI, (ISC)² event, (ISC)² meeting, cybersecurity diversity summit, cybersecurity workforce, cybersecurity workforce diversification, DEI in cybersecurity, diversity in cybersecurity

| |

04 August 2023

API Security Best Practices in the Hybrid Multi-Cloud Digital World

Interconnected and distributed systems have made the role of APIs critical to enabling discreet connectivity between systems but can create additional risk. By Dave Cartwright, CISSP Application Programming Interfaces (APIs) are notoriously difficult to secure, particularly if they are internet-facing. As one source puts it: “APIs are designed to facilitate communication between different systems and applications, which means they are inherently exposed to various external actors. This exposure increases the attack surface, making them attractive targets for malicious actors”. So, what can we do to make the best of a challenging concept? In a (ISC)² webinar, Byron McNaught from the... Read more →

Posted by on 04 August 2023 at 12:30 PM in Cloud Security, IT Security | | Comments (0)

Tags: API defence, API gateway, API gateways, API security, application programming interfaces, cloud security, F5 security, hybrid multi-cloud security, multi-cloud security, multicloud, PCI-DSS, WAFs, web application firewalls

| |

03 August 2023

How is multicloud changing cloud security?

Organizations accelerating their operations in the cloud are adopting a multicloud approach. Their goal: an infrastructure that’s agile, dispersed and supportive of data access anywhere by hybrid workforces and customers. The numbers demonstrate the trend: 72% of organizations are adopting a hybrid or multicloud strategy. 72% use multiple IaaS providers. 39% have more than half of their workloads in the cloud. In tandem with the rise of multicloud, cybersecurity concerns have evolved and intensified. As more data is stored across multiple cloud service providers, cyberthreats targeting cloud resources are more frequent. Organizations worldwide are grappling with cloud-based risks and how... Read more →

Posted by on 03 August 2023 at 09:00 AM in Cybersecurity Certifications | | Comments (0)

Tags: (ISC)² Certified Cloud Security Professional, CCSP, Cloud, cybersecurity, security

| |

(ISC)² SECURE London Brings Members Together to Collaborate and Learn

SECURE London 2022 With a little over six weeks to go until (ISC)² SECURE London returns to the U.K.’s capital, it’s time to secure your ticket and start planning which sessions to attend. Taking place on Thursday, 21 September, at Kings Place in Kings Cross, (ISC)² SECURE London features an extensive agenda bringing together member and industry speakers from government, academia, businesses and more. With a focus on the most topical issues impacting organizations of all sizes, (ISC)² SECURE London is a valuable opportunity for members and other cybersecurity professionals from across the U.K. to come together, hear from experts... Read more →

Posted by on 03 August 2023 at 03:00 AM | | Comments (0)

Tags: (ISC)² conference, (ISC)² london, cybersecurity conference, cybersecurity leadership, cybersecurity meeting, SECURE london

| |

02 August 2023

Will Banks Adopting Open-Source Leave Them More Open to Supply Chain Cyber Attacks?

One of the biggest vindications of open-source software in recent years has been its widespread adoption by the finance sector. By Joe Fay In its 2022 State of Open Source in Financial Services report, the Fintech Open Source Foundation (FINOS) found that 87% of respondents agreed that open source is “valuable to the future” of the industry, with open-source consumption and the use of open standards seen as top factors in increasing productivity. Banks and other institutions have clearly decided it makes no sense to constantly develop their own software from the ground up when open-source alternatives exist. This not... Read more →

Posted by on 02 August 2023 at 09:00 AM in IT Security, Network Security, Operations Security, Risk | | Comments (0)

Tags: checkmarx, finance cybersecurity, FINOS, grc, open source in financial services report, open-source code security, open-source software security, OSS supply chain attacks, risk mitigation, risk. management

| |

Cybersecurity’s Shift from IT to OT

As malware spreads from IT to OT, the focus is shifting from business interruptions to physical harm, with the final responsibility resting with the CEO. Amid this fundamental change in threat and attack strategy, organizations need to focus on asset-centric cyber-physical systems and ensure teams are in place to handle monitoring and management of these key systems. By Dave Cartwright, CISSP Cybersecurity professionals are used to defending IT systems against malware and other cyber attacks. In recent years, though, attackers have increasingly targeted Operational Technology (OT) systems. What is OT? According to the UK’s National Cyber Security Centre (NCSC) it... Read more →

Posted by on 02 August 2023 at 04:00 AM in IT Security, Operations Security | | Comments (0)

Tags: DCS, ICS, IT risks, IT security, LAN, malware, operational technology security, OT risks, OT security, palo alto research, SCADA, zero trust

| |

Next »