In 2020, ransomware was the most widely-used method of delivering cyber attacks, accounting for 23% of security events handled by the IBM Security X-Force. One attack alone scored profits of more than $123 million for the perpetrators, according to an IBM report. A distant second to ransomware, the report says, was data theft (13%), followed by server access (10%). All three types of attack increased in comparison to 2019 numbers: +3% for ransomware, +8% for data theft, and +7% for server access. Meanwhile, scan-and-exploit attacks emerged as the top initial attack vector, and were used in 35% of attacks, up... Read more →
15 April 2021
IBM X-Force: Ransomware Was the Preferred Attack Method in 2020
Posted by (ISC)² Management on 15 April 2021 at 03:50 PM in Ransomware | Permalink
|
Comments (0)
14 April 2021
Building Cyber Resilience in a Cloudy World
Last year taught us a valuable lesson: Always be prepared for the unknown. In a cybersecurity context, fostering resilience requires thinking of all possible scenarios – even if they seem implausible – and seeking solutions that can really work. But resilience in a cloudy world doesn’t happen overnight. It must be supported by a well-woven culture of security that evolves with the shifting global environment. Organizations that create a culture for the future are destined to excel; those that resist change will be left behind. READ THE FULL ARTICLE Read more →
Posted by (ISC)² Management on 14 April 2021 at 07:55 AM in Cloud Security | Permalink
|
Comments (0)
13 April 2021
Updates to the (ISC)² CAP Exam. What is Changing?
Earlier this year, we announced an upcoming update to the Certified Authorization Professional (CAP) certification. This (ISC)² certification exam will be updating on August 15, 2021. During the last Job Task Analysis (JTA), the decision was made to expand the CAP to reflect the more diverse day to day work of professionals who were earning the certification. What started built primarily for U.S. government professionals using the Risk Management Framework (RMF) has now expanded to professionals working in the private sector and or organizations around the world. We spoke with the Content Development Manager here at (ISC)², Toni Hahn, about... Read more →
Posted by (ISC)² Management on 13 April 2021 at 08:37 AM in Cybersecurity Certifications, Government , Risk | Permalink
|
Comments (0)
12 April 2021
Wanted: Software Developers with a Security Mindset
The modern software developer faces an enormous amount of challenges. From continuously creating innovative apps to ensuring high quality and meeting tight deadlines, developers need to cope with many responsibilities. As a result, security is still one of the last priorities on many developers’ minds during the software development lifecycle. Vulnerable Apps Increase Cyber Threats Despite that the 2020 Verizon Data Breach Investigations Report indicates that most data breaches happen through vulnerable web applications, many developers are still hesitant to adopt a security mindset. Even though the news headlines are filled with the names of companies being compromised every day,... Read more →
Posted by (ISC)² Management on 12 April 2021 at 08:12 AM in Cybersecurity Certifications, Cybersecurity Training, IT Security, Software Development | Permalink
|
Comments (0)
09 April 2021
Deadline is Extended for 2021(ISC)² Global Achievement Awards Nominations!
Haven’t had a chance to nominate a colleague, peer or mentor yet for the Global Achievement Awards? Great news, the deadline has been extended to April 23! There are a few updates to the awards this year. With so many awards to choose from, let’s take a look at a few of them. These awards are similar in that they recognize individuals who have made a significant impact on the security industry during the past year. (ISC)² Government Professional Award This award recognizes regional government information security leaders who have made significant security developments at the federal, state or local... Read more →
Posted by (ISC)² Management on 09 April 2021 at 08:15 AM in (ISC)² Events | Permalink
|
Comments (0)
08 April 2021
Hush – This Data Is Secret
Is There Ever Too Much Data? As a security practitioner, you know that businesses are fuelled not only by people but by data. Years ago, the phrase “Big Data” was a new, innovative way to gain a business advantage. Now, big data is the norm. When we think of all the data that has been gathered, we must stop and wonder about what is contained in that data. Many important, and often private details are stored about the clients of a particular business. Over time, it became clear that this data, if obtained by criminals, could be damaging to an... Read more →
Posted by (ISC)² Management on 08 April 2021 at 07:35 AM in Cybersecurity Certifications, Cybersecurity Training, IT Security | Permalink
|
Comments (0)
07 April 2021
Under the Hood: Inside (ISC)² Exam Development Cycle
Clar Rosso, (ISC)² CEO and Casey Marks, Chief Product Officer and VP, (ISC)² recently hosted the latest in our new Inside (ISC)² webinar series, a quarterly series designed to give members a glimpse of the latest developments from inside the association, as well as an opportunity to ask questions. The March 23 session included milestones from the first quarter, as well as a deep dive into (ISC)²'s process for developing exams and certifications. Q1 Recap Rosso kicked off the discussion with a recap of the association’s response to the pandemic, and its transition to online learning. Recognizing that 2021 still... Read more →
Posted by (ISC)² Management on 07 April 2021 at 09:33 AM in Cybersecurity Certifications | Permalink
|
Comments (0)
05 April 2021
CISSPs from Around the Globe: An Interview with Mari Aoba
The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP professional. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted. In support of this, (ISC)2 has launched a series of interviews to explore where CISSP certification has led security professionals. Last time we spoke to Chris Clinton. This installment features Mari Aoba, a security analyst at Japan Security Operation Center. What job do you do today? I... Read more →
Posted by (ISC)² Management on 05 April 2021 at 07:55 AM in Cybersecurity Certifications | Permalink
|
Comments (0)
01 April 2021
So Many Awards, So Little Time Left to Nominate. Complete Your Global Achievement Award Nomination Today!
So Many Awards, So Little Time Left to Nominate. Complete Your Global Achievement Award Nomination Today! Do you have a colleague or perhaps a mentor who has accomplished something exceptional and worthy of recognition? Nominate them for the Global Achievement Awards before the deadline of April 9! Winners of these awards receive recognition throughout the (ISC)² Security Congress event and recognition during the exclusive VIP awards reception and the attendee networking night, as well as in the InfoSecurity Professional magazine. Each award winner and their nominator will receive a complimentary pass to attend Security Congress. A few reminders as you... Read more →
Posted by (ISC)² Management on 01 April 2021 at 07:55 AM in (ISC)² Events | Permalink
|
Comments (1)
31 March 2021
(ISC)2 and the Creation of the U.K. Cyber Security Council
Since the first seed was sown back in 2016, work has been underway to create an independent body to support growth and professionalism within the U.K.’s cybersecurity education, training and skills activities. Now, that body has come into being in the form of the U.K. Cyber Security Council. (ISC)² staff and members have been involved in this project since 2018 and have been diligently working alongside volunteers from other organizations on the Council Formation Project, which concludes today following more than 18 months of work. What does this mean for members, associates or those yet to begin their cybersecurity career... Read more →
Posted by (ISC)² Management on 31 March 2021 at 03:55 AM in Cybersecurity Workforce | Permalink
|
Comments (0)
Search
Categories
- (ISC)² Chapters (16)
- (ISC)² Events (99)
- Center for Cyber Safety and Education (45)
- Cloud Security (84)
- Cybersecurity Certifications (264)
- Cybersecurity Training (265)
- Cybersecurity Workforce (135)
- Digital Forensics (27)
- Ethics (46)
- Government (83)
- Insider Risk (52)
- IT Security (345)
- Legal (41)
- Malware (94)
- Network Security (149)
- Operations Security (114)
- Privacy (92)
- Ransomware (31)
- Risk (153)
- Software Development (35)
- Spotlight (51)