by Mano Paul, CISSP, CSSLP, MCSD, MCAD, CompTIA Network+, ECSA As highlighted in the recently released 2013 Global Information Security Workforce Study (GISWS) – the largest vendor-neutral study of its kind conducted by (ISC)2 and analyst firm Frost & Sullivan – the largest gap between information security risk awareness and response exists in the secure software development discipline. In fact, respondents ranked application vulnerabilities as their top concern, making application security and secure software development the highest ranking security concern for the information security profession today. As the first software security certification, the groundbreaking Certified Secure Software Lifecycle Professionals (CSSLP®s)... Read more →
« March 2013 | Main | May 2013 »
Posts from April 2013
15 April 2013
Secure Software Development – Closing the Gap between Risk Awareness and Response
Posted by Mano Paul on 15 April 2013 at 02:00 PM in Risk, Software Development | Permalink
|
Comments (1)
11 April 2013
Flight risk
An amateur pilot has reportedly assembled and hacked real aircraft cockpit systems, demonstrating their vulnerabilities. "Security researcher Hugo Teso was able to "hijack" the systems to feed false navigation information to a simulated jet that made it change course." BBC It's not hard to think of scenarios where a well-resourced, competent and overtly malicious yet non-suicidal adversary could wreak havoc by redirecting aircraft, missiles, anti-missile-missiles, drones etc. using similar techniques, or simply interfere with them, hence one would have thought that information security was an obvious safety-critical requirement for their navigation and comms systems ... like for example the 30... Read more →
Posted by Gary Hinson on 11 April 2013 at 06:07 PM in Malware, Network Security, Operations Security, Risk | Permalink
|
Comments (0)
09 April 2013
A Career in Science and Technology – from Nuclear Engineering to Cyber Security
By: Hord Tipton One chooses their career path for different reasons – whether it be following in a parent’s footsteps or an innate desire to help others. I was inspired by a chemistry teacher to pursue a career in chemical engineering and found success in engineering nuclear weapons for Atomic Energy Commission, securing SCADA systems that controlled vital resources such as the Hoover Dam, and enhancing information and software security standards through credentials and education. Throughout my vast career, I’ve seen computers shrink from room-sized to pocket-sized with more power in one device today than throughout an entire operating system... Read more →
Posted by Hord Tipton on 09 April 2013 at 09:15 AM in IT Security, Operations Security, Software Development | Permalink
|
Comments (0)
Search
Categories
- (ISC)² Chapters (22)
- (ISC)² Events (159)
- Center for Cyber Safety and Education (52)
- Cloud Security (132)
- Cybersecurity Certifications (376)
- Cybersecurity Training (310)
- Cybersecurity Workforce (243)
- Digital Forensics (29)
- Ethics (52)
- Government (124)
- Insider Risk (56)
- IT Security (373)
- Legal (45)
- Malware (112)
- Network Security (176)
- Operations Security (141)
- Privacy (116)
- Ransomware (84)
- Risk (196)
- Software Development (44)
- Spotlight (71)