Russian cybercrime, social media corruption and a tidal wave of malicious app downloads…. Here are the latest threats and advisories for the week of September 30, 2022. Threat Advisories and Alerts CISA Issues Warning to OT/ICS Owners and Operators Operational technology/industrial control system (OT/ICS) assets continue to be an attractive target for cybercriminals, and ICS networks are rife with risk. OT/ICS technology has vulnerable IT components and large attack surfaces—and traditional security measures don’t adequately address modern threats. System owners should assume that they will be targeted. To mitigate attacks, operators and owners can limit the exposure of system information,... Read more →
« August 2022 | Main | October 2022 »
Posts from September 2022
30 September 2022
Latest Cyberthreats and Advisories – September 30, 2022
Posted by (ISC)² Management on 30 September 2022 at 03:00 PM | Permalink
|
Comments (0)
29 September 2022
55,000 Cybersecurity Candidates Join (ISC)² Workforce Programs in One Month
One month after launching three new initiatives, (ISC)² Candidates, (ISC)² Certified in Cybersecurity SM and (ISC)² One Million Certified in Cybersecurity, aimed at addressing the cybersecurity workforce gap, we are thrilled to share our initial successes. We have seen a rapid adoption within the past 30 days of these programs among cybersecurity candidates looking to enter the field. The quick embrace highlights the importance of developing new and unique pathways to make cybersecurity careers more accessible worldwide. Through these initiatives, we are laying a strong foundation to encourage more people to explore the opportunities of a cybersecurity career. In fact,... Read more →
Posted by (ISC)² Management on 29 September 2022 at 02:54 PM in Cybersecurity Certifications | Permalink
|
Comments (0)
Announcing This Year’s (ISC)2 Global Achievement Award Recipients - Part 2
This continues our recognition of our Global Achievement Award recipeints. Click here to read more about our award honorees in part one. (ISC)² Government Professional Award Recognizing government information security leaders whose commitment to excellence has helped to improve government information security and to advance an in-demand workforce. The 2022 honorees: Americas: Jermone Andre Leach, CAP, CISSP, Defensive Cyber Operations Lead, United States Coast Guard For his efforts in ensuring industry standard awareness and threat remediation. This includes a focus on International Defensive Cyber’s Hunt Forward Operations. EMEA: H.E. Dr. Mohamed Hamad Al-Kuwaiti, Head of Cybersecurity, UAE Government For being... Read more →
Posted by (ISC)² Management on 29 September 2022 at 08:00 AM | Permalink
|
Comments (0)
28 September 2022
Announcing This Year’s (ISC)2 Global Achievement Award Recipients - Part 1
Congratulations to the following security professionals recognized for their outstanding contributions to the cybersecurity industry. The annual (ISC)² awards honor exceptional practitioners for their commitment to a safer cyber world for one and all. Each will be honored at next month’s (ISC)2 Security Congress in Las Vegas. (ISC)² Senior Professional Award Recognizing individuals who have significantly contributed to the enhancement of the information security workforce by demonstrating a leadership role in an information security workforce improvement initiative, program or project. The 2022 honorees: Americas: Shawn Harris, CCSP, CISSP, CISSP-ISSAP, Senior Director of Information Security and Compliance, Chipotle Mexican Grill For... Read more →
Posted by (ISC)² Management on 28 September 2022 at 08:05 AM | Permalink
|
Comments (0)
27 September 2022
Real Talk with CCSPs: An interview with Jonas Björk, CCSP
What is the true value of a cybersecurity certification? Many people may underestimate the depth of knowledge that is required to earn the designation of a certified security professional. Along with that, many do not recognize the global reach of a certification. We spoke to Jonas Björk, of Cygate, which is a Swedish telecommunications organization. His decades-long passion for cybersecurity is only eclipsed by his love of skateboarding. Jonas attested to both the gravity of knowledge required, and the value of the Certified Cloud Security Professional (CCSP) credential. His sincere and candid conversation is extremely motivating. Q: What is your... Read more →
Posted by (ISC)² Management on 27 September 2022 at 08:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
23 September 2022
LATEST CYBERTHREATS AND ADVISORIES - SEPTEMBER 23, 2022
Cyberattacks on the video game industry, big-name brand data breaches and the Tea Pot gangster make headlines this week. Here are the latest threats and advisories for the week of September 23, 2022. Threat Advisories and Alerts Iranian Cybercriminals Target Western Nations Bad actors associated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC) have been exploiting Microsoft Exchange, Fortinet and VMware Horizon Log4j vulnerabilities. The attacks have hit critical US infrastructure sectors as well as Canadian, Australian and U.K. organizations. Rather than targeting specific sectors or entities, the cybercriminals are exploiting known vulnerabilities on unprotected networks to extort data... Read more →
Posted by (ISC)² Management on 23 September 2022 at 08:00 AM in Operations Security, Ransomware, Risk | Permalink
|
Comments (0)
22 September 2022
YOUR CYBERSECURITY EXPERIENCE IS NEEDED FOR CREATING NEW U.S. FTC REGULATIONS
The Deadline is Approaching, Your Voice Can Make a Difference in Protecting Privacy The U.S. Federal Trade Commission (FTC) is looking for public input regarding new cybersecurity regulations. (ISC)² members and trained cybersecurity professionals can provide valuable insight into best practices in protecting people’s privacy. The FTC is seeking public comment on whether it should implement new trade regulation rules or other regulatory alternatives concerning the ways in which companies collect, aggregate, protect, use, analyze, and retain consumer data, as well as transfer, share, sell, or otherwise monetize that data in ways that are unfair or deceptive. On August 22,... Read more →
Posted by (ISC)² Management on 22 September 2022 at 08:00 AM in Government | Permalink
|
Comments (0)
21 September 2022
#ISC2CONGRESS – EMPOWERING NEW CONNECTIONS
This year’s (ISC)² Security Congress will feature increased opportunities to network with your peers and will be engaging whether you are joining in-person or virtually. We are looking forward to our first ever hybrid Security Congress where we will be live streaming across the globe from Caesars Palace in Las Vegas. Whether you have attended in the past or are gearing up for your first (ISC)² event, this year’s Security Congress has something fun for everyone! In addition to the 100+ educational sessions throughout the live event, you will hear from dynamic keynote speakers and learn about new products from... Read more →
Posted by (ISC)² Management on 21 September 2022 at 07:50 AM in (ISC)² Events | Permalink
|
Comments (0)
16 September 2022
Latest Cyberthreats and Advisories - September 16, 2022
Vulnerabilities in popular tech, major WordPress plugin attacks and phishing, highlight this week’s cybersecurity news. Here are the latest threats and advisories for the week of September 16, 2022. Threat Advisories and Alerts Security Updates Released for Apple Zero-Day Vulnerabilities For the eighth time this year, Apple has addressed zero-day vulnerabilities in its Mac and iPhone operating systems. The vulnerabilities apply to Safari 16, iOS 15.7, iOS 16, macOS Monterey 12.6, macOS Big Sur 11.7 and iPadOS 15.7. Threat actors could exploit the flaws to take control of affected devices. Users of these products are recommended to apply the security... Read more →
Posted by (ISC)² Management on 16 September 2022 at 09:45 AM | Permalink
|
Comments (0)
15 September 2022
(ISC)² CEO Clar Rosso Honored by SC Media's Women in IT Security Program
Closing the gender and diversity gap in cybersecurity is critical if the profession is serious about addressing its current workforce crisis. (ISC)² estimates that the Cybersecurity Workforce Gap currently stands at 2.72 million professionals globally, but women only make up roughly 25% of the cybersecurity industry, compared to at least 40% of the global workforce. Every year, the SC Media Women in IT Security program celebrates significant contributions of those who have faced these challenges and made a positive impact on the advancement of cybersecurity in government or the private sector. (ISC)² CEO Clar Rosso was recognized as an advocate... Read more →
Posted by (ISC)² Management on 15 September 2022 at 10:00 AM in (ISC)² Events, Cybersecurity Workforce, Spotlight | Permalink
|
Comments (0)
14 September 2022
#ISC2Congress: Empowering Partnerships
We look forward to seeing you in the Exhibit Hall, the heart of Security Congress. On-site, we will be filling up the Octavius Ballroom at Caesars Palace with 30+ partners, sponsors and exhibitors and can’t miss events. Kick off your first day of the conference as the Exhibit Hall doors open at 9:30 a.m. or pop by on one of your networking breaks. Partners will be on-site throughout the day on Monday and Tuesday to engage with you. Be sure to collect your Passport to Prizes card at the (ISC)² booth and keep it with you as you travel through... Read more →
Posted by (ISC)² Management on 14 September 2022 at 10:04 AM in (ISC)² Events | Permalink
|
Comments (0)
12 September 2022
(ISC)² and Venafi Explore The Strange New World of Machine Identity Management
Earlier this year, (ISC)² hosted a webinar about a new kind of challenge facing cybersecurity: machine identity management. Although this security component has only received sizable attention over the last couple of years, Gartner ranked it among the top eight security trends for 2021. In the webinar, Kevin Bocek, Vice-President of Security Strategy & Threat Intelligence for Venafi, discussed the problems that arise when machine identities fail, infamous machine identity attacks and the protective measures organizations can take. Machine identities – TLS, SSH, and code signing keys and certificates – control encryption, authentication, and code execution for software-based machines such... Read more →
Posted by (ISC)² Management on 12 September 2022 at 08:00 AM in Operations Security, Risk, Software Development | Permalink
|
Comments (2)
09 September 2022
Latest Cyberthreats and Advisories - September 9, 2022
A ransomware onslaught, a massive IRS data leak and cyberattacks on public transit and school systems…. Here are the latest threats and advisories for the week of September 9, 2022. Threat Advisories and Alerts Ransomware Group Vice Society Preys on School Systems The FBI, CISA and the MS-ISAC are now warning educational institutions of an uptick in ransomware attacks by the cybercriminal group Vice Society. Ransomware can wreak havoc on a school, causing canceled school days, delayed exams and theft of personal student information. With children returning to school in many parts of the world at this time after summer... Read more →
Posted by (ISC)² Management on 09 September 2022 at 03:00 PM | Permalink
|
Comments (0)
08 September 2022
Assigning Tasks to Less-Experienced Cybersecurity Hires Depends on Company Needs
Depending on the organization, entry- and junior-level cybersecurity professionals are assigned an assorted mix of tasks, according to new (ISC)² research. Junior-level employees typically are trusted to handle most tasks, the research shows. The findings come from a survey of 1,250 cybersecurity hiring managers showing wide variation in the roles that less-experienced hires are expected to take on. The study shows some differentiation between the types of tasks assigned to entry-level as opposed to junior-level employees. It also reveals greater agreement among respondents about what tasks junior-level employees can handle. Differences within level of responsibility assignments varying by company size... Read more →
Posted by (ISC)² Management on 08 September 2022 at 07:00 AM in Cybersecurity Workforce | Permalink
|
Comments (0)
06 September 2022
So You’re Certified in Cybersecurity – Now what?
Congratulations to the more than 1,500 individuals who passed the (ISC)² Certified in Cybersecurity℠ during our pilot program. They are now on their path to full certification! If you’ve passed the Certified in Cybersecurity exam, our entry-level certification, you have proven to yourself, your peers and hiring managers that you have the strong problem-solving abilities, communication skills, strategic thinking skills and an eagerness to learn needed to be a successful cybersecurity professional, according to experts who participated in the (ISC)² Workforce Study. Once you pass the Certified in Cybersecurity exam and become a member of (ISC)², you have access to... Read more →
Posted by (ISC)² Management on 06 September 2022 at 09:00 AM in Cybersecurity Certifications | Permalink
|
Comments (0)
02 September 2022
Latest Cyberthreats and Advisories - September 2, 2022
Cryptocurrency crime, tech vulnerabilities and high-profile breaches rock the cybersecurity world this week. Here are the latest threats and advisories for the week of September 2, 2022. Threat Advisories and Alerts Over $1 Billion Stolen in Cryptocurrency on Decentralized Finance Platforms The FBI warns investors to heed caution when using decentralized finance (DeFi) platforms. Between January and March 2022, $1.3 billion was stolen in cryptocurrencies, of which nearly 97% occurred on DeFi platforms. Before investing, the FBI recommends investors to research prospective DeFi platforms, smart contracts and protocols. Those who believe their DeFi investments have been stolen should contact the... Read more →
Posted by (ISC)² Management on 02 September 2022 at 03:00 PM | Permalink
|
Comments (0)
Enrollment Is Open for Free One Million Certified in Cybersecurity
(ISC)² is making a cybersecurity career more accessible. As part of our commitment to help close the cybersecurity workforce gap and diversify those working in the field, we are offering FREE (ISC)² Certified in Cybersecurity Online Self-Paced Training and exams to one million people worldwide. To qualify, individuals must enroll as an (ISC)² Candidate, for free, which entitles them to a wide array of exclusive programs and services to assist individuals starting a cybersecurity career, including free education and exams for the association’s new entry-level cybersecurity certification (ISC)² Certified in Cybersecurity. How to Enroll in One Million Certified in Cybersecurity... Read more →
Posted by (ISC)² Management on 02 September 2022 at 08:00 AM in Cybersecurity Certifications, Cybersecurity Training, Cybersecurity Workforce | Permalink
|
Comments (56)
01 September 2022
The Cybersecurity Workforce Climate in Asia
“The unfilled demand of cybersecurity positions is 2.72 million, down from 2020. However, it is primarily coming from Asia because every region around the globe went up, demand outpacing supply, except for in Asia,” Clar Rosso said in discussing the (ISC)² 2021 Cybersecurity Workforce Study on Techstrong TV. The Workforce Study showed that 61% of the Asia-Pacific region (APAC) cybersecurity professionals surveyed, 1,234 participants, feel their organization lacks a sufficient amount of cybersecurity talent (people and/or skills). The response was much greater in China, with 74% reporting the need for more professionals in the field. This need for more cybersecurity... Read more →
Posted by (ISC)² Management on 01 September 2022 at 07:00 AM in Cybersecurity Workforce | Permalink
|
Comments (1)
Search
Categories
- (ISC)² Chapters (22)
- (ISC)² Events (158)
- Center for Cyber Safety and Education (52)
- Cloud Security (132)
- Cybersecurity Certifications (375)
- Cybersecurity Training (309)
- Cybersecurity Workforce (242)
- Digital Forensics (29)
- Ethics (52)
- Government (123)
- Insider Risk (56)
- IT Security (371)
- Legal (45)
- Malware (112)
- Network Security (175)
- Operations Security (140)
- Privacy (114)
- Ransomware (82)
- Risk (194)
- Software Development (44)
- Spotlight (71)