When asked how CISOs could better address the impact of the cybersecurity skills shortage, the most popular suggestion was to increase the overall commitment to training, according to The Life and Times of Cybersecurity Professionals report from Enterprise Strategy Group and the Information Systems Security Association. In fact, security professionals must continue developing their professional […]

The (ISC)² Diversity Award honors individuals who have made significant contributions to building a more diverse workforce in the cybersecurity community. Asia-Pacific Region (ISC)² Diversity Award Honoree Neha Malhotra, CISSP, CCSP is the Vice President, Tech & Cybersecurity Operational Risk Manager at JP Morgan Chase, and was earlier working within Cyber Security Attack Surface Management at […]

The use and processing of decentralized data stored in cloud platforms creates security challenges that require data protection strategies to evolve. That starts with achieving better visibility into what applications their employees are using, and how they are using them. User Activity Monitoring (UAM) solutions promise to identify and stop abnormal or anomalous user behavior, […]

Richard “Rich” W. Owen, Jr., CISSP has over 50 years of experience in the field of information protection. He is a past International President of the Information Systems Security Association, Distinguished Fellow, member of the Honor Roll and a member of the Information Security Hall of Fame. He is also a Fellow of the Ponemon […]

It’s October! And that can mean only one thing. It’s time to kick off the annual Cybersecurity Awareness Month, hosted by the National Cyber Security Alliance (NCSA) and the Cybersecurity & Infrastructure Security Agency (CISA). With remote work the new normal for most and ransomware attacks at peak fever pitch, there’s no time like now to […]

We asked CISSPs and CSSPs around the world, “If you could say anything to your CEO about hiring for the cloud, what would it be?” Respondents said one of the biggest challenges facing cloud specialists and senior executives in the C-suite is the difference in what each side holds as priority. While senior executives are […]

The Regional (ISC)² Chapter Recognition Awards are presented to an official chapter of (ISC)² within a specific region that best promotes the vision of (ISC)² by inspiring a safe and secure cyber world. The following chapters have demonstrated a well-rounded offering of activities and services designed to benefit its members and affiliates, while making a […]

The U.S. House of Representatives was scheduled to vote on the $1.2 trillion bipartisan infrastructure bill (H.R. 3684) on September 30, but the vote has been delayed for an undetermined length of time. With roughly $1.9 billion allocated to bolstering critical infrastructure security, helping vulnerable organizations defend themselves, and providing funding for a crucial federal […]

The decision to authorize (or not) an information system to operate within an organization is the result of an on-going project that needs to be dealt effectively to be successful and prevent your business from being exposed to unwanted threats. As NIST highlights, authorization to operate (ATO) is a “management decision to explicitly accept the […]

The U.S. House of Representatives is scheduled to vote on a $1 trillion bipartisan infrastructure bill on September 30, 2021. Back in August, the U.S. Senate passed the bill, which included $1.9 billion for cybersecurity initiatives. According to The Hill, the funds will go toward securing critical infrastructure against attacks, helping vulnerable organizations defend themselves […]