International Information Systems Security Certification Consortium, (ISC)2
Recent bank malware attacks are telling us that security through obscurity is no longer enough
Kaspersky Lab's revelation that cyber thieves were able to pull off one of the biggest heists in history armed with nothing more than dodgy email docs, shows that the banking industry has failed to learn from past mistakes. We have known how to prevent this attack for many years.
February 25, 2015 11:01:00 AM Read Full Post
Have you made plans for professional development?
Information security is hot. With existing educational paths lacking the capacity to churn out the needed number of professionals at the moment, people are migrating into the field at a significant rate. Seldom a planned career choice, the move into information security occurs as opportunity offers itself, or because an employer has an urgent requirement to fulfil. Once in, career development and planning becomes essential given the diversity of opportunity and level of change to manage.
February 03, 2015 1:15:00 PM Read Full Post
Headline-grabbing perhaps but short on substance
David Cameron’s headline-grabbing accord with Barack Obama to enhance cyber defences amounts to little more than acknowledgement of a huge problem. Clearly, in the wake of the terror attacks on Paris and the use of cyberspace by terrorists, the two leading political leaders needed to put cyber security high on their summit agenda last week.
January 22, 2015 1:58:00 PM Read Full Post
Security is too often seen as an anxiety for the specialists
SMEs have the same security concerns and requirements as their much larger partners, but, how can they afford security that can adequately protect them?
January 05, 2015 11:31:00 AM Read Full Post
Don't alienate development teams - communicate with them
Application and software vulnerabilities are increasingly popular routes for cybercrime. This has led to pressure on development teams to contribute to security, but most security managers don’t have a strong understanding of modern development teams, tools and practices.
December 08, 2014 12:29:00 PM Read Full Post
Ten years of (ISC)2's Global Workforce Surveys have charted seismic shifts in the nature of the security workforce
The cybersecurity profession is changing beyond all recognition from a narrow specialism based on technology into a wide-ranging profession encompassing people, processes and policies and reaching into every area of business from training room to boardroom.
November 10, 2014 5:25:00 PM Read Full Post
Are boards getting the advice they need?
PwC’s Global State of Information Security Survey contains a number of striking points, starting with the disconnect between the board and security teams in businesses across the globe.
October 06, 2014 11:21:00 AM Read Full Post
If SMEs don't trust the cloud it's because they fail to do due diligence
For business the cloud too often remains a murky territory where they lose visibility over how their assets are protected and questions of security and legal liability become increasingly blurred.
September 29, 2014 11:07:00 AM Read Full Post
Gaining control of privacy is not going to be easy
Gaining control of privacy is not going to be easy If you want the sort of absolute privacy that extreme libertarians espouse, that fight is pretty much lost (unless you live in a cave and have never left it). Most people are more pragmatic: they...
July 28, 2014 6:35:42 PM Read Full Post
Ensuring privacy as well as clinical safety
Consumer-oriented technologies and services have already established a foothold in healthcare. If you visit a modern medical establishment you will see personal electronic devices (PEDs) being used. There may be some strictly controlled zones...
July 14, 2014 6:23:10 PM Read Full Post