RSS FeedBlogs

Infosecurity Voice


International Information Systems Security Certification Consortium, (ISC)2

Recent Posts

RSS FeedSubscribe to this blog
About Author

(ISC)² is the largest not-for-profit membership body of certified information and software security professionals worldwide, with over 100,000 members. (ISC)² issues the CISSP and related concentrations, CSSLP, CCFPSM, CAP, HCISPPSM, and SSCP credentials to qualifying candidates. (ISC)² offers education programs and services based on its CBK. Visit

Security awareness is not enough to stop people taking risks

Employees persistently do things they have been taught not to. Is there a better way?

by (ISC)²

Employees persistently do things they have been taught not to. Is there a better way?

March 30, 2015 6:18:00 PM Read Full Post

Cybercriminals go where the money is - SMEs

IT security essentials for small businesses

by (ISC)²

It’s no secret that the cybercriminals go where the money is.

March 10, 2015 5:44:00 PM Read Full Post

Reforming banking's culture of security secrecy

Recent bank malware attacks are telling us that security through obscurity is no longer enough

by (ISC)²

Kaspersky Lab's revelation that cyber thieves were able to pull off one of the biggest heists in history armed with nothing more than dodgy email docs, shows that the banking industry has failed to learn from past mistakes. We have known how to prevent this attack for many years.

February 25, 2015 11:01:00 AM Read Full Post

Changing careers - migrating into information security

Have you made plans for professional development?

by (ISC)²

Information security is hot. With existing educational paths lacking the capacity to churn out the needed number of professionals at the moment, people are migrating into the field at a significant rate. Seldom a planned career choice, the move into information security occurs as opportunity offers itself, or because an employer has an urgent requirement to fulfil. Once in, career development and planning becomes essential given the diversity of opportunity and level of change to manage.

February 03, 2015 1:15:00 PM Read Full Post

UK and US plan cyber games - really?

Headline-grabbing perhaps but short on substance

by (ISC)²

David Cameron’s headline-grabbing accord with Barack Obama to enhance cyber defences amounts to little more than acknowledgement of a huge problem. Clearly, in the wake of the terror attacks on Paris and the use of cyberspace by terrorists, the two leading political leaders needed to put cyber security high on their summit agenda last week.

January 22, 2015 1:58:00 PM Read Full Post

How can SMEs afford security that is good enough?

Security is too often seen as an anxiety for the specialists

by (ISC)²

SMEs have the same security concerns and requirements as their much larger partners, but, how can they afford security that can adequately protect them?

January 05, 2015 11:31:00 AM Read Full Post

When it comes to security, don’t shoot the developer

Don't alienate development teams - communicate with them

by (ISC)²

Application and software vulnerabilities are increasingly popular routes for cybercrime. This has led to pressure on development teams to contribute to security, but most security managers don’t have a strong understanding of modern development teams, tools and practices.

December 08, 2014 12:29:00 PM Read Full Post

Ten years on - how security professionals turned from techies into leaders

Ten years of (ISC)2's Global Workforce Surveys have charted seismic shifts in the nature of the security workforce

by (ISC)²

The cybersecurity profession is changing beyond all recognition from a narrow specialism based on technology into a wide-ranging profession encompassing people, processes and policies and reaching into every area of business from training room to boardroom.

November 10, 2014 5:25:00 PM Read Full Post

The dangerous disconnect between security teams and the board

Are boards getting the advice they need?

by (ISC)²

PwC’s Global State of Information Security Survey contains a number of striking points, starting with the disconnect between the board and security teams in businesses across the globe.

October 06, 2014 11:21:00 AM Read Full Post

The cloud should be a glasshouse not a mysterious black box

If SMEs don't trust the cloud it's because they fail to do due diligence

by (ISC)²

For business the cloud too often remains a murky territory where they lose visibility over how their assets are protected and questions of security and legal liability become increasingly blurred.

September 29, 2014 11:07:00 AM Read Full Post

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message