John Weiler | 7^th July 2023

Deepfake kidnappings, summer cybersecurity doldrums and LockBit strikes again with a historically high ransom demand.

Joe Fay | 5^th July 2023

The Biden administration has laid out its priorities for government agencies looking to fund projects in the 2025 fiscal year. This includes more money for skills and people.

Chris Green | 4^th July 2023

European politicians agree on a way forward for new cyber rules, the U.S. Patent Office finds a leak and what on Earth is going on at Twitter this time? Apparently, it’s the fault of AI!

John E. Dunn | 30^th June 2023

The attack by the Clop ransomware group targeting a MOVEit file transfer vulnerability has the potential to turn into one of the biggest extortion attacks ever recorded.

John Weiler | 30^th June 2023

Super Mario malware, the MOVEit Transfer fallout continues and the EncroChat bust leads to 6,558 arrests.

John E. Dunn | 29^th June 2023

Errors by developers and sysadmins emerged as an important data breach cause in Verizon’s 2023 Data Breach Investigations Report (DBIR).

Chris Green | 27^th June 2023

Another turbulent cybersecurity week as energy disruption hits Canadian forecourts, cybersecurity job interest grows in the UK and a backlash over monitoring disinformation.

Joe Fay | 27^th June 2023

The substantial debate and questions raised have resulted in the ‘Final Action’ being pushed back until October.

John E. Dunn | 25^th June 2023

Are today’s graduates being trained to cope with future challenges? A panel of practitioners debated whether current graduates are coming away with what they need to progress.

John E. Dunn | 24^th June 2023

Is the importance of certifications at risk of turning them into check box hiring aids for organizations in a hurry? A CISO panel at this week’s Infosecurity Europe conference weighed up the arguments.

Tamlin Magee | 24^th June 2023

Security researcher Keren Elazari explained the staggering level of investment and planning at the world’s first cyber threat conglomerate.

Tamlin Magee | 23^rd June 2023

The CEO of BNP Paribas 3 Step IT said that organizations must plug themselves into the circular economy not only to boost their ESG, but to be more secure too.

John Weiler | 23^rd June 2023

100,000+ ChatGPT accounts stolen, a LockBit affiliate arrested and unsettling developments in the MOVEit Transfer breach.

Tamlin Magee | 23^rd June 2023

Industry experts raise alarm about using ChatGPT et al on corporate networks.

Chris Green | 22^nd June 2023

The impact that CC has had on attracting new people to a career in cybersecurity and the work of (ISC)² in removing barriers to entry was recognized by the judges.

Tamlin Magee | 22^nd June 2023

In the wake of the Capita attack, Duncan Mackinnon urged financial institutions to build robust scenario testing to improve their operational resilience.

Tamlin Magee | 20^th June 2023

Cybercrime is just another crime, said a panel at InfoSec 2023 including the CISOs of EasyJet and Penguin Random House, and we need to start treating it like one.

Chris Green | 20^th June 2023

5G network exposure to China still posing risks, Microsoft raking in cybersecurity cash and India denies that COVID vaccine data has been breached.

Joe Fay | 16^th June 2023

Incident highlights the value of asking tough questions early on at the due diligence stage, not after an attack when the damage is already done.

Chris Green | 16^th June 2023

A bumper Patch Tuesday, LockBit confirms its status as a global problem, Ofcom falls foul of MOVEit and surprises in the new update to FortiOS.

Chris Green | 15^th June 2023

In our second preview of Infosecurity Europe 2023, we look at what (ISC)² will be doing at the show to support members and the wider industry, alongside looking at the opening talks across the three days of the conference, held at ExCel in London from June 20-22.

Chris Green | 13^th June 2023

AI regulation in the EU stumbles, Are CISOs equipped to be on company boards, cybersecurity rules for aircraft and a new cyber testing lab opens.

Joe Fay | 12^th June 2023

Industry panel underlines the value of certification as majority are CISSPs.

Joe Fay | 10^th June 2023

The professionalization of cybercrime and the resulting division of labor is making it harder to distinguish between attacks by purely profit-led cybercriminals and nation-state threats.

John Weiler | 9^th June 2023

Verizon releases annual data breach report, more than 90,000 people impacted in U.S. university breach and the BBC, British Airways and Boots compromised in MOVEit Transfer incident.

Chris Green | 6^th June 2023

$400 million fund for AI and robotics start-ups, OpenAI to fund cybersecurity efforts while research shows that cybercriminals are targeting the friends and families of high-value organization executives.

John Weiler | 2^nd June 2023

Cybercriminals hire humans to break CAPTCHAs, the meteoric rise of LockBit and a potential ransomware attack on the U.S. city of Augusta, Georgia.

Chris Green | 30^th May 2023

It’s all one big simulation – for training at least, Netflix steps up password sharing clampdown, new training to improve supply chain security and Ireland invests in its cybersecurity development capability.

John E. Dunn | 26^th May 2023

The 2023 Sophos State of Ransomware report found that while the number of ransomware attacks stabilized, larger victims are paying more than ever. Are they simply getting used to paying up?

John Weiler | 26^th May 2023

Job ad scam snares victims in Southeast Asia, a fake Pentagon explosion highlights the dangers of AI and cybercriminals pounce on voice cloning technology in the latest move to develop an advantage.

John E. Dunn | 25^th May 2023

In the first of two previews of Infosecurity Europe 2023, we look at our top picks for unmissable keynote sessions across the three days of the conference, held at ExCel in London from June 20-22.

Chris Green | 23^rd May 2023

It’s time to make your plans to join us in Nashville, Tennessee, with five visionary keynotes announced alongside industry-leading education, new career resources, exhibitor showcases and much more.

Joe Fay | 23^rd May 2023

US DoJ offers $10 million reward for ransomware bandit. Spyware firm rewards lobbyists. Bots drive digital fraud. China bans memory chipmaker Micron over “network security” and Taiwan hit with cyber nasty barrage.

John Weiler | 19^th May 2023

WordPress’s Elementor is vulnerable (again), the U.S. Department of Transportation is breached, 5.8 million medical records are posted online after PharMerica incident.

Joe Fay | 16^th May 2023

A week of surprises as a decade long data exposure is revealed in the car industry and Western allies move to shut down Russian malware.

John Weiler | 12^th May 2023

A Russian espionage tool infiltrates 50 countries, updates on the Western Digital breach and over a million patients impacted in NextGen Healthcare breach.

John E. Dunn | 10^th May 2023

AI should be regulated as soon as possible, says most (ISC)² members surveyed. But stopping it – even for a short period – is probably now impossible.

Joe Fay | 9^th May 2023

Former Uber CSO avoids jail time over breach coverup. Cyber insurers lose over act of war exclusion. CISA warns over suspect communications suppliers as Cisco tells customers to ditch vulnerable kit.

Chris Green | 5^th May 2023

(ISC)² Members can earn CPE credits by answering questions based on the articles we have published over the last two months.

John Weiler | 5^th May 2023

T-Mobile is breached again, cyberattacks increase 7% globally and ransomware attacks are hit by inflation.

Chris Green | 4^th May 2023

Nearly 4,000 cybersecurity professionals weighed in and 55% feel Zero Trust is the most impactful to keep organizations secure.

Joe Fay | 3^rd May 2023

Security high on the agenda for the cloud and software supply chain world.

Joe Fay | 2^nd May 2023

U.S. cybersecurity officials point finger at “lying, cheating, stealing” China, while another cybersecurity leader speaks out about “boring” training. E.U. hits fast forward on new legislation. Trend Micro unveils Rapture ransomware while Microsoft unveils rusty Windows.

Chris Green | 29^th April 2023

With cybersecurity policies and regulations developing at speed globally, the call for greater standardization and collaboration is necessary to ensure cybersecurity resilience and shared learning.

John E. Dunn | 28^th April 2023

Quantum computers won’t put PKE in peril imminently, but its potential has altered the course of crypto development, says a panel of experts including Whitfield Diffie, Adi Shamir, Radia Perlman, Anne Dames, and Clifford Cocks.

John Weiler | 28^th April 2023

CISA ramps up security for the 2024 presidential election, climate change could amplify cyberthreats and breaches hit the American Bar Association and Yellow Pages Canada.

Joe Fay | 27^th April 2023

Nathaniel Fick issues stark warning during discussion on cyber diplomacy.

John E. Dunn | 26^th April 2023

Technology has amplified disinformation, polarization and zero-sum politics, Bruce Schneier told RSA conference goers. Addressing this will require new thinking on the nature of democracy.

Joe Fay | 25^th April 2023

Day One of the RSA Conference opened with keynotes diagnosing a security identity crisis, while offering AI, platforms, and big dose of disruption as the cure for what ails the cybersecurity world.

Joe Fay | 25^th April 2023

Europe’s Air Traffic Control (ATC) agency under DDoS attack. Eavesdropping police in the U.K. spared massive fine. Numbers emerge after NCR ransomware attack. Hackers hit gold in secondhand routers.

Joe Fay | 24^th April 2023

The first public test of the U.K. Mobile Emergency Alert System took place on Sunday, encountering issues including complaints from various stakeholder groups, an early start and widespread reports of people not getting the alert at all.

John E. Dunn | 21^st April 2023

Nation state attacks, the rapid evolution of cybersecurity attacks and the technology behind them pose a sustained risk to the U.K. and its allies unless new defensive capabilities are brought to the fore.

John Weiler | 21^st April 2023

Australia’s deepening cybercrime crisis, an alarming surge in ransomware attacks and a multi-agency warning to organizations about their network infrastructure.

John E. Dunn | 20^th April 2023

Russian cybercriminals with little sense of restraint are probing the U.K.’s critical infrastructure (CNI) for future large-scale cyberattacks, the government has warned.

Joe Fay | 11^th April 2023

Apple plugs security holes for Easter as cops bring Genesis to an end. The UK fines TikTok over underage data use. DDoS attacks surge and cybersecurity professionals keep quiet over breaches.

Joe Fay | 19^th April 2023

CISA, NSA, NCSC, the rest of the Five Eyes nations, Germany and Holland look to spark an ‘international conversation’ in unprecedented collaboration to improve proactive security-centric development.

Joe Fay | 18^th April 2023

OpenAI implements a new bug bounty program to tighten up security within ChatGPT, Google opens up over security metadata, Gartner advises – think of the humans – and are you using protection when you charge over USB? Someone is!

Joe Fay | 14^th April 2023

Respondents highlight the need for appointing and developing more board-level cybersecurity expertise, while some are concerned that disclosure regulations unintentionally risk helping criminals alongside improving investor transparency.

John Weiler | 14^th April 2023

Companies target sextortion victims, Google Play malware is hawked on dark marketplaces and zero-click spyware infects iPhones.

Joe Fay | 7^th April 2023

Forget SMS 2FA authentication – Twitter and others are making it less attractive by either charging for it or phasing it out altogether. But there’s a better alternative if only tech companies were willing to invest.

John Weiler | 7^th April 2023

The U.S. government takes down another dark web forum, Western Digital suffers a cyberattack and the fastest acting ransomware to date.

Joe Fay | 4^th April 2023

UK government potentially skimps on senior cyber role salary as the NCSC calls for more investment in people, Microsoft talks up the potential for ChatGPT and the US moves to ban spyware.

John E. Dunn | 31^st March 2023

In the latest of several recent announcements, the U.S. body responsible for cybersecurity is making a clear shift towards pre-emptive over reactionary reporting, alerting and advice for organizations.

John Weiler | 31^st March 2023

Microsoft patches the “aCropalypse” vulnerability, ChatGPT leaks users’ billing information and the Latitude Financial breach expands to 14 million records.

John E. Dunn | 29^th March 2023

Anxiety about the security of hot wallets grows as General Bytes customers are hit by a zero-day flaw in the company’s Bitcoin ATMs.

Joe Fay | 28^th March 2023

The U.K. writes a cybersecurity prescription for the NHS, security specialist MITRE partners up to tackle supply chain security threats, while the E.U. turns its cyber attention to transport.

John E. Dunn | 24th March 2023

Nobody predicted how rapidly AI chatbots would change perceptions of what is possible. Some worry how it might improve phishing attacks. More likely, experts think, will be its effect on targeting.

John Weiler | 24th March 2023

FBI arrests Breached hacking forum leader, smartphones hijacked without any user involvement and 330,000 customers compromised in Australia by a data breach.

Joe Fay | 23rd March 2023

Italian luxury sports car maker Ferrari has warned its small but extremely wealthy list of customers that their personal information may have been exposed in a “cyber incident.”

Joe Fay | 21st March 2023

KillNet is bad for your health, TikTok facing further bans, ransomware impacts cancer test results, Russia allegedly increasing its cyberwarfare efforts.

WHO | 17th March 2023

The U.K. Online Safety Bill triggers a security rebuke from WhatsApp, the Czech Republic concerned about TikTok, an international law enforcement effort shuts down the NetWire RAT infrastructure, while a study suggests workforce malaise towards reporting security incidents.

John Weiler | 10th March 2023

Mexico timeshare scams, the DoppelPaymer ransomware gang gets busted and a major data leak rocks Oakland, California.

Joe Fay | 8^th March 2023

Whether you want to go deeper into one of your core domains, or dive into an area you’ve not really explored to date, here’s a selection of sessions from our knowledge vault webinars where female experts and industry leaders have shared their insights and experiences that will get you learning AND thinking.

Joe Fay | 7^th March 2023

Cybercrime may have less of a gender issue than cybersecurity, LastPass gives attack update, CISA warns on Royal ransomware gang while WHSmith and DISH Network count the cost after both suffer cyber attacks.

Dave Cartwright, CISSP | 17^th March 2023

The collapse of Silicon Valley Bank is far deeper than a glitch in the financial matrix. Silicon Valley’s favorite banker is a key component for thousands of startups worldwide, including numerous cybersecurity innovators now facing uncertain futures and a possible cashflow crisis!

John Weiler | 17^th March 2023

Cybercriminals pounce on SVB collapse, privacy concerns around ChatGPT and the FBI warns of a rise in crypto scams.

Joe Fay | 14^th March 2023

The U.K. Online Safety Bill triggers a security rebuke from WhatsApp, the Czech Republic concerned about TikTok, an international law enforcement effort shuts down the NetWire RAT infrastructure, while a study suggests workforce malaise towards reporting security incidents.

John Weiler | 10^th March 2023

Mexico timeshare scams, the DoppelPaymer ransomware gang gets busted and a major data leak rocks Oakland, California.

Dave Cartwright, CISSP | 10^th March 2023

We look at the conversation between the U.K.’s postal carrier and the ransomware group that demanded millions from it as cybersecurity professionals worked to recover key systems.

Chris Green | 6^th March 2023

The first (ISC)² News and Insights CPE Credit Quiz of 2023 is now live. Every two months, we publish a 10-question quiz with questions based on some of our editorial content from that period. Successfully passing the quiz earns you two CPE credits.

John Weiler | 3^rd March 2023

Major U.S. government and corporate breaches, the White House enforces TikTok ban and the NCSC issues zero trust guidance.

Joe Fay | 3^rd March 2023

China is ‘most active, and most persistent threat’ as government pinpoints need for a bigger and more diverse cybersecurity workforce to meet the long-term challenge.

Joe Fay | 2^nd March 2023

Workers told to make more use of cyber ranges, conferences and webinars as skills gap just gets bigger.

John E. Dunn | 1^st March 2023

Many people are skeptical about the rapid encroachment of artificial intelligence and machine learning into daily life. However, should cybersecurity professionals be more positive about the benefits for the field?

Joe Fay | 28^th February 2023

Not even a pyramid scheme – they just convince people to give away their money.

Joe Fay | 28^th February 2023

Australia to scrap cybersecurity rules as part of a new regime, ransoms bankroll further ransomware attacks, Dole and PyPi attacked, while the European Commission calls time on TikTok.

John Weiler | 24^th February 2023

An FBI cyber incident, GoDaddy’s third breach in three years and an NHS data leak highlight a week of major cybersecurity events.

John E. Dunn | 24^th February 2023

Forget vanilla phishing attacks – cybercriminals today have much more interesting tricks up their sleeves.

Chris Green | 23^rd February 2023

Practitioners from across the cybersecurity industry and the (ISC)² member community are invited to submit their session proposals as the cyber world begins its journey to Nashville.

Joe Fay | 22^nd February 2023

Financial services giant Aviva’s recently acquired subsidiary Succession Wealth has been hit by a cyberattack, leaving it trying to assess the impact on a customer base which includes sports and entertainment professionals.

Joe Fay | 21^st February 2023

Think tank warns as economic, political, and cybersecurity risks collide. Accenture heads to Brazil, quantum security firm Sandbox fills up on cash and Biden loses cyber director.

Joe Fay | 17^th February 2023

Resiliency is the endgame of the U.S. approach to internet and software security.

John E. Dunn | 16^th February 2023

Cybersecurity will defy the tech recession hurting other job roles in 2023, (ISC)² c-suite survey suggests.

Joe Fay | 15^th February 2023

NHS still recovering from ransomware incidents. Network firm employee confesses to data extortion, as U.S. cyber ambassador admits their Twitter account was hacked as the President turns to industry leaders to advise him.

John E. Dunn | 14^th February 2023

In a fully digital world, organizations are no longer isolated islands. It seems the profession is finally coming to terms with the dark possibilities.

John Weiler | 10^th February 2023

Cyberattacks wreak havoc on the U.K., LockBit brings big business to its knees and a massive VMware ransomware campaign.

John E. Dunn | 8^th February 2023

It’s been nearly seven years since the 1.1 revision of NIST’s Cybersecurity Framework. What might be coming in version 2.0?

John E. Dunn | 8^th February 2023

The industry is taking a fresh look at the security around multi-factor authentication (MFA) in the face of recent bypass attacks.

Joe Fay | 7^th February 2023

Derivatives traders, trainer trainers, and finger lickers all hit by #ransomware. Russian hackers lash out after Ukraine tanks deal. Apple patches decade old devices.

John Weiler | 3^rd February 2023

Cybercriminals for hire, Hive ransomware is busted and the JD Sports breach impacts millions of sportswear buyers.

Joe Fay | 30^th January 2023

The high-profile U.K. ransomware incident continues to cause disruption, as Royal Mail’s CEO confirmed to MPs that the crippling of its ability to send parcels and letters abroad was down to an ongoing cyberattack.

John Weiler | 27^th January 2023

Alerts from national cybersecurity agencies, gaming developer attacks and the Mailchimp/FanDuel breach.

Joe Fay | 27^th January 2023

The international event began as Data Protection Day in Europe in 2007, under the auspices of the Council of Europe, and has since been taken up in the U.S. and other countries.

John Weiler | 20^th January 2023

TikTok is fined for a privacy violation, major corporations suffer breaches and Vice Society attacks another school.

John Weiler | 9^th December 2022

Chinese actors attack North America, Cuba ransomware and vendors start their predictions for 2023.

(ISC)² Staff | 9^th December 2022

Raymond Pompon is a CISSP who believes in the power of mentoring to transform not just a protégé’s career but the mentor’s as well.

(ISC)² Staff | 5^th December 2022

All cybersecurity roles require a core set of essential skills that demand more than technical knowledge. Research has highlighted the many non-technical skills professionals bring to the table.

John Weiler | 28^th October 2022

Tech giant vulnerabilities, menacing malware and child abductions via rideshare apps.

(ISC)² Staff | 25^th October 2022

Additional insights into the bylaws amendment documentation to address member questions.

(ISC)² Staff | 21^st October 2022

Ransomware derails big businesses as the Australian cyberattack spree and student loan forgiveness scams.

(ISC)² Staff | 10^th October 2022

This month marks a major milestone for 50 (ISC)² chapters celebrating their 10th anniversary as an official chapter.

(ISC)² Staff | 29^th September 2022

2,700 have passed the (ISC)² Certified in Cybersecurity exam, with more than 53,000 more people registered to follow suit.

(ISC)² Staff | 22^nd September 2022

The deadline is approaching, your voice can make a difference in protecting privacy.