Infosecurity Voice

RSSSubscribe to this blog
About Author

(ISC)² is the largest membership body of information security professionals with over 87,000 Certified members across 135 countries, and is responsible for the gold standard CISSP© certification. In the EMEA region, it has over 13,500 members. This blog is written by John Colley and Richard Nealon, as co-chairs for the (ISC)² Europe Middle East and Africa advisory Board. Both have over 20 years of industry experience and are long-time advocates of the information security profession.

Contact Author

Email (ISC)²

Twitter Profile

Linked-in Profile


Recent Posts

Why healthcare urgently needs certified security professionals

Data privacy governance in healthcare can quickly become a labyrinth.

Information security risks in healthcare are growing as ever greater use is made of information technology to improve care outcomes. While there are undoubtedly medical benefits to increased sharing of medical information, given the number and diversity of healthcare organisations,...

Security's biggest challenge is the unknown

Defeating cyber-criminals demands that we train more and better professionals

Defeating cyber-criminals demands that we train more and better professionals The complexity and variety of security attacks/breaches are growing at a phenomenal pace. Recently, we heard that Yahoo malware is turning PCs into bitcoin miners.  It is becoming increasingly clear...

Should tablets come with content warnings?

Tablets are portals to trouble

The tablet computer topped the Christmas list for children this year. My 7 and 9 year old both asked for an iPad Mini as did many of their friends. I managed to resist, extolling the virtues of the latest hand-held...

Cybersecurity 2014 - human defences hold the key

The demand for skilled security professionals will only grow

The demand for skilled security professionals will only grow The data breaches that took place in 2013 were game-changing in their size and scope. Adobe reported the compromise of over 38 million users, Chinese hackers cracked into the systems of...

Cybersecurity 2014 - human defences hold the key

The demand for skilled security professionals will only grow

The demand for skilled security professionals will only grow The data breaches that took place in 2013 were game-changing in their size and scope. Adobe reported the compromise of over 38 million users, Chinese hackers cracked into the systems of...

It's time to help EU legislators catch up

Infosec professionals can help shape EU data protection

The EU's draft data protection legislation represents a great effort on the part of governments to recognise and control information security risk. With this, the EU’s cyber security strategy has woken up to the risks that citizens and businesses face...

Governance, risk management and compliance are not enough on their own

Effective security also needs staffing and careful thought

Senior security executives need the time and freedom to take a comprehensive view of security across the spectrum, especially from a staffing and talent development standpoint. Without an influx of new talent and professional development of existing personnel in the...

What did the detention of David Miranda achieve?

The physical transport of data shouldn't matter. But sometimes it does.

The recent detention of David Miranda, partner of The Guardian newspaper journalist Glenn Greenwald, has created yet another furore, instigating much indignation and re-igniting the debate on the ethics of Prism. From a purely technical standpoint, it begs the question;...

Will the Government's cyber-security audits really make a difference?

Cyber-auditing FTSE 350 firms sound like a good idea but questions remain

Recently there have been a spate of government initiatives around cyber security; the Home Office’s £4 million investment in cyber-security awareness, GCHQ’s cyber-incident response scheme, and the cyber-health check for all FTSE 350 companies by way of cyber audits....

What's gone wrong with university computer science?

Fragmented courses, low awareness of security, high graduate unemployment

As an IT consultant, I’m frequently surprised by a lack of appreciation for the fundamentals of security within both IT development and operations. This is highlighted by the Top 10 web application vulnerabilities published by the OWASP project. Despite being...