In this article we look at the PCI DSS requirement for secure software development and why it is important, not just to achieve compliance, but to help prevent breaches and protect payment card information and other sensitive customer information.        NOTE - PCI DSS update from V3.2.1 to V4.0: Changes in version V4.0 relating to Training for Software Development Personnel The training of software developers elements (previously Requirement 6.5 in V3.2.1) have been updated and restructured under Requirement 6.2.2 in PCI DSS v4. These changes ensure that the standard continues to be current

The annual (ISC)² Cybersecurity Workforce Study assesses the size of the cybersecurity workforce, the demand for skilled individuals, and the shortfall in available talent. The 2022 (ISC)² Cybersecurity Workforce Study reveals that despite the number of cybersecurity professionals increasing, demand far exceeds supply and the workforce gap continues to grow. The study shows that the workforce has grown to 4.7 million, up 11% from a year ago, but the workforce gap has also increased - from 2.7 million to 3.4 million. The report provides insights for organisations on how they

The recent study “Digital Perseverance and Growth: A SMB Study by Vodafone and Microsoft Ireland” highlights the critical role that digitisation places achieving business goals. Evidence shows that some of the benefits of digital adoption include productivity improvements, development of export markets, and increased customer satisfaction. The report also highlights the need for SMBs to increase their investment and training in cybersecurity to protect the business from financial and reputational damage. Almost half of the 250 SMBs that participated in the study reported that they had experienced a cybersecurity breach in

We have updated the Mind Map to reflect the refreshed CISSP Exam Outline effective June 1, 2022. This resource is designed to help students when studying for the CISSP exam.  Use the mind map as a visual guide when reviewing the CISSP domains.   Read more information and find out more about  the next scheduled dates for (ISC)² Official Certified Information Systems Security Professional (CISSP) CBK Training Seminar.  Remember that all (ISC)² members are eligible for a 10% discount – available until registration deadline.   Click on the image or HERE to view the

In this article we look at what training is required to comply with PCI DSS and why it is important, not just to achieve compliance, but to protect payment card information.   Organisations that accept payment cards must understand and comply with Payment Card Industry (PCI) Data Security Standards. These standards, developed by the PCI Security Standards Council, made up of American Express, Discover Financial Services, JCB International, MasterCard and Visa, are designed to ensure that cardholder data is processed, stored, and transmitted securely and protected from misuse and fraud. What training is

(ISC)² has launched a new initiative - (ISC)² Candidate. (ISC)² Candidate has been created for  those interested in pursuing an (ISC)² certification or a career in cybersecurity. It offers access to many of the benefits and resources that (ISC)² certified members and Associates of (ISC)² enjoy – but with no exam or  work experience required. These benefits include - (ISC)² member pricing for pre-conference training ahead of (ISC)² Security Congress Access to the award-winning (ISC)² webinar channels Think Tank, Security Briefings, Knowledge Vault and sessions from previous (ISC)² Security Congress conferences (ISC)²

Fabio Cerullo will be delivering a highly interactive session on Web Application Security Essentials at OWASP 2022 Global AppSec San Francisco This  training has been updated to align with the recent changes to the OWASP Top 10 2021 – the world-renowned reference document that details the most critical security risks to web applications. This ensures that the course provides the most up to date knowledge for attendees. The course provides the knowledge and resources required to evaluate the security of web applications. The participants, through the understanding of theory and a strong

  As part of the Enterprise Nation Go and Grow Online Series, Richard Nealon delivered a session called “How to protect your customers and your business when selling online”.  This presentation is designed for small business owners who want to understand how to protect themselves and their customers when selling products and services online. Click here to watch the presentation   Learn more about:​ Good practice to reduce risk (technical and process) Tips for transparency with your customer Your legal and ethical responsibilities   About Richard Nealon In this Go and Grow session, Richard Nealon draws on

Learn about Web Application Security Web applications have changed the way businesses and customers interact online. From streamlining business processes to enabling online interactions, web applications have transformed online user experience and enabled better communication between businesses and their customers. This comes with additional risk making web application security a priority.   What are web applications? What is web application security? Why is web application security important? What is a web application vulnerability? How are web applications attacked? What are common ways that attackers exploit vulnerabilities? How can web application vulnerabilities be

The Chief Information Security Officer (CISO) is the senior-level role that oversees the development, implementation, and operation of the organisation’s security program. The CISO works with other senior management to align security initiatives with the overall business objectives and to manage risks that may threaten the organisation achieving its goals. Filling a CISO role can be challenging for many organisations. A vCISO can be the answer, but finding the right vCISO is essential.  Cybersecurity is a top priority for organisations. The frequency and sophistication of cyberattacks have increased business risk. Specialist