Government

Getting Started on the California Consumer Privacy Act

by Paul Lanois, SSCP, CIPP, CIPT, CIPM, Member of the (ISC)² Advisory Council of North America Privacy Working Group If you have spent any amount of time online recently, then it is extremely likely that you have already heard about the General Data Protection Regulation (the “GDPR”), the European regulation which came into effect on May 25, 2018 and which governs data protection or individuals which have their personal data processed or stored by an organization within the European Economic Area (EEA). Meanwhile, information management professionals are likely to remain very busy in the coming months with the upcoming California…

The Collaborative Alliance to Develop New Cybersecurity Council and Professional Recognition as part of the UK’s National Cybersecurity Strategy

(ISC)² is a member of The Collaborative Alliance for Cybersecurity, a consortium of organisations that represent a substantial part of the cybersecurity community in the UK. As part of the Alliance, we will be participating in the design and delivery of the new UK Cyber Security Council on behalf of the Department for Digital, Culture, Media & Sport (DCMS). The Alliance, with the Institution of Engineering and Technology (IET) nominated as lead organisation, was selected following a competitive grant competition by DCMS. The Collaborative Alliance for Cybersecurity brings stakeholders together in the interest of advancing a healthy cybersecurity workforce for…

(ISC)² Meeting with Department of Commerce to Discuss Cybersecurity Workforce Issues

Part of (ISC)²’s role in the cybersecurity industry includes representing its members in legislative matters to ensure that we’re advocating for the profession and providing guidance to government leaders on new policies that may be championed. On Wednesday, August 14, (ISC)² Director of Cybersecurity Advocacy John McCumber will meet with The U.S. Senate Committee on Commerce, Science and Transportation to discuss the findings of the (ISC)² Cybersecurity Workforce Study and its implications on cybersecurity workforce advancement that the U.S. government might spearhead in collaboration with the private sector. This type of input session will help to inform the committee during…

GDPR – One Year On

by Dr. Sanjana Mehta, Head of Market Research Strategy – EMEA May 25 marks the first anniversary since the European Union’s General Data Protection Regulation (GDPR) came into force. After a two-year preparation process, the regulation came into effect a year ago tomorrow, harmonizing data security, data protection, data retention and data usage laws across the EU member states. It also has significant ramifications for companies outside the EU that hold personal information relating to EU citizens and organizations. Failure to comply with the GDPR can and will result in fines and other legal sanctions. The GDPR has already had…

GDPR – One Year On

by Dr. Sanjana Mehta, Head of Market Research Strategy – EMEA May 25 marks the first anniversary since the European Union’s General Data Protection Regulation (GDPR) came into force. After a two-year preparation process, the regulation came into effect a year ago tomorrow, harmonizing data security, data protection, data retention and data usage laws across the EU member states. It also has significant ramifications for companies outside the EU that hold personal information relating to EU citizens and organizations. Failure to comply with the GDPR can and will result in fines and other legal sanctions. The GDPR has already had…

(ISC)² Provides Insight to Congressional Subcommittee on Diversification in the Cybersecurity Workforce

On May 21, (ISC)² COO Wesley Simpson was invited to join a panel of experts for testimony in front of the U.S. House of Representatives Committee on Homeland Security. The hearing, titled “Growing and Diversifying the Cyber Talent Pipeline” was a forum for committee members to ask witnesses for their observations and input on methods for growing the U.S. cybersecurity workforce and also for encouraging more minorities to join the profession. Mr. Simpson was joined on the panel by three other witnesses representing Grambling State University, The National Cybersecurity Institute at Excelsior College and McAfee. (ISC)² was approached by the…

(ISC)² Provides Insight to Congressional Subcommittee on Diversification in the Cybersecurity Workforce

On May 21, (ISC)² COO Wesley Simpson was invited to join a panel of experts for testimony in front of the U.S. House of Representatives Committee on Homeland Security. The hearing, titled “Growing and Diversifying the Cyber Talent Pipeline” was a forum for committee members to ask witnesses for their observations and input on methods for growing the U.S. cybersecurity workforce and also for encouraging more minorities to join the profession. Mr. Simpson was joined on the panel by three other witnesses representing Grambling State University, The National Cybersecurity Institute at Excelsior College and McAfee. (ISC)² was approached by the…

Right-to-Repair: Good or Bad for Cybersecurity?

A debate is raging over who has the right to repair electronic equipment without voiding manufacturers’ warranties. On one side, companies such as Apple, Lexmark and Verizon are seeking to quash “right-to-repair” legislation; on the other, supporters of right of repair initiatives are accusing the tech industry of scare tactics. At issue is whether right-to-repair laws may impact cybersecurity considerations. Manufacturers argue cybersecurity would suffer by allowing unauthorized individuals to repair devices, however many cybersecurity professionals consider this claim an overreach. On May 2, cybersecurity advocacy group Securepairs.org issued a statement strongly supporting right-to-repair efforts. Declaring that “fixable stuff is…