ISACA recently awarded the 30,000th CISM certification to Martin van der Voort, CISM, CISSP, CEH, of Leusden, The Netherlands, a security officer with NEH ICT Solutions BV. Since its introduction in 2002, the CISM credential has become recognized and adopted worldwide as a symbol of excellence for information security professionals. ISACA and Martin recently discussed his personal achievement of earning CISM certification and CISM’s 30,000th milestone.
ISACA Now: How does it feel to be the 30,000th person to earn a CISM certification?Martin: It is an honor to be a member of an elite group of professionals with an international certification in information security management.
Cybercrime is so rampant today that even as the director and chief examiner for Digital Forensics Inc., I am not immune. In fact, last year’s data breach of the US Office of Personnel Management (OPM) made me a poster child for cybercrime. That hack exposed the data of more than 18 million former and current government employees, including me, a former National Security Agency cryptologist. To make matters worse, the OPM data is now rumored to be in the hands of ISIS.
The OPM hack is just one example, and many more appear daily—a seemingly unstoppable cavalcade of cyber horror that could easily make a cybersecurity professional scream, “THE SKY IS FALLING!” Unfortunately, for many organizations, the sky IS falling. Think Target, TJ Maxx, Ashley Madison, TalkTalk, Sony Pictures and VTech. I could go on.
“The art of communication is the language of leadership.” James Humes
Good interpersonal skills are the hallmark of all great leaders. There is no leadership without effective communication. And those who possess the art of delivering thoughts and ideas in meaningful and befitting ways are those who are most successful.
No academic discourse or any business degree can teach you how to become a skillful communicator. It is self-taught and learned by exposing oneself to situations where interpersonal skills are tested the most. Regardless of which leadership style CEOs and managers adopt or have, delivering the right communication is a different matter altogether.
With the pending European Union’s (EU) General Data Protection Regulation (GDPR) set to have major implications on not only European organizations, but all companies operating globally, the ISACA-supported global Data Privacy Day (DPD) on 28 January is as relevant as ever.
The GDPR would impose severe penalties on companies that fail to comply with strict data protection requirements. It is designed to strengthen and unify data protection for EU residents, and addresses the export of personal data outside the EU. The European Commission's goals for the GDPR were to give citizens control of their personal data and simplify the regulatory environment for international business.
How can an organization make it difficult enough for an attacker that they dissuade or prevent an attack? Time-wise? Cost-wise? Potential profit-wise?
In Flipping the Economics of Attacks, sponsored by Palo Alto and conducted by Ponemon Institute, threat experts in the United States, United Kingdom and Germany were surveyed about what motivates attackers. The research revealed that most attackers are in it for the money.
To fight back against adversaries enterprises need to harden their organizations so it takes attackers longer to achieve their mission. Most malicious attackers are opportunistic when choosing a particular organization to attack and will quit the attack when the targeted organization presents a strong defense. Specifically, the majority of attacks can be stopped if more than about two days are needed for a successful attack.
This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.
The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.
Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.
To volunteer to write a blog or suggest a topic send an email here.