(ISC)2 wants U.S. CISOs to empower staff and widen training

“It is critical to distinguish between, and address the needs of, both the cyber workforce and the general workforce,” said the International Information Systems Security Certification Consortium (known as (ISC)2), the largest US member organization for IT security professionals said in a letter released Monday in a letter to the newly minted U.S. CISO Greg Touhill.

Should companies be fined for not doing cyber security basics?

The big headline-grabber about the General Data Protection Regulation (GDPR), set to come into force in 2018, is the huge fine that can be imposed on companies that have failed to comply with the legislation. The GDPR, which replaces the 1995 Data Protection Directive, sets the maximum fine for a single breach of GDPR at the greater of €20 million or 4 percent of annual global revenue.