The IT Certification Resource Center

Featured Deal

Get CompTIA, Cisco, or Microsoft training courses free for a week.
Learn More ❯

CTO of Information Security and Forensics Management Team Examines Top Cyberthreats

Leighton Johnson to present at ISRM North America, 19-21 September, Las Vegas

Rolling Meadows, Illinois, USA (7 September 2011)—Cybersecurity incidents are major concerns for enterprises and governments worldwide. Data breaches are expected to account for US $130.1 billion in global corporate losses this year, according to the Ponemon Institute.

Leighton Johnson, CISA, CISM, chief technology officer for Information Security and Forensics Management Team (ISFMT), cautions that there is a rise in threats and enterprises need to be prepared before cybercriminals strike. In his presentation titled “Emerging Threats and Trends in Cyber Security,” to be held at ISACA’s Information Security and Risk Management (ISRM) Conference, in Las Vegas, Nevada, USA, from 19-21 September 2011, Johnson will explain the latest cybersecurity threats; define the current trends across the Internet; discuss network vulnerabilities; and provide tools, techniques, and tactics to combat threats.

According to Johnson, threats to the information security landscape are:
•    Data breaches
•    Identity theft
•    Web 2.0 attacks
•    Targeted messaging attacks
•    Botnets—computers connected to the Internet that are, sometimes unkown to the owner, used maliciously
•    Rootkits—malicious software that enables privileged access to a computer
•    Logic bombs—a code that lies dormant in a software system that sets off a malicious function when specified conditions are met

Phishing e-mails are the most common attack method, Johnson says, and combating them requires a varied approach that includes user awareness and training, effective response capability and message filters.

At ISRM, ISACA, a nonprofit association serving 95,000 IT governance, audit and security professionals in 160 countries, will feature the latest guidance to help business leaders and IT professionals protect their enterprises’ information systems. Johnson will also present “Incident Response for Cyber-based Events.”

Johnson notes that each threat and attack is different, and should be considered independently. “To effectively combat attacks, gather a team of well-trained experts to develop the best approach possible and document, document, document,” he advised. “Internally, you need to be sure your filtering methods and incident response capabilities are up to date and efficient.”

Details on all of the topics at IRSM North America are at

With 95,000 constituents in 160 countries, ISACA® is a leading global provider of knowledge, certifications, community, advocacy, and education on information systems (IS) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance. Founded in 1969, the nonprofit, independent ISACA hosts international conferences, publishes the ISACA® Journal, and develops international IS auditing and control standards, which help its constituents ensure trust in, and value from, information systems. It also advances and attests IT skills and knowledge through the globally respected Certified Information Systems Auditor® (CISA®), Certified Information Security Manager® (CISM®), Certified in the Governance of Enterprise IT® (CGEIT®) and Certified in Risk and Information Systems Control™ (CRISC™) designations. ISACA continually updates COBIT®, which helps IT professionals and enterprise leaders fulfill their IT governance and management responsibilities, particularly in the areas of assurance, security, risk and control, and deliver value to the business.