Category: (ISC)² Blog

This article has been indexed from (ISC)² Blog The importance of apps to businesses Software applications (apps) are at the heart of modern business success and have transformed the way companies handle their operations. A well designed and developed app…

Read more →

This article has been indexed from (ISC)² Blog The vast majority of cybersecurity chiefs (93%) do not report to the CEO, according to a recently published report. As a result, a lack of communication between the C-suite and cybersecurity leaders…

Read more →

This article has been indexed from (ISC)² Blog The (ISC)² Global Achievement Awards (GAA) recognize individuals who have significantly impacted the cybersecurity community. Recognizing these winners and learning about their contributions helps to inspire a safer and more secure cyber…

Read more →

This article has been indexed from (ISC)² Blog READY for What’s New at (ISC)² Security Congress in 2021? Cybersecurity professionals are facing some of the toughest challenges of their careers. The shift to remote work has been sudden and wide-ranging.…

Read more →

This article has been indexed from (ISC)² Blog READY for What’s New at (ISC)² Security Congress in 2021? Cybersecurity professionals are facing some of the toughest challenges of their careers. The shift to remote work has been sudden and wide-ranging.…

Read more →

This article has been indexed from (ISC)² Blog Accelerating Your Security Career Requires More Than Just Paying Attention Many InfoSec professionals have seen so many breaches, whether through personal experience, or in the news, that it becomes apparent that a…

Read more →

This article has been indexed from (ISC)² Blog When it comes to compliance in cybersecurity there are many regulations in play, GDPR, CCPA, HIPAA, to name but a few. Whilst you may have to take a key role in these…

Read more →

This article has been indexed from (ISC)² Blog Organizations have expedited use of and reliance on public cloud services to run their businesses in ways that would have been hard to anticipate, even a few years ago. And for many…

Read more →

This article has been indexed from (ISC)² Blog Cybersecurity professionals are far more likely to hold vendor-specific certificates than certifications from a vendor-neutral association or standards-based organization, according to the (ISC)² Cybersecurity Career Pursuers Study. But when asked which qualifications…

Read more →

This article has been indexed from (ISC)² Blog A Singular Aspect of Risk Management As a security and privacy practitioner, you understand the importance of risk management. Perhaps you are a member of the risk management committee in your organization,…

Read more →

This article has been indexed from (ISC)² Blog Nearly three weeks after (ISC)² made its highly popular Professional Development Institute (PDI) course titled “Ransomware: Identify, Protect, Detect, Recover,” free to the public through July 31, 2021, more than 4,500 professionals…

Read more →

This article has been indexed from (ISC)² Blog A very common complaint among information security professionals is lack of a budget to implement the best security tools. It may be true that recent newsworthy security events have increased many budgets,…

Read more →

This article has been indexed from (ISC)² Blog Is your organization protected with a stronger cloud security posture from new concepts and technologies like Zero Trust, micro segmentation, containerization and microservices? With Certified Cloud Security Professional (CCSP) training, cybersecurity teams…

Read more →

This article has been indexed from (ISC)² Blog Last year was a first for (ISC)² Security Congress, as our conference took place entirely virtually. The COVID-19 pandemic forced nearly all events in 2020 to go virtual and we’re excited to…

Read more →

This article has been indexed from (ISC)² Blog The Bean Counters Many years ago, a car was manufactured with a design flaw resulting in the gas tank catching fire when the car was struck from behind. Many deaths stemmed from…

Read more →

This article has been indexed from (ISC)² Blog The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP…

Read more →

This article has been indexed from (ISC)² Blog The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP…

Read more →

This article has been indexed from (ISC)² Blog Clar Rosso, (ISC)² CEO recently joined a roundtable of experts in an (ISC)² Think Tank webinar to highlight why it’s so important to the cybersecurity industry to focus on Diversity, Equity and…

Read more →

This article has been indexed from (ISC)² Blog Earlier this week, (ISC)² announced that the DoD approved both the HCISPP and CCSP certifications to its DoD 8570 Approved Baseline Certifications table on the DoD Cyber Exchange website. Why does this…

Read more →

This article has been indexed from (ISC)² Blog As we close out #RansomwareWeek here on the (ISC)² blog, a timely piece of news comes from The National Institute of Standards and Technology (NIST) in the form of new draft guidance…

Read more →

This article has been indexed from (ISC)² Blog As #RansomwareWeek draws to a close here on the (ISC)² blog, we turn our attention to how organizations can defend themselves. Yesterday, we announced that (ISC)² has granted free access to its…

Read more →

This article has been indexed from (ISC)² Blog In conjunction with #RansomwareWeek, today (ISC)² announced that its popular Professional Development Institute (PDI) course titled “Ransomware: Identify, Protect, Detect, Recover,” is now free to the public through July 31, 2021. (ISC)²…

Read more →

This article has been indexed from (ISC)² Blog As a security practitioner, perhaps you have found yourself in meetings about Risk Management. Or, perhaps, you are part of the incident response team, where you are responsible for everything from preparation,…

Read more →

This article has been indexed from (ISC)² Blog Welcome to #RansomwareWeek on the (ISC)² Blog. Ransomware attacks are receiving increased exposure in global news coverage with recent high-profile incidents at SolarWinds and Colonial Pipeline. These events have prompted many companies…

Read more →

This article has been indexed from (ISC)² Blog Welcome back to #RansomwareWeek here on the (ISC)² Blog! Today we’re linking you up with eight episodes from the award-winning (ISC)² webinar program that touch on ransomware and cover the key components…

Read more →

This article has been indexed from (ISC)² Blog Cloud security skills can be seen as very similar to the security skills for any on-premises data center. But in many instances, organizations are learning that their familiar applications cannot simply be…

Read more →

This article has been indexed from (ISC)² Blog Way back in 1975, two members of the Institute of Electrical and Electronics Engineers (IEEE) authored a report about how to protect computer systems. One of the recommendations in the report by…

Read more →

This article has been indexed from (ISC)² Blog Pseudonymization is a de-identification process that has gained traction due to the adoption of GDPR, where it is referenced as a security and data protection by design mechanism. The application of pseudonymization…

Read more →

This article has been indexed from (ISC)² Blog (ISC)² regularly conducts Job Task Analysis (JTA) studies to review and update the content outline (or exam blueprint) of its certification examinations. A JTA is the methodical process used to determine tasks…

Read more →

This article has been indexed from (ISC)² Blog Today’s cybersecurity skills shortage is threatening safe cloud adoption – and cloud security is the No. 1 area most impacted by the shortfall. To help fill the gaps, more professionals are expanding…

Read more →

This article has been indexed from (ISC)² Blog Are you looking for a space to connect with your peers in the cybersecurity industry? (ISC)² Community connects you to a global network of cybersecurity professionals through an interactive and engaging platform.…

Read more →

This article has been indexed from (ISC)² Blog Tricky Business Software development is a tricky business. When you think of all that can go wrong, the possibilities can be overwhelming. From coding errors, to borrowed libraries, to myriad other causes,…

Read more →

This article has been indexed from (ISC)² Blog Faced with significant obstacles to build their cybersecurity teams, organizations increasingly are looking within to find transferrable talent for cybersecurity roles. It’s a practice strongly endorsed by (ISC)² in the recently published…

Read more →

This article has been indexed from (ISC)² Blog The annual (ISC)² Cybersecurity Workforce Survey is now open. Your participation is vital for this influential benchmarking study used by organizations, governments and the media worldwide to advance conversations centered on closing…

Read more →

This article has been indexed from (ISC)² Blog The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP…

Read more →

This article has been indexed from (ISC)² Blog The Professional Development Institute (PDI) is expanding with three new express learning courses: Risk Fundamentals, Forensic Data Acquisitions and Securing the Remote Work Force. These new offerings are self-paced courses separated into…

Read more →

This article has been indexed from (ISC)² Blog Registration for the 11th annual (ISC)² Security Congress is now open! The renowned global three-day conference, focused on continuing education for cybersecurity professionals and information security specialists, will be hosted as a…

Read more →

This article has been indexed from (ISC)² Blog While spending on security technologies continues to increase, organizations are still fighting an uphill battle against cyber attacks. The primary reason is that the personnel needed to defend organizations is extremely scarce.…

Read more →

This article has been indexed from (ISC)² Blog On February 28, 2021, (ISC)² concluded a pilot test that assessed the feasibility of online proctoring for exams that are an essential part of our nine certification programs. Online examinations for the…

Read more →

This article has been indexed from (ISC)² Blog The world will never be the same, and neither will cybersecurity. This past year changed everything. Or did it? Help us better understand the current state of the cybersecurity profession. We need…

Read more →

This article has been indexed from (ISC)² Blog Security Without Regulatory Muscle As a security practitioner, you may have worked in an industry that was not affected by any regulatory authority. There was a time when security was not driven…

Read more →

This article has been indexed from (ISC)² Blog The Language of Profit and Loss Security professionals spend a lot of time honing their area of expertise. Your strength could be in packet analysis, or programming…maybe you are at your best…

Read more →

This article has been indexed from (ISC)² Blog People looking to get into the cybersecurity field generally demonstrate a solid understanding of the threats facing organizations, according to new research from (ISC)². Yet, they don’t necessarily have the correct expectations…

Read more →

This article has been indexed from (ISC)² Blog The annual (ISC)² Cybersecurity Workforce Survey needs your experience and opinions to help shape the conversation. As we find ourselves more than one year into a global pandemic, we want to accurately…

Read more →

This article has been indexed from (ISC)² Blog Should you adopt the default security configuration from your Cloud Service Provider to avoid a misconfiguration incident? If you do, proceed with caution. Some default settings may not be required in your…

Read more →

This article has been indexed from (ISC)² Blog Commonly used cybersecurity terms such as “blacklisting” and “whitelisting” may be discontinued if the National Institute of Standards and Technologies (NIST) efforts are successful. The agency wants to eliminate terms with problematic…

Read more →

This article has been indexed from (ISC)² Blog An interesting take-away from the (ISC)2 Cybersecurity Career Pursuers Study is what cybersecurity professionals told us were the most important technical skills for those looking for their first cybersecurity job. When current…

Read more →

This article has been indexed from (ISC)² Blog The Power of Positive Thinking Remember the early days of software programming? There were stories about the solitary programmer, toiling late into the night, (and into the next days and nights), working…

Read more →

This article has been indexed from (ISC)² Blog (ISC)² Webinars are an opportunity to take part in active, educational and engaging sessions delivering up-to-date knowledge from cybersecurity experts. Experienced and vetted professionals lead discussions on industry-relevant topics with four to…

Read more →

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP professional. Those doors lead to many different types…

Read more →

(ISC)² regularly conducts Job Task Analysis (JTA) studies to review and update the content outline (or exam blueprint) of its credentialing examinations. A JTA is the methodical process used to determine tasks that are performed by credential holders and knowledge…

Read more →

Read the original article: Keeping Excess Out of Access How Much Access is Too Much? Many security practitioners grapple with the problem of their colleagues demanding too much access to network resources. Sometimes, it is not just people who request…

Read more →

Read the original article: Report: (ISC)2 Cybersecurity Career Pursuers Study Provides Insights From Professionals and Jobseekers to Highlight What Security Jobs Actually Entail Organizations looking to build cybersecurity teams by attempting to recruit “all stars” need to reevaluate their strategy…

Read more →

Read the original article: Report: (ISC)2 Cybersecurity Career Pursuers Study Provides Insights From Professionals and Jobseekers to Highlight What Security Jobs Actually Entail Organizations looking to build cybersecurity teams by attempting to recruit “all stars” need to reevaluate their strategy…

Read more →

Read the original article: These Roles Require Cybersecurity Training With data breach rates rising and criminal attack methods becoming more sophisticated each day, it is essential for every organization to take security seriously. That means cybersecurity training and education so…

Read more →

Read the original article: Cyber Threats: The Financial System’s Top Risk With cyber attacks against financial and banking institutions now a daily occurrence, cyber threats have become the biggest risk to the global financial system, according to Federal Reserve Chairman…

Read more →

Read the original article: Evolving Identity: Why Legacy IAM May Not Be Fit for Purpose A Fun Science Fact Are you familiar with the often misquoted study about how every cell in the human body is replaced around every seven…

Read more →

Read the original article: The Delicate Balance of Security Versus Usability Why Does This Have to Be So Hard? As a security practitioner, how often have you heard the refrain from your colleagues that one of the security protocols that…

Read more →

Read the original article: IBM X-Force: Ransomware Was the Preferred Attack Method in 2020 In 2020, ransomware was the most widely-used method of delivering cyber attacks, accounting for 23% of security events handled by the IBM Security X-Force. One attack…

Read more →

Read the original article: Building Cyber Resilience in a Cloudy World Last year taught us a valuable lesson: Always be prepared for the unknown. In a cybersecurity context, fostering resilience requires thinking of all possible scenarios – even if they…

Read more →

Read the original article: Updates to the (ISC)² CAP Exam. What is Changing? Earlier this year, we announced an upcoming update to the Certified Authorization Professional (CAP) certification. This (ISC)² certification exam will be updating on August 15, 2021. During…

Read more →

Read the original article: Wanted: Software Developers with a Security Mindset The modern software developer faces an enormous amount of challenges. From continuously creating innovative apps to ensuring high quality and meeting tight deadlines, developers need to cope with many…

Read more →

Read the original article: Deadline is Extended for 2021(ISC)² Global Achievement Awards Nominations! Haven’t had a chance to nominate a colleague, peer or mentor yet for the Global Achievement Awards? Great news, the deadline has been extended to April 23!…

Read more →

Read the original article: Hush – This Data Is Secret Is There Ever Too Much Data? As a security practitioner, you know that businesses are fuelled not only by people but by data. Years ago, the phrase “Big Data” was…

Read more →

Read the original article: Under the Hood: Inside (ISC)² Exam Development Cycle Clar Rosso, (ISC)² CEO and Casey Marks, Chief Product Office and VP, (ISC)² recently hosted the latest in our new Inside (ISC)² webinar series, a quarterly series designed…

Read more →

Read the original article: CISSPs from Around the Globe: An Interview with Mari Aoba The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors…

Read more →

Read the original article: So Many Awards, So Little Time Left to Nominate. Complete Your Global Achievement Award Nomination Today! So Many Awards, So Little Time Left to Nominate. Complete Your Global Achievement Award Nomination Today! Do you have a…

Read more →

Read the original article: (ISC)2 and the Creation of the U.K. Cyber Security Council Since the first seed was sown back in 2016, work has been underway to create an independent body to support growth and professionalism within the U.K.’s…

Read more →

Read the original article: FBI: Cybercrime Shot Up in 2020 Amidst Pandemic In 2020, as the world grappled with a fast-spreading global pandemic, the FBI received more than 2,000 complaints each day, totaling 791,790 for the year. This represents a…

Read more →

Read the original article: Survey: Cybersecurity Community Increasingly Concerned About SolarWinds Breach Few cybersecurity breaches have caused more consternation among industry experts than the far-reaching 2020 attack against SolarWinds. In fact, concern has built up throughout the cybersecurity community as…

Read more →

Read the original article: Why would a lawyer ever need an Information Security Professional? The First Thing We Do, Let’s Kill All the Lawyers The phrase “let’s kill all the lawyers” comes from William Shakespeare’s play, King Henry VI, Part…

Read more →

Read the original article: How To Get It Right With Cybersecurity Training The cybersecurity team can be a challenging one for organizations to keep engaged and happy. Talent is scarce, turnover and burnout rates are high. That’s why employers have…

Read more →

Read the original article: Tips for Building a Career in Cybersecurity from Women Who’ve Been There On March 8, 2021, in celebration of International Women’s Day, five accomplished female security professionals met for a wide-ranging and spirited panel discussion on…

Read more →

Read the original article: Healthcare Security – Security with Life and Death Consequences A Day in the Life Cybersecurity remains one of the most exciting technology jobs and one of the top sought-after positions by many technology professionals. It is…

Read more →

Read the original article: How Cloud Security Certification Can Give Your Career a Buzz Organizations in all industries and sectors are becoming less confident in their cloud security posture because of the complexity involved with multiple cloud environments and the…

Read more →

Read the original article: Positive Interest in STEM: The latest side-effect of the pandemic The measures put in place by governments globally to limit the spread of COVID-19 will leave a variety of permanent marks on the current generation of…

Read more →

Read the original article: Cybersecurity Predictions for 2021 from the (ISC)² Community of Security Professionals (Part 3) By Diana-Lynn Contesti, CISSP-ISSAP, ISSMP, CSSLP, SSCP John Martin, CISSP-ISSAP, CISM Richard Nealon, CISSP-ISSMP, SSCP, SCF In part one of this blog, we…

Read more →

Read the original article: Latest CrowdStrike Global Threat Report Finds Healthcare Orgs in the Social Engineering Crosshairs While the world tried to cope with the COVID-19 pandemic in 2020, behind the scenes cybercriminals were taking advantage of “fear, concern and…

Read more →

Read the original article: 6 Tips to Integrate Security into Agile Application Development The fast and innovative nature of modern business requires enterprises to become competitive and disrupt their markets. The best way to do that is to incorporate agile…

Read more →

Read the original article: Celebrating Women in Cybersecurity and Committing to Diversity, Equity and Inclusion Today is International Women’s Day and what better way to celebrate it than with a glimpse into the careers of four successful women in cybersecurity.…

Read more →

Read the original article: CISSPs from Around the Globe: An Interview with Chris Clinton The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors…

Read more →

Read the original article: What Are the Best Free Cybersecurity Webinars? CISSP trends strong with BrightTALK webinar viewers. BrightTALK, our primary webinar platform, identifies the most popular and trending topics out of more than 100,000 security and technology talks. We…

Read more →

Read the original article: What Are the Phases of an Incident Response Plan? Disaster recovery is now a normal part of business operations. However, before the year 2000, disaster recovery was a “nice to have” addition to a business. Then,…

Read more →

Read the original article: THE HEALTHCARE INTERNET OF THINGS – FOR BETTER OR WORSE By Rema Deo, HCISPP By now, everyone is familiar with the Internet of Things (IoT), an expanding network of physical devices, appliances, and equipment that are…

Read more →

Read the original article: Survey Says: CISSP and CCSP Among the Most In Demand IT Certifications of 2021 The (ISC)² CISSP and CCSP certifications have recently racked up more recognition from global staffing firm Robert Half. The company’s 2021 Technology…

Read more →

Read the original article: Challenges and Misconceptions of Certificate Revocation in PKI By Qamar Peer Bellary Sadiq, CISSP, CCSP Public Key Infrastructure is the most commonly used technology in security space for the purpose of establishing Authentication, Data Integrity, Non-Repudiation,…

Read more →

Read the original article: The Future of Cybersecurity in Higher Education: Four Possible Scenarios A new report by the higher education technology association EDUCAUSE imagines four possible future scenarios of cybersecurity trends in colleges and universities. The report takes into…

Read more →

Read the original article: Global Achievement Awards – What’s new in 2021? Nominations are now open for the (ISC)² Global Achievement Awards. These awards recognize individuals whose excellence, leadership and volunteer efforts have significantly advanced the cybersecurity industry and contributed…

Read more →

Read the original article: Technology and the New Frontier of the Healthcare Industry (The Internet of Medical Things) The New Face of Healthcare Healthcare is currently undergoing a digital transformation that rivals the development of autonomous vehicles in the automobile…

Read more →

Read the original article: How You Can Take The CISSP Exam From Home For a limited time – February 22-28, 2021 – (ISC)² is pilot testing the option to take the CISSP online exam from home. Last year, as the…

Read more →

Read the original article: The Weeds and Flowers of Information Security Why it is essential to have experience – and not JUST to pass the CISSP Growing The Garden of InfoSec Think about your path in information security. It took…

Read more →

Read the original article: Garfield Teaches Hawaii Students how to be Safe and Secure Online The nonprofit Center for Cyber Safety and Education (Center) is providing 1,300 local elementary students with a Garfield-led online safety education program, thanks to a…

Read more →

Read the original article: Responsibility and Accountability in the Cloud: Where Does the Buck Stop? In the early days of cloud computing, many executives became enamored with the idea that they would no longer be responsible for the “headaches” of…

Read more →

Read the original article: How Do I Advance My Career in the Cybersecurity Field? By Mike Privette, CISSP A question I often get asked is, “How do I advance my career in the cybersecurity field?” tl;dr: Figure out for yourself…

Read more →

Read the original article: Cybersecurity Predictions for 2021 from the (ISC)² Community of Security Professionals (Part 2) By Diana-Lynn Contesti, CISSP-ISSAP, ISSMP, CSSLP, SSCP John Martin, CISSP-ISSAP, CISM Richard Nealon, CISSP-ISSMP, SSCP, SCF In part one of this blog series,…

Read more →

Read the original article: Exceptions to Security Policy – What are and how to deal with them? By Yuri Braz, CISSP, CRISC, PMP Information Security, or cybersecurity, has become more relevant every day. One of the main reasons is because…

Read more →

Read the original article: Quick Survey: SolarWinds Incident The SolarWinds cyber incident has dominated security headlines since the end of December. (ISC)2 wants to hear opinions from practitioners in the field on what impact it really had. Take our quick…

Read more →

Read the original article: The Importance of a Good Software Security Policy Policy is Everywhere Think of every company you have ever worked for. Whether it was a job in a warehouse, or employment in an office, there was always…

Read more →

Read the original article: How Small Businesses and Big Enterprises Structure Their Cybersecurity Teams When it comes to cybersecurity, bigger may not always be the best indicator of effectiveness. (ISC)2 research reveals organizations of all sizes have similar strategies when…

Read more →

Read the original article: Using a Crisis Wisely Upskilling in times of uncertainty and change is a prudent career decision By Tony Vizza, CISSP, CCSP The saying “everything happens for a reason” is often invoked as a message of support…

Read more →