Category: (ISC)² Blog

Read the original article: (ISC)2 Costa Rica Chapter: Sharing reflections and lessons learned from Maze Team attack Óscar Monge España, miembro fundador de (ISC)² capitulo Costa Rica, tiene 16 años de experiencia en múltiples campos de la ciberseguridad, como lo…

Read more →

Read the original article: On-Premise Accelerated Training to Resume at Firebrand Amid easing COVID-19 lockdown measures, exam and training centers are opening up. As Thiago Earp from Firebrand Training explains, it will soon resume training at its dedicated facility, starting…

Read more →

Read the original article: On-Premise Accelerated Training to Resume at Firebrand Amid easing COVID-19 lockdown measures, exam and training centers are opening up. As Thiago Earp from Firebrand Training explains, it will soon resume training at its dedicated facility, starting…

Read more →

Read the original article: Advice from 3 Cyber Pros on Getting Certified There is no question that now is a great time to break into cybersecurity as a career. (ISC)² research shows the shortage of skilled security resources is approaching…

Read more →

Read the original article: Advice from 3 Cyber Pros on Getting Certified There is no question that now is a great time to break into cybersecurity as a career. (ISC)² research shows the shortage of skilled security resources is approaching…

Read more →

Read the original article: Report: Cybersecurity Understaffing Lowers Ability to Handle Cyber Threats Understaffing in cybersecurity teams remains a major challenge for organizations, with 62% of respondents in a recent ISACA survey saying they are struggling with it. And even…

Read more →

Read the original article: 10 Critical Skills for the Cybersecurity Workforce With breach rates growing and cyberattacks becoming a daily occurrence for business, IT leaders are looking to beef up their security teams. This is good news for anyone who…

Read more →

Read the original article: 10 Critical Skills for the Cybersecurity Workforce With breach rates growing and cyberattacks becoming a daily occurrence for business, IT leaders are looking to beef up their security teams. This is good news for anyone who…

Read more →

Read the original article: Study: Pandemic Boosts Cybersecurity Demand Demand is up for cybersecurity solutions and services as businesses try to cope with the effects of the COVID-19 pandemic. In a survey of technology firms, industry association CompTIA found that…

Read more →

Read the original article: In support of federal legislation to support our cybersecurity workforce (ISC)² has sent a letter to Senator Jacky Rosen (D-NV) in support of proposed bipartisan legislation that would direct the Secretary of Commerce, in coordination with…

Read more →

Read the original article: 5 Ways to Break Down the Cybersecurity Experience Barrier 5 Ways to Break Down the Cybersecurity Experience Barrier Appropriate experience is one of the biggest hurdles to overcome when trying to land a job in information…

Read more →

Read the original article: Bank On It As published in the March/April 2020 edition of InfoSecurity Professional Magazine By Shaun Aghili, DBA, CISSP-ISSMP, CCSP, CISA and Bobby Swar, Ph.D. In May 2018, two major banks in Canada—Bank of Montreal and…

Read more →

Read the original article: 5 Career Tips for First-Time Cybersecurity Job Seekers It’s a great time to work in cybersecurity. Demand for security professionals continues to grow, and the need for qualified people with certain security certifications is strong. But…

Read more →

Read the original article: Let Your Voice Be Heard Last week, (ISC)2 launched the annual Cybersecurity Workforce Survey and we need to hear from you. When the study is released later this year, it will be shared with government agencies…

Read more →

Read the original article: The First Line of Defense: Are Humans Doing a Good Enough Job? As published in the March/April 2020 edition of InfoSecurity Professional Magazine By Crystal Bedell Humans have long been touted as the weakest link in…

Read more →

Read the original article: What You Need to Know: CISSP Comparable to U.K. Master’s Degree Standard (ISC)2 recently announced the CISSP certification has been formally recognized as comparable to the U.K.’s Master’s degree standard, following the completion of an independent…

Read more →

Read the original article: 3 Ways to Find a Cybersecurity Mentor The needs of those pursuing a cybersecurity career are unlike any other field. Stress is high, and the knowledge and skills it demands are evolving and changing all the…

Read more →

Read the original article: 5 Skills Companies Are Hiring for in 2020 There has never been a better time to become an information security professional. According to the U.S. Bureau of Labor Statistics, the demand for security experts is expected…

Read more →

Read the original article: 5 Skills Companies Are Hiring for in 2020 There has never been a better time to become an information security professional. According to the U.S. Bureau of Labor Statistics, the demand for security experts is expected…

Read more →

Read the original article: 5 Tips to Stand Out When You Have Little or No Cyber Experience So, you’ve decided you want to break into cybersecurity but have no relevant experience. The bad news is experience is important when it…

Read more →

Read the original article: 5 Tips to Stand Out When You Have Little or No Cyber Experience So, you’ve decided you want to break into cybersecurity but have no relevant experience. The bad news is experience is important when it…

Read more →

Read the original article: Survey: COVID-19 Response Sees Nearly 50% of Cybersecurity Workers Reassigned to IT Tasks When asked about changes experienced due to COVID-19, almost half (47%) of cybersecurity professionals polled by (ISC)2 said they have been reassigned to…

Read more →

Read the original article: 5 Reasons To Pursue a CISSP Concentration Earning a CISSP Concentration is an excellent way to advance your cybersecurity career and skill set. The CISSP-ISSAP, CISSP-ISSEP and CISSP-ISSMP all build on the CISSP, adding depth and…

Read more →

Read the original article: Forget the tabletop, we have an actual exercise for BCP! By Scott Dickinson, CISSP, CCSP First a disclaimer. This is not designed to be a piece discussing the political beliefs or whether the right or wrong…

Read more →

Read the original article: Overview of the latest AWS Security Service – Amazon Detective By AJ Yawn, CISSP Earlier this month, AWS announced that Amazon Detective is now available to all customers, reinforcing their dedication to helping customers hold up…

Read more →

Read the original article: Overview of the latest AWS Security Service – Amazon Detective By AJ Yawn, CISSP Earlier this month, AWS announced that Amazon Detective is now available to all customers, reinforcing their dedication to helping customers hold up…

Read more →

Read the original article: Professional Development Institute Honored With 2020 D2L Excellence Award We are excited to share that our Professional Development Institute (PDI) has been awarded a 2020 D2L Excellence Award. The honor comes on the heels of the…

Read more →

Read the original article: Study: Small Businesses Are More Focused on IoT Investments Than Cybersecurity More than twice as many small businesses are investing in Internet of Things (IoT) technologies than in cybersecurity, according to recent research. And while this…

Read more →

Read the original article: KEEP ON TRAINING: OFFICIAL ONLINE LEARNING HELPS YOU STAY FOCUSED ON CERTIFICATION GOALS Flexibility and convenience. Most aspects of our lives today demand both, and that’s clearly the case when preparing for an (ISC)2 certification exam.…

Read more →

When it comes to cloud security, it’s the Chief Information Security Officer’s (CISO) responsibility to understand the risks of a cloud architecture and develop a strategy for protecting against existing and emerging threats. And Luis Gonsalves, Head of Security for…

Read more →

Brian Alberti, Corporate Public Relations Manager, (ISC)2 Millions of workers around the world have been asked to work from their homes for an unspecified period of time until the COVID-19 outbreak has been contained by social distancing. For many people,…

Read more →

By Dr. Lyron Andrews, CISSP, SSCP and CCSP The vast majority of organizations today have migrated to the cloud to take advantage of rapid deployment, scalability and user empowerment. Eighty nine percent of respondents to a 2019 survey by DivvyCloud…

Read more →

By Tony Vizza, CISSP, CCSP, Director for Cyber Security Advocacy – APAC at (ISC)² “Tony, why did you get into cyber security?,” I am often asked. Truth be told, I had an interest in IT from a very young age.…

Read more →

(ISC)2 offers comprehensive certification exam prep for every type of learner. Whether you’re studying for the CISSP, CCSP, SSCP or another industry leading (ISC)2 certification, we have exam prep solutions to help you prepare with confidence. Many successful candidates move…

Read more →

The number of people working from home is skyrocketing as the COVID-19 pandemic forces companies to close offices and practice social distancing. The sudden explosion of makeshift home office environments is adding to the burden of already overtaxed cybersecurity workers,…

Read more →

Earlier this week, (ISC)2 announced that nominations are now being accepted for the 2020 (ISC)2 Global Achievement Awards. This awards program replaces the former (ISC)2 Awards Program, which had included the Information Security Leadership Awards (ISLA). The new program creates…

Read more →

By Javvad Malik, CISSP Can You Explain Encryption to Me? From: Thomas, Kevin Sent: 24 August 2019 10:43 To: Malik, Javvad Subject: Encryption Jav I’m updating the presentation pack for this months management meeting. Can you send me a short…

Read more →

The cloud today has become what Forrester calls “a turbocharged engine powering digital transformation around the world.” Digital transformation is propelling worldwide cloud service market projected growth from $182.4B in 2018 to $331.2B in 2022. Yet the cybersecurity skills shortage…

Read more →

Earlier in the year, we announced an upcoming update to the CISSP-ISSAP certification exam. Coming in November, the CISSP-ISSEP exam will also be updated. The CISSP-ISSEP is a concentration certification exam for those who already hold the CISSP. The concentration…

Read more →

By AJ Yawn, CISSP Amazon Web Services (AWS) is the industry-leading cloud service provider by any metric you can find doing a quick google search. The shared responsibility model is generally understood by individuals managing production workloads that are hosted…

Read more →

By AJ Yawn, CISSP Amazon Web Services (AWS) is the industry-leading cloud service provider by any metric you can find doing a quick google search. The shared responsibility model is generally understood by individuals managing production workloads that are hosted…

Read more →

Hundreds of thousands of people have been asked to work for home with little information as to when things will be back to normal. Likewise, children are having to stay at home to avoid the spread of Coronavirus disease 2019…

Read more →

ISC)² continues to grow as it recently surpassed a milestone of 150,000 certified cybersecurity professionals in 175 countries. This is good news considering the data in the 2019 (ISC)2 Cybersecurity Workforce Study indicates that the cybersecurity workforce needs hire 4.07…

Read more →

There are just a few weeks left to submit your session to speak at this year’s Security Congress. The 10th annual conference will be held November 16 – 18, 2020 at the Hyatt Regency Orlando in Orlando, Florida. If you’ve…

Read more →

There are just a few weeks left to submit your session to speak at this year’s Security Congress. The 10th annual conference will be held November 16 – 18, 2020 at the Hyatt Regency Orlando in Orlando, Florida. If you’ve…

Read more →

As published in the November/December 2019 edition of InfoSecurity Professional Magazine By Michael Bergman, CISSP An (ISC)2 member details a software security integration system that eliminates that ’50-page security policy’ for developers. Unless your organization is gifted with resources, your…

Read more →

U.S. healthcare institutions are under constant attack from cybercriminals, and unless hospitals take concrete steps to protect themselves, the situation won’t get any better. In 2019, the healthcare industry was the number one target for cyber attackers, with the cost…

Read more →

U.S. healthcare institutions are under constant attack from cybercriminals, and unless hospitals take concrete steps to protect themselves, the situation won’t get any better. In 2019, the healthcare industry was the number one target for cyber attackers, with the cost…

Read more →

It’s time again for another (ISC)² Job Task Analysis (JTA) study, this time for the CAP certification. We frequently review and update our content outlines (aka exam blueprints) of our credentialing examinations. If you’re not familiar, the JTA is a…

Read more →

Being a CISO can be stressful. That should come as no surprise. According to a new report, the stress is bad enough to cause health issues and personal relationship crises, and on average, CISOs stay in each job for just…

Read more →

Cloud security today is touted as better than ever. So how do we explain the ever-increasing number of data breaches? According to the new white paper, Cloud Security Risks & How to Mitigate Them, the disconnect arises from a shared…

Read more →

As published in the November/December edition of InfoSecurity Professional Magazine. It could be a blended attack as slick as a multichannel marketing campaign. Or a spontaneous crime of opportunity by a single dis-gruntled employee. It could even be an innocent…

Read more →

If you hold the CISSP certification, you may have asked yourself “What’s next for me?” as far as your certification journey is concerned. For many professionals, the next step is one of the CISSP concentrations: architecture, engineering or management. This…

Read more →

As published in the November/December 2019 edition of InfoSecurity Professional Magazine By Naresh Kurada, CISSP Threat modeling is gaining even more attention with today’s dynamic threat environment. The sophistication of threat actors and development of advanced tactics, techniques and procedures…

Read more →

By Clayton Jones, Managing Director, Asia-Pacific for (ISC)² The past few weeks have been challenging. Governments, individuals and organizations are working hard to contain the spread of Covid-19. Many of us across the Asia-Pacific region are still haunted by the…

Read more →

(ISC)²’s Certified Information Systems Security Professional (CISSP) is currently the sixth highest paying IT certification, according to newly published research. CISSP-certified cybersecurity professionals earn salaries averaging more than $140,000. The CISSP is one of just six IT certifications commanding salaries…

Read more →

The number of U.S. data breaches bumped up 17% in 2019 but despite the increase, the volume of sensitive consumer records that were exposed declined substantially by 65%, according to a newly published report. These statistics are a complete reversal…

Read more →

On February 3, (ISC)2 announced that it opened the call for speakers for its 2020 Security Congress in Orlando, FL, running from November 16-18. Speaker applicants can either submit for an individual presentation or panel presentation before the March 22…

Read more →

By Diana Contesti, CISSP-ISSAP, ISSMP, CSSLP, SSCP Ransomware is in the news lately with attacks on Norsk Hydro, multiple cities in Florida, Baltimore and Atlanta, not to mention the numerous hospitals that have been hit. These attacks have cost companies…

Read more →

This is one you won’t want to miss. (ISC)² Director of Cybersecurity Advocacy, John McCumber, will walk through the 2019 Cybersecurity Workforce Study results in a webinar hosted by the Center for Internet Security this Wednesday, February 12 at 12:30…

Read more →

By Dr. Thomas P. Scanlon, CISSP Software Engineering Institute, Carnegie Mellon University Today’s software developers are as much integrators as they are pure coders. There is an abundance of libraries, plug-ins and other third-party software components readily available to speed…

Read more →

In yet another sign that (ISC)2 is working to increase its international efforts and alliances, today we’re excited to announce a new strategic partnership with the Australian Information Security Association to work jointly toward a safer and more secure cyber…

Read more →

By Diana-Lynn Contesti, CISSP-ISSAP, ISSMP, CSSLP, SSCP and John Martin, CISSP-ISSAP Continued discussion from Security Predictions for 2020 from the (ISC)² Community of Security Professionals (Part 1) Internet of Things (IoT), Industrial Internet of Things (IIoT) and Operating Technology (OT)…

Read more →

By Diana-Lynn Contesti, CISSP-ISSAP, ISSMP, CSSLP, SSCP and John Martin, CISSP-ISSAP Cyber-attacks will impact businesses on a larger scale in 2020 and will affect those who are unprepared, whether it is attributed to human error or other disasters. In an…

Read more →

With RSA Conference in San Francisco fast approaching, SC Media has once again announced the finalists for its annual awards program. Winners will be announced at the SC Awards dinner and presentation on February 25 at the Intercontinental San Francisco.…

Read more →

Last week, IBM’s Security Intelligence blog reported on the highly-discussed cybersecurity skills shortage – and in particular, how some areas are lacking in talent more than others. “Software development is one of the areas most starved of security attention,” wrote…

Read more →

Why are goal-oriented individuals more likely to thrive professionally? Because they know where they want to go. But accomplishing anything meaningful takes drive and dedication. Most of all, it requires a clearly defined plan and inspiration to stay on track.…

Read more →

As use of the internet becomes more acceptable in schools and expected at younger ages, cyber safety education is a necessity. While tablets, computers and smart devices are the norm at home and school for children, many students are not…

Read more →

As demand for cloud computing grows, so does the need to secure it. In a survey of its Technology Executive Council members, CNBC found that cloud and software-defined security are among the C-suite’s top technology strategies for 2020. As reported…

Read more →

By Dr. Thomas P. Scanlon, CISSP Software Engineering Institute, Carnegie Mellon University Today’s software developers are as much integrators as they are pure coders. There is an abundance of libraries, plug-ins and other third-party software components readily available to speed…

Read more →

Here’s a bit of good news for anyone contemplating a career in cybersecurity: Cybersecurity workers who started their careers in other fields tend to get paid more than career-long cybersecurity professionals, according to new research. As reported by Security Boulevard,…

Read more →

One of the most common complaints cybersecurity professionals voice about their employers is that they have to pay for certifications out of their own pockets. It’s not a trivial issue, since workers consider certifications their number one career hurdle, according…

Read more →

By Tony Vizza, CISSP, CCSP, Director for Cyber Security Advocacy – APAC at (ISC)² Toward the end of 2019, I met many aspiring women and men who approached me and said, “Tony, I want to become cyber security certified, how…

Read more →

By Paul Lanois, SSCP, CIPP, CIPT, CIPM and Eric Tierling, CISSP, CIPP/E The landscape of privacy and related legislation in the United States continues to get more interesting. Despite the California Consumer Privacy Act (CCPA) being the talk of the…

Read more →

By Paul Lanois, SSCP, CIPP, CIPT, CIPM and Eric Tieling, CISSP, CIPP/E The landscape of privacy and related legislation in the United States continues to get more interesting. Despite the California Consumer Privacy Act (CCPA) being the talk of the…

Read more →

Continuing education allows cybersecurity professionals to stay in tune to the constant changes in the industry. (ISC)² provides webcasts throughout the year on various security-related topics to help keep you informed, as well as provide opportunities to earn CPEs. Based…

Read more →

As published in the September/October 2019 edition of InfoSecurity Professional Magazine By Wesley Simpson, COO There’s an untapped resource hiding in security departments that many of us may consider an intangible or even undefinable asset. When strengthened, it can have…

Read more →

As published in the September/October 2019 edition of InfoSecurity Professional Magazine By Wesley Simpson, COO There’s an untapped resource hiding in security departments that many of us may consider an intangible or even undefinable asset. When strengthened, it can have…

Read more →

As published in the September/October edition of InfoSecurity Professional Magazine By Deborah Johnson Advice on how to mitigate a sudden job loss due to redundancy, recession or ‘rightsizing’. Diana Contesti was a business continuity planner at a major steel manufacturer…

Read more →