Tag: (ISC)² Blog

On July 21, The National Institute of Standards and Technology (NIST) published revised Special Publication 800-66, “Implementing the [HIPAA] Security Rule: A Cybersecurity Resource Guide,” and is accepting comments on the revised draft guidance until September 21. (ISC)² is encouraging…

Read more →

The (ISC)² Security Congress 2022 theme is EMPOWER and together, we intend to do just that! Empower your future by joining thousands of leading cybersecurity experts from around the world October 10-12 to collaborate in- person at Caesars Palace in…

Read more →

High profile ransomware attacks, vulnerabilities in popular technology products and a widespread investment scam in Europe. Here are the latest cybersecurity threats and advisories for the week of August 5, 2022. Threat Advisories and Alerts Critical Vulnerability Found in VMware…

Read more →

(ISC)² Security Congress is the must-attend cybersecurity conference delivering high-value education, training and networking to attendees for over a decade. “The grown-up version of Black Hat”, according to IT Pro, cybersecurity experts from all over the supply chain gather at…

Read more →

We’re excited to share that Ciaran Martin and Robert Mazur are joining the keynote lineup – alongside Ian Bremmer and Carey Lohrenz – at this year’s (ISC)² Security Congress. Ciaran Martin founded the UK National Cyber Security Centre (NCSC) in…

Read more →

In 2021, North Carolina became the first state to prohibit state agencies and local government entities from paying a ransom following a ransomware attack. This, first-of-its-kind, state law also prohibits public entities from communicating with a malicious actor following a…

Read more →

On November 1, several changes will be made to the SSCP exam. We are excited to share that the SSCP exam will be available in four more languages. Currently, the SSCP exam is available in English and Japanese, but come…

Read more →

Tech giants, major cybersecurity companies, cryptocurrency scams, and remote work fraud are in the news this week. Here are the latest cybersecurity threats and advisories for the week of July 28, 2022. Threat Advisories and Alerts Liquidity Miner Scam Robs…

Read more →

On July 19, National Cyber Director Chris Inglis hosted the National Cyber Workforce and Education Summit at the White House. The event focused on “improving skills-based pathways to cyber jobs, educating Americans” and finding solutions for bridging the cyber workforce…

Read more →

Cryptocurrency risks, Russian cyberattacks, and North Korean ransomware make headlines this week. Here are the latest cybersecurity threats and advisories for the week of July 21, 2022. Threat Advisories and Alerts Cybercriminals Defraud US Investors with Fake Cryptocurrency Apps Mobile…

Read more →

We held our first-ever (ISC)² SECURE Singapore event earlier this month. The in-person event saw leading cybersecurity experts from around the region engaging in discussions around cybersecurity amid profound changes and disruption around the world, and a global workforce gap.…

Read more →

Carey Lohrenz, one of the first U.S. female fighter pilots, will provide “Lessons in Leadership” as a keynote at (ISC)² Security Congress 2022. As a pioneer in military aviation, Carey broke barriers as the first female F-14 Tomcat Fighter Pilot…

Read more →

At (ISC)² we are committed to positively impacting the cybersecurity industry in a big way. The board of directors and (ISC)² leadership is pleased to announce that we will provide free entry-level cybersecurity certification exams and self-paced educational program courses…

Read more →

When hiring managers onboard new cybersecurity staff, there is typically an expectation that some learning on the job will be necessary. This is certainly the case when new hires are entry- and junior-level practitioners. But when can you expect those…

Read more →

Callback scams, ransomware, Windows attacks and phishing … here are the latest cybersecurity threats and advisories for the week of July 15, 2022. Threat Advisories and Alerts North Korea State-Sponsored Cybercriminals Target U.S. Healthcare Organizations North Korea state-sponsored cyber actors…

Read more →

By Joseph Montes, CISSP In 2021, I decided to pursue the CISSP. I was looking for a certification that would help me to stand out and prove to myself and my peers that I know my field. I had experience…

Read more →

The CISSP (Certified Information Systems Security Professional) certification got a few thumbs-up in a recent Dice article about whether cybersecurity jobseekers need certifications to land a position. Several cybersecurity professionals quoted in the article named the CISSP as a valuable…

Read more →

Cybersecurity recruitment has long been a challenge, and companies often exacerbate the situation by setting unrealistic expectations, especially for entry- and junior-level roles. A common misstep is to require qualifications and years of experience that few junior jobseekers have. In…

Read more →

Ian Bremmer will keynote (ISC)² Security Congress 2022 with the presentation “Why Political Risk and Cybersecurity Collide in Times of Crisis.” The accomplished author, speaker, commentator and political scientist will lead attendees on a journey through the intertwined world of…

Read more →

In the latest (ISC)² Think Tank webinar “How to Hire and Develop Entry- and Junior-Level Cybersecurity Practitioners” three hiring managers tackled the question of how to fill the workforce gap by sharing their insights and firsthand experiences. Jon France, (ISC)²…

Read more →

By Diana-Lynn Contesti (Chief Architect, CISSP-ISSAP, ISSMP, CSSLP, SSCP), and Richard Nealon (Senior Security Consultant, CISSP-ISSMP, SSCP, SABSA SCF) Ever find yourself in a struggle to defend your security budget or to introduce a change? This guide is a baseline…

Read more →

The (ISC)² Pittsburgh Chapter is seeing great success by providing study sessions for both the CISSP and CCSP exams. While participating in a study group does not guarantee passing the exam, it does; however, help to connect with others, put…

Read more →

Since its inception, the Center for Cyber Safety and Education and (ISC)² have worked to increase awareness of the importance of cyber safety and ensure that people around the world have a safe online experience. The Center has done this…

Read more →

Infosecurity Europe is unquestionably the biggest and most significant cybersecurity conference and event on the European calendar, a mainstay that is enjoyed by the entire industry and that serves as an important opportunity for members to meet each other and…

Read more →

We all have unconscious bias. In fact, our ability to use pattern recognition and informed judgement can be a benefit in many professions, especially cybersecurity. However, unconscious biases in areas of hiring, mentoring, promoting or developing staff could hamper efforts…

Read more →

Security teams should stop treating users as the weakest link in security and, instead, turn them into allies in building a strong security culture. This was the message from Shelly Epps, HCISPP, Director of Security Program Management at Duke Health,…

Read more →

Last week (ISC)² released the (ISC)² Cybersecurity Hiring Managers Guide: Best Practices for Hiring and Developing Junior Talent built on the latest research to help organizations grow their teams and retain top talent. The report highlighted the top technical skills,…

Read more →

This article has been indexed from (ISC)² Blog If you’ve ever wondered about the relationship between privacy and apples, privacy expert J. Trevor Hughes explained the connection during a session at the (ISC)² SECURE North America one-day virtual event. “Privacy…

Read more →

This article has been indexed from (ISC)² Blog Facing an acute shortage of qualified cybersecurity professionals, hiring managers are recruiting entry- and junior-level practitioners to their teams. The latest (ISC)² research captured in our Cybersecurity Hiring Managers Guide reveals this…

Read more →

This article has been indexed from (ISC)² Blog An overwhelming majority of cybersecurity hiring managers (91%) have onboarded entry- and junior-level candidates in the past two years, according to new (ISC)² research. Facing an acute shortage of qualified cybersecurity professionals,…

Read more →

This article has been indexed from (ISC)² Blog The 2021 (ISC)² Cybersecurity Workforce Study suggested that the global cybersecurity workforce needs to grow 65% to effectively defend organizations’ critical assets. To protect their systems, employees and data organizations need creative…

Read more →

This article has been indexed from (ISC)² Blog Cybersecurity has come to the forefront of state and federal policy over the past few years. In 2021, there were over 285 pieces of legislation related to cybersecurity introduced in state legislative…

Read more →

This article has been indexed from (ISC)² Blog Recognizing that potential barriers to certification globally are the time and resources some candidates must invest to travel to a test center, as well as ongoing health and safety concerns from the…

Read more →

This article has been indexed from (ISC)² Blog Ready. Set. Vegas and Beyond! We are looking forward to our first-ever hybrid (ISC)² Security Congress on October 10-12. This year’s event will have something for everyone, whether you decide to attend…

Read more →

This article has been indexed from (ISC)² Blog More than 1,400 individuals have taken the new (ISC)² entry-level cybersecurity certification exam during the pilot phase which began in January 2022. Scheduling for the pilot is currently available through August 26…

Read more →

This article has been indexed from (ISC)² Blog The U.S. Department of Justice (DOJ) announced last week it will not bring charges under federal hacking laws against security researchers and ethical hackers who act in good faith. This decision stems…

Read more →

This article has been indexed from (ISC)² Blog In the second portion of this blog series, we are sharing member stories from those with four to six years of experience in cybersecurity. We asked members about their entry into cyber…

Read more →

This article has been indexed from (ISC)² Blog On March 9, 2022, the SEC released new proposed rules relating to cybersecurity risk management, incident reporting, and disclosure for investment advisers and funds. The proposed rules would require advisers and funds…

Read more →

This article has been indexed from (ISC)² Blog We recently asked our members who volunteer to engage with the (ISC)² blog about their entry into cyber and what advice they have for those interested in joining the field. These stories…

Read more →

This article has been indexed from (ISC)² Blog We are excited to announce that more than 1,000 cybersecurity career hopefuls have taken their first step toward launching their careers by taking the (ISC)² entry-level cybersecurity certification pilot exam. Once they…

Read more →

This article has been indexed from (ISC)² Blog By Diana-Lynn Contesti (Chief Architect, CISSP-ISSAP, ISSMP, CSSLP, SSCP), John Martin (Senior Security Architect, CISSP-ISSAP, CISM, Open Group Certified Architect Master) and Richard Nealon (Senior Security Consultant, CISSP-ISSMP, SSCP, SABSA SCF) Cybersecurity…

Read more →

This article has been indexed from (ISC)² Blog In 2018, the UK’s Department for Digital, Culture, Media and Sport (DCMS) funded the creation of the UK Cyber Security Council, which launched in March 2021. The UK government will look to…

Read more →

This article has been indexed from (ISC)² Blog Finding qualified cybersecurity personnel is never easy. Recruitment has become an even bigger challenge in the last two years as workforce shortages intensified and corporate networks expanded into employees’ homes. Worldwide, 60%…

Read more →

This article has been indexed from (ISC)² Blog Have you ever considered joining the (ISC)² Board of Directors? Our all-member and all-volunteer Board of Directors give their time and expertise to help guide our association forward and lead us in…

Read more →

This article has been indexed from (ISC)² Blog By Ruchika Sachdeva, CISSP, Certified Lead Auditor ISO 27001, Partner Trainer ISO 27001 with PECB. With the advent of the pandemic, the plethora of enterprises has turned inside out. The accelerated digital…

Read more →

This article has been indexed from (ISC)² Blog By Jon France, CISSP, CISO at (ISC)². Following our last quarterly meeting with our Board of Directors, Jon began to think about what a CISO should present, how to present it and,…

Read more →

This article has been indexed from (ISC)² Blog On August 1, several changes will be made to the CCSP exam. We are excited to share that the CCSP exam will be available in four more languages. Currently, the CCSP exam…

Read more →

This article has been indexed from (ISC)² Blog The (ISC)² Hellenic Chapter was awarded the bronze award for its initiatives and activities in the category of Public Cybersecurity Awareness at the Greece Cybersecurity Awards 2022 by Boussias. The event, a…

Read more →

This article has been indexed from (ISC)² Blog By John Iliadis, PhD, CISSP-ISSMP, CMgr MCMI, CRISC. John is an IT Infrastructure Manager; he also serves as a Board Member of (ISC)² Hellenic Chapter. Opinions expressed herein do not express the…

Read more →

This article has been indexed from (ISC)² Blog Duncan Jones, Head of Cybersecurity for Cambridge Quantum, recently spoke with Fierce Electronics about quantum cybersecurity and where it’s headed. In the interview, Duncan referred to quantum as “a boogeyman for cyber,”…

Read more →

This article has been indexed from (ISC)² Blog Great team members like yours help our cybersecurity community share education, host stellar events, create a sense of community and continue to grow. The (ISC)² Global Achievement Awards honors these contributors annually.…

Read more →

This article has been indexed from (ISC)² Blog In 1970, April was designated Autism Awareness Month and in recent years has been expanded to be known as Neurodiversity Awareness Month. (ISC)² is excited to celebrate all the different ways our…

Read more →

This article has been indexed from (ISC)² Blog Angel Sayani is making her mark in the cybersecurity world at just 19 years of age. She already holds several industry certifications including Associate of (ISC)², Cloud Security Alliance’s CCSK and eight…

Read more →

This article has been indexed from (ISC)² Blog By Samuel Rugi, an MSc Information technology (Security), Certified Information Security Professional (CISSP), Certified Information Security Management (CISM), Cybersecurity Mentor at the Cyversity Organization and a Co-Chair Leadership LaunchPad at Technology Association…

Read more →

This article has been indexed from (ISC)² Blog As the war in Ukraine rages on, (ISC)² leaders took the opportunity to remind cybersecurity practitioners in the most recent Inside (ISC)² webinar of a simple but essential message: Be vigilant. As…

Read more →

This article has been indexed from (ISC)² Blog Safety is the top priority for employees in the American workplace, and one of the issues they worry about most is cyber threats. With COVID-19 still fresh on everyone’s mind, only public…

Read more →

This article has been indexed from (ISC)² Blog Nominations are now open for the 2022 (ISC)² Global Achievement Awards. These annual cybersecurity awards celebrate professionals whose excellence, leadership and efforts have significantly advanced the cybersecurity industry and contributed to the…

Read more →

This article has been indexed from (ISC)² Blog By Marco Túlio Moraes, CISSP, Director of Information Security, CISO at OITI. Marco is an executive with +20 years of experience in technology, risks and infosec, with 10 years of international experience.…

Read more →

This article has been indexed from (ISC)² Blog As the invasion of Ukraine continues alongside a pronounced increase in online disruption aimed at the main sanction-imposing economies, speculation is rampant that a barrage of related cyberattacks on Western allies will…

Read more →

This article has been indexed from (ISC)² Blog To celebrate Women’s History Month in March, four female security leaders met for a wide-ranging panel discussion on how they’ve broken through gender biases to forge their career paths, as well as…

Read more →

This article has been indexed from (ISC)² Blog The CISSP-ISSMP exam will be changing on November 15, 2022. This exam is the most recent of the (ISC)² examinations to be updated as part of the Job Task Analysis (JTA) process.…

Read more →

This article has been indexed from (ISC)² Blog Flexible work conditions can help decrease the cybersecurity workforce gap by creating more inclusive environments. Practices like work from home and flexible office hours allow companies to widen their recruitment pool. The…

Read more →

This article has been indexed from (ISC)² Blog Beginning June 1, 2022, additional pretest items and time will be added to the CISSP exam for the Computerized Adaptive Testing (CAT) format. The current CISSP CAT exam contains 25 pretest (unscored)…

Read more →

This article has been indexed from (ISC)² Blog At (ISC)² our vision is to inspire a safe and secure cyber world. Our members and the greater cyber community help to make this possible through (ISC)² Chapters and individual volunteer opportunities…

Read more →

This article has been indexed from (ISC)² Blog By Ala’ F. Wrikat, MSc, CISSP, CISM. Ala’ is currently a specialist in policies and strategic studies at the Financial-sector’s CERT of Jordan. Defense in depth strategy has proven its effectiveness in…

Read more →

This article has been indexed from (ISC)² Blog Last year’s Celebrating International Women’s Day: Carving a Cybersecurity Career Path webinar featured a panel of accomplished women in cybersecurity for a discussion that captured the female perspective in the field. The…

Read more →

This article has been indexed from (ISC)² Blog The (ISC)² Scholarship Program is part of an effort to bridge the cybersecurity workforce gap—which stands at 2.72 million needed professionals—by providing future cybersecurity professionals across the globe with scholarships to prepare…

Read more →

This article has been indexed from (ISC)² Blog The Need for Entry-level Cybersecurity Education Is Critical As any employer who has tried to fill a vacant cybersecurity position knows, finding qualified candidates is anything but easy. The cybersecurity workforce would…

Read more →

This article has been indexed from (ISC)² Blog By Cynthia Freeney, CSSLP currently holds the dual role of project manager and security officer. Cynthia’s current focus in the security realm is ensuring organizational policies, procedures, processes and security controls are…

Read more →

This article has been indexed from (ISC)² Blog Kaleb Worku’s record of academic distinction and relevant experience earned him the 2020 KnowBe4 Black Americans in Cybersecurity scholarship and the following year the CyberCorps® Scholarship for Service. Today, he is a…

Read more →

This article has been indexed from (ISC)² Blog The disclosure of the Log4j zero-day exploit in December 2021 had a serious impact on the cybersecurity industry. The flaw is found in one of the most commonly used pieces of software,…

Read more →

This article has been indexed from (ISC)² Blog Cybersecurity is one of many industries lacking diverse perspectives and backgrounds, which are essential for combating the ever-evolving threat landscape. (ISC)² estimates that the Cybersecurity Workforce Gap as of 2021 stands at…

Read more →

This article has been indexed from (ISC)² Blog Registration for the second (ISC)² online proctored CISSP exam pilot program is now open to candidates in the U.S., U.K. and Singapore. Built on results from the association’s first online proctored pilot…

Read more →

This article has been indexed from (ISC)² Blog In honor of Black History Month, we celebrate and acknowledge black pioneers in computer science and cybersecurity. Without their incredible contributions to technology, the cyberworld in which we live may not have…

Read more →

This article has been indexed from (ISC)² Blog Want to share your expertise with thousands of your peers at Security Congress? Now’s your chance! (ISC)² has issued a call for speakers for its 12th annual (ISC)² Security Congress conference, a…

Read more →

This article has been indexed from (ISC)² Blog By Charlene Deaver-Vazquez, CISSP, CISA. Charlene is the developer of Probabilistic Risk Modeling for Cyber (P-RMOD4Cyber) a framework of mathematical models for quantifying risk. There is a tendency to view the effectiveness…

Read more →

This article has been indexed from (ISC)² Blog A Look Back at 2021 In 2021, 45 states and Puerto Rico introduced or considered 301 pieces of legislation dealing with cybersecurity. Of those 45 states, 35 enacted bills pertaining to cybersecurity.…

Read more →

This article has been indexed from (ISC)² Blog Morale among most cybersecurity professionals remains high despite the stressors brought on by the pandemic. 29% of respondents to the (ISC)² 2021 Cybersecurity Workforce Study reported personal morale as above average, with…

Read more →

This article has been indexed from (ISC)² Blog If you are a CISSP exam candidate interested in taking the exam online, please consider participating in our next online proctor pilot program. Our exams team began working with Pearson VUE to…

Read more →

This article has been indexed from (ISC)² Blog In case you missed it, (ISC)² is piloting an entry-level cybersecurity certification exam to help students, young professionals and career changers interested in building a career in cybersecurity receive the education and…

Read more →

This article has been indexed from (ISC)² Blog (ISC)² has added two additional offerings to our online instructor-led review sessions in support of the new entry-level cybersecurity certification pilot exam. Our recent offering sold out in record time, and these…

Read more →

This article has been indexed from (ISC)² Blog By Keith Bruce, CISSP and IT Security Compliance Analyst. Keith’s primary focus is on ISO 27001 compliance and team analytics, but also manages vulnerability, policy, penetration testing and client audit review programs,…

Read more →

This article has been indexed from (ISC)² Blog A recent Forbes article pulled together a list of several cybersecurity stats that underpin the current state of the industry and threat landscape. The stats, which come from various private sector organizations,…

Read more →

This article has been indexed from (ISC)² Blog Ever wonder what more you can do to narrow the cybersecurity skills gap or how you can use your cybersecurity skills to make a difference in your local community? (ISC)² has the…

Read more →

This article has been indexed from (ISC)² Blog The cybersecurity industry has a talent shortage and is seeking professionals to close the 2.72 million global workforce gap. Young people could be the answer to fulfilling the need organizations have to…

Read more →

This article has been indexed from (ISC)² Blog One week to go until the first (ISC)² entry-level cybersecurity pilot exam! Interested individuals can register for the pilot exam online through Pearson VUE. (ISC)² created the forthcoming entry-level cybersecurity certification to…

Read more →

This article has been indexed from (ISC)² Blog To help candidates prepare for the forthcoming entry-level cybersecurity certification pilot exam, (ISC)² released a new education program—a live or on-demand expert instruction on the fundamental cybersecurity concepts and five domains covered…

Read more →

This article has been indexed from (ISC)² Blog The need is real. The shortage of cybersecurity talent presents a clear and present danger in virtually every corner of the globe as bad actors plot their next move. How wide is…

Read more →

This article has been indexed from (ISC)² Blog “Information security analyst” tops the U.S. News & World Report 2022 Best Jobs list. The list ranks the 100 best jobs across 17 sectors including business, healthcare and technology, taking into account…

Read more →

This article has been indexed from (ISC)² Blog (ISC)² regularly conducts Job Task Analysis (JTA) studies to review and update the content outline (or exam blueprint) of its credentialing examinations. A JTA is the methodical process used to determine tasks…

Read more →

This article has been indexed from (ISC)² Blog Many people are talking about the future-of-work, but how can that even be calculated when the primary element – workers – appears to be in short supply? There has been much focus…

Read more →

This article has been indexed from (ISC)² Blog A U.S. Cyber Command (USCYBERCOM) task force has conducted “its first offensive cyber effect operation against real-life cyber threats.” Details of the operation have not been published, but the military says offensive…

Read more →

This article has been indexed from (ISC)² Blog As we expand our events in 2022, we look forward to offering increased opportunities for education and networking among cybersecurity professionals within their regions. To ensure that each event makes a significant…

Read more →

This article has been indexed from (ISC)² Blog What does next year have in store for the cybersecurity industry? The “Top Five Cybersecurity Predictions for 2022” webinar presented by Steve Piper, CISSP, Founder & CEO of CyberEdge overdelivers and gives…

Read more →

This article has been indexed from (ISC)² Blog As cybersecurity professionals, you work in an industry that is always evolving. It is imperative to… Read the original article: What Were the Best Cybersecurity Webinars of 2021?

Read more →

This article has been indexed from (ISC)² Blog As 2021 draws to a close, it provides an opportunity to reflect on the past year, and the success and growth we have achieved together. Under the backdrop of escalating cyber threats…

Read more →

This article has been indexed from (ISC)² Blog (ISC)² leadership is dedicated to keeping you informed and responding to your inquiries throughout the year. In 2021, we launched quarterly board updates and department-specific deep dives where (ISC)² CEO Clar Rosso…

Read more →

This article has been indexed from (ISC)² Blog 2022 Predictions for the Cybersecurity Industry and Advice for Newcomers or Those Working for Small to Medium-Sized Businesses By Diana-Lynn Contesti, CISSP-ISSAP, ISSMP, CSSLP, SSCP, John Martin, CISSP-ISSAP, CISM, BCS CITP, and…

Read more →

This article has been indexed from (ISC)² Blog Technology and cybersecurity cannot be thought of as the responsibility of a siloed IT department – it is the lifeblood of the organization. In day-to-day operations, as well as during moments of…

Read more →

This article has been indexed from (ISC)² Blog The 2021 (ISC)² Cybersecurity Workforce Study revealed that the global cybersecurity workforce gap is 2.72 million. This is the number of jobs within the industry that are necessary to fill to defend…

Read more →