Today is International Women’s Day and what better way to celebrate it than with a glimpse into the careers of four successful women in cybersecurity. At 11 a.m. ET, (ISC)2 will host “Celebrating International Women’s Day: Carving a Cybersecurity Career Path.” This group of accomplished security professionals will come together to discuss why women should be interested in joining the cybersecurity field and ways to encourage this. They will also share highlights in their own journeys in the profession that led them to the leadership positions they now hold. You can attend the event live or watch the replay by... Continue reading

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP professional. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted. In support of this, (ISC)2 has launched a series of interviews to explore where CISSP certification has led security professionals. Last time we heard from Melissa Parsons. This installment features Chris Clinton. He is co-CEO and co-founder of Naq Cyber, he is an advocate of helping small... Continue reading

CISSP trends strong with BrightTALK webinar viewers. BrightTALK, our primary webinar platform, identifies the most popular and trending topics out of more than 100,000 security and technology talks. We recently noticed that cybersecurity is holding strong and ranked number one in the most popular category, but we were excited to see that CISSP was ranked number two in the trending category, outranking a wide array of popular interests. During the year when a pandemic halted travel and training budgets, many people turned to webinars to help sustain their professional development goals. (ISC)² Think Tank webinars and Security Briefings experienced a... Continue reading

Disaster recovery is now a normal part of business operations. However, before the year 2000, disaster recovery was a “nice to have” addition to a business. Then, the “Y2K” bug became the impetus that brought disaster recovery to the forefront of business preparedness. Next, in 2001, the rise of terrorism brought new attention to the need for businesses to prepare for disasters. As time progressed, incidents such as the blackout of 2003 that shut down the northeastern United States for a day, made many recognize that disaster recovery centers could not be on the same power grid, let alone at... Continue reading

By Rema Deo, HCISPP By now, everyone is familiar with the Internet of Things (IoT), an expanding network of physical devices, appliances, and equipment that are embedded with sensors, software, and other technologies in order to connect and exchange data with other devices and systems over the Internet. It’s an exciting digital world in which your smartphone can control the tiny computers in your air conditioning system and your house lights. Where the small computer in your refrigerator monitors water quality and automatically orders a new filter from the manufacturer. Where your computerized oven can be turned on remotely to... Continue reading

The (ISC)² CISSP and CCSP certifications have recently racked up more recognition from global staffing firm Robert Half. The company’s 2021 Technology Salary Guide looked at the trends and skills impacting technology professionals, as well as the most in-demand IT certifications today. The (ISC)² programs were two of the top 15 in demand certifications highlighted in a CRN story on the topic. Why Are CISSP and CCSP So In Demand? The COVID-19 pandemic shined an even brighter spotlight on the global cybersecurity workforce shortage. While the industry is making strides to fill the talent gap, the pandemic placed greater emphasis... Continue reading

By Qamar Peer Bellary Sadiq, CISSP, CCSP Public Key Infrastructure is the most commonly used technology in security space for the purpose of establishing Authentication, Data Integrity, Non-Repudiation, email encryption, SSL/TLS with X.509 Certificates (also known as Digital Certificate). Digital Certificate is a form of a digital identity document in the digital world and helps identify users, entities and servers. PKI is an amalgamation of a suite of protocols, people, processes and technologies that must work in a synchronized manner to create, store, distribute, manage and revoke digital identities. However, there exists real world challenges, pitfalls and misconceptions around Certificate... Continue reading

A new report by the higher education technology association EDUCAUSE imagines four possible future scenarios of cybersecurity trends in colleges and universities. The report takes into account technology, environmental, economic and political trends to develop the scenarios, while also acknowledging evolving cybersecurity practices and data governance and privacy trends. The goal of EDUCAUSE’s “Horizon Report” is to provide information and analysis to help higher education institutions “learn, plan, and act on all that is influencing higher education information security, now and in the future.” At the same time, the report acknowledges that planning for the future is an inexact science.... Continue reading

Nominations are now open for the (ISC)² Global Achievement Awards. These awards recognize individuals whose excellence, leadership and volunteer efforts have significantly advanced the cybersecurity industry and contributed to the vision of inspiring a safe and secure cyber world. Most awards are open to both (ISC)² members and non-members, though self-nomination is not permitted. Individual awards for cybersecurity professionals throughout their career include: (ISC)² Government Professional Award (ISC)² Rising Star Professional Award (ISC)² Mid-Career Award (ISC)² Senior Professional Award Additionally, the following awards which were previously selected exclusively by the (ISC)² Board of Directors are now open to nominations from... Continue reading

The New Face of Healthcare Healthcare is currently undergoing a digital transformation that rivals the development of autonomous vehicles in the automobile industry. In fact, there are connections between improved healthcare and autonomous vehicle development. Digital transformation is a buzzword that evokes many grand ideas. In healthcare, one article succinctly articulated it: “Digital transformation in healthcare is the positive impact of technology in healthcare”. Some of the positive outcomes of digital transformation in healthcare include the rise of telemedicine, the development of internet-enabled medical devices, and medical practice and education via virtual reality technology. These developments are enhanced by the... Continue reading

For a limited time – February 22-28, 2021 – (ISC)² is pilot testing the option to take the CISSP online exam from home. Last year, as the COVID-19 pandemic emerged, we accelerated our exploration of enabling candidates to take the CISSP exam online. While all (ISC)² exams are, and will remain, available to be taken in person at test centers with health and safety measures in place, we are happy to be able to offer an alternative in the course of this pilot test. When is the CISSP Online Exam Available? You can take your CISSP exam online next week... Continue reading

Why it is essential to have experience - and not JUST to pass the CISSP Growing The Garden of InfoSec Think about your path in information security. It took a lot of work and study. No one is born knowing information security, and no child in any playground has ever said “when I grow up, I want to get a CISSP credential”. Information security is one of the most popular professions right now, and it is anticipated that the demand for qualified information security professionals will continue to grow for the foreseeable future. Any great garden requires serious care and... Continue reading

The nonprofit Center for Cyber Safety and Education (Center) is providing 1,300 local elementary students with a Garfield-led online safety education program, thanks to a donation from area cybersecurity professionals. With the gift from the (ISC)² Hawaii Chapter, media specialists serving the seven elementary schools at the Leilehua Complex will conduct the award-winning Garfield’s Cyber Safety Adventures lesson with students before they go on spring break. The online instructor-led lesson allows students to learn digital citizenship through interactive storybooks, online class discussions, and engaging Garfield cartoons via their home computer. “It’s rewarding to collaborate with professional organizations that want to... Continue reading

In the early days of cloud computing, many executives became enamored with the idea that they would no longer be responsible for the “headaches” of an on-premises data center. Things like cooling, physical security, hardware upgrades and uninterruptable power supplies all would shift to the cloud providers. But the shifting of certain responsibilities does not also mean the transfer of accountability… So who is responsible for what in the cloud and how can shared accountability be navigated? The shared responsibility model is a nice theory, but here’s how its practical application gets tricky. Read the blog. Continue reading

By Mike Privette, CISSP A question I often get asked is, "How do I advance my career in the cybersecurity field?" tl;dr: Figure out for yourself what "advancement" means (i.e., more money, better title, more challenging problems to solve, etc.) Market yourself and ask others for help to achieve what you want Build a brand an audience around #1 and #2 About Me I've spent more than 15 years operating in, building, and leading cybersecurity programs at several Fortune 500 companies in the Financial Services industry. I'm also the Founder & Managing Principal of Fraction Consulting, where I get to... Continue reading

By Diana-Lynn Contesti, CISSP-ISSAP, ISSMP, CSSLP, SSCP John Martin, CISSP-ISSAP, CISM Richard Nealon, CISSP-ISSMP, SSCP, SCF In part one of this blog series, we discussed privacy, remote access (aka Work from Home), insider threats, data leakage, Zero Trust Architecture (ZTA) and security architecture. To continue this discussion, we believe that 2021 will still see folks working from home; thus, the risks due to insider threats and data leakage will continue to grow. However, we believe that there are other concerns for information security professionals, including edge computing, 5G, IoMT/IoT, AI and ransomware. Edge Computing Edge Computing is a distributed computing... Continue reading

By Yuri Braz, CISSP, CRISC, PMP Information Security, or cybersecurity, has become more relevant every day. One of the main reasons is because information has become the main asset of most companies. Thus, this information needs to be safeguarded or companies would not be able to create value for society and its shareholders. Large institutes, such as (ISC)², help to develop and democratize the information security field, so that today the majority of medium and large companies have an information security policy. An infosec policy is the first step towards risk governance, essential for the practice of due care and... Continue reading

The SolarWinds cyber incident has dominated security headlines since the end of December. (ISC)2 wants to hear opinions from practitioners in the field on what impact it really had. Take our quick survey today to make your thoughts known: https://www.surveymonkey.com/r/ISC2SolarWindsPulseSurvey On March 30th, (ISC)2 will host a webinar to discuss the results and hear firsthand from your colleagues in the field. Registration will open soon. Continue reading