By now you’re well aware of the widely-reported (ISC)² research that shows there is a global cybersecurity shortage of 2.93 million professionals. Identifying, recruiting and training skilled talent to adequately secure organizational data assets obviously remains a top priority in our industry. Well, over the past few weeks, both Tripwire and IBM have published reports that focus on different layers of the problem and add to the conversation. In its Cybersecurity Skills Gap Survey 2019, Tripwire found that 80% of IT security professionals believe it’s becoming more difficult to find skilled cybersecurity professionals. Not a surprising figure. The interesting wrinkle... Continue reading

Winner, winner, chicken dinner. That’s what was on the menu for (ISC)² at this week’s SC Awards gala event held in San Francisco, where the CISSP was recognized as the industry’s Best Professional Certification Program for 2019 by SC Media, which is coincidentally celebrating its 30th anniversary in the same year as (ISC)². The SC Awards are recognized throughout the cybersecurity industry as the crowning achievement for IT security, and winners are run through a rigorous judging process that includes testimonials, industry assessments and additional research. The CISSP was hand-picked by a panel of judges for its advancements in cybersecurity... Continue reading

Name: Jasmine Rodriguez Title: Managed Services Engineer Employer: KnowBe4 Location: Clearwater, FL Education: BA, Psychology from San Diego State University and Masters, Education from Vanderbilt University Years in IT: 3 Years in cybersecurity: 2 Cybersecurity certifications: SSCP, Associate of (ISC)², Security+, CEH How did you decide upon a career in cybersecurity? I found my way into the cybersecurity field a couple years after entering the workforce. I always had a passion for technology. My entry point was in a Network Operations Center where I soaked in knowledge quickly. How did you decide to pursue your CISSP? I utilized self-study materials... Continue reading

One of the most prestigious voices in the IT industry recently made an interesting proclamation: “The next big thing is dead.” So starts CompTIA’s IT Outlook 2019, which finds the next big thing is no longer about some new jaw-dropping technology advancement but rather a combination of various technologies, people and processes. If you’re expecting to be bowled over by a new technology trend any time soon, think again. Producing the desired business outcomes now means getting your human resources to expertly fuse together already-available technology building blocks and tools. And that’s what will fuel IT market growth of about... Continue reading

If you already have or are pursuing your CISSP from (ISC)², make sure you have your oven mitts at the ready. That’s because, as reported by CNBC, the new Upwork Skills Index includes the Certified Information Systems Security Professional as one of the 20 hottest job “skills” in the entire U.S. labor market. You read that right. Not just in security. Not just in IT. The entire labor market. Upwork is a platform for freelancers, so they keep a close eye on the types of skills employers are looking for and update their list quarterly to provide real-time validation of... Continue reading

As cybercrime rises, the world faces a shortage of nearly 3 million cybersecurity professionals. Show employers and prospects you have the advanced knowledge and technical skills to fill this critical and growing demand. With a globally recognized credential from (ISC)², you stand out at the forefront of the field. We know starting the journey to becoming certified can be challenging and even the brightest minds can benefit from having a guide on the journey to success. (ISC)²’s Ultimate Guides are your must-have resource for your certification journey. By downloading a NEW and IMPROVED Ultimate Guide, you will obtain an excellent... Continue reading

Today’s IT security landscape is tough terrain to navigate at the best of times. Cybersecurity professionals need all the guidance, insight and education they can get to help them stay on top of arguably the most challenging points where business and technology collide. As always, (ISC)2 is your partner on this journey, providing resources such as our series of webcasts to keep you up-to-date on the latest trends, issues, tactics and threats in cybersecurity. Want to know where to start? Here are the top 10 EMEA webcasts from the last year: Machine Learning in Infosec: Debunking Buzz and Demystifying Use... Continue reading

Today is an exciting day for (ISC)² members as your membership just got a whole lot more powerful. We are happy to announce the launch of the (ISC)² Professional Development Institute, known simply as PDI. PDI will be your go-to resource for timely and relevant continuing educational opportunities to keep your skills sharp and curiosity piqued. Best of all, these courses will all be available to members at no cost. With three courses already available — Building a Strong Culture of Security, DevSecOps: Integrating Security into DevOps, and GDPR for Security Professionals: A Framework for Success — we are thrilled... Continue reading

Stop us if you heard this one before: Cybersecurity professionals are responsible for protecting their organization’s users and data from the dangers of cyber threats, but they feel underappreciated. Two-thirds (67%) believe “IT security is viewed either as merely reactive to business needs or a cost rather than an asset to the organization,” says a survey of cybersecurity professionals and CISOs by Thycotic, a privileged access management (PAM) vendor. The survey found that a majority of cybersecurity professionals in the United Kingdom and Germany say executives and co-workers see them as more of a burden than a business benefit –... Continue reading

By John McCumber, Director of Cybersecurity Advocacy, (ISC)² After a lot of planning and coordination, we were excited to announce our new partnership with CyberUSA earlier this week. What is CyberUSA, you may ask? Governed by its members, the nonprofit was established to enhance information sharing between states and improve cyber resilience at all levels of participation: local, regional, and national. It is focused on the common mission of enabling innovation, education, workforce development, enhanced cyber readiness and resilience within our state and local communities, and connects them at the national level. What does all that mean? The key takeaway... Continue reading

Name: Renju Damodaran Title: Senior Manager, Cyber Risk Services Employer: Wipro Limited Location: Boston, MA Education: BS, Information Systems from BITS, Pilani. Years in IT: 20 Years in cybersecurity: 16 Cybersecurity certifications: CISSP, CISA, SABSA SCF How did you decide upon a career in cybersecurity? Back in the day (early 2000s), I was involved in setting up IT infrastructure for a startup company. I started interacting with information security professionals from external consulting firms and developed an interest in security as a profession. I learned BS7799 framework and landed an information security officer role in ING Vysya Bank (now known... Continue reading

Cheers to you on your decision to pursue an (ISC)² credential in 2019! You’re about to embark on a challenging and highly rewarding journey. Make sure you get the most out of it with the new (ISC)2 Certification Prep Kit. Preparing for the exam is no small task… Your path to success starts with the right study plan, and the Certification Prep Kit will help you map a course that fits your schedule and learning style. Dive right in for everything you’ll need to move ahead with confidence. Inside this free resource, you’ll find… Fast Facts on (ISC)2 Training and... Continue reading

By Marie E. Olson, CISM, CISSP, FIP Deputy Chief Privacy Officer, The Boeing Company This year, Data Privacy Day will spotlight the value of information. Whether you’re an individual looking to better manage your privacy and how your data is collected and shared, or a business collecting, using and storing that information, remember: Personal information is like money. Value it. Protect it. Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the January 28, 1981, signing of Convention 108, the first... Continue reading

Infographic available now: Get your Fast Facts about the CISSP Continue reading

A potential recession is on the minds of U.S. corporate executives, according to new research. But do you know what worries them even more? Cybersecurity. The C-Suite Challenge 2019 study by think tank The Conference Board reveals that American CEOs rank cybersecurity as their biggest “external concern” for 2019. It outranks recession fears, which took third place behind new competitors. It also matches a finding by the World Economic Forum that cyber attacks are the top risk of doing business in North America. Globally, recession fears top the list of external business concerns. This is a significant change from last... Continue reading

For the fourth year in a row, Certification Magazine named the Certified Cloud Security Professional (CCSP®) as the “Next Big Thing.” The magazine conducted their annual salary survey and found that the CCSP was the top choice for professionals to pursue in 2019. Ranking #2 in the list – for the third year in the row – is the CISSP certification. You can read the full article, “Certification leads to improved performance, increased earning power” here or in the January issue of Certification Magazine. This issue focuses on detailed results and findings from the annual salary survey. Continue reading

Call for speakers for the (ISC)² Security Congress 2019 is now open! The ninth annual cybersecurity conference will be held in Orlando, Fla., from October 28-30 at the Walt Disney World Swan and Dolphin Resort. We’re planning for the largest Congress yet with more than 4,000 attendees and 150 speakers. This year’s conference will be the largest ever as Security Congress has become a truly international event, with more attendees and sessions than ever before, aimed at a global audience. Security Congress will take place over three days with more than 100 educational and thought-provoking sessions to help security leaders... Continue reading

(ISC)²'s recent Cybersecurity Workforce Study asked what certifications professionals had plans to pursue in the coming year. Download the infographic: What Cybersecurity Certifications Are You Pursuing This Year? Continue reading

The (ISC)² Peru Chapter was started by initiative of Javier Romero, CISSP, by mid-2017, when he put in a petition to start a new chapter. Worried that top-level management of companies in Peru was not aware of – or possibly “not concerned enough about” - information security matters, a group of (ISC)² members committed to advocate information security in the country joined together with the goal of becoming the reliable reference in the subject for the local industry and government. Luis Mendoza, Michael Ocrospoma, and Rolando Navarro, together with J. Romero, then outlined an action strategy for the years to... Continue reading

Cybersecurity professionals are busy enough even without having to keep up with the constant changes in the threat landscape and advances in security technology. But keep up you must, and that’s why (ISC)² have webcasts throughout the year on various security-related topics. Based on ratings by cybersecurity professionals, here are the top 10 webcasts from 2018: State of the Internet/Security 2018: Web Attacks Learn how reptiles and hackers target the hotel industry by hitting the library, and how to fight back. This webcast includes case studies on how the aviation industry deploys crawler management solutions to protect their websites. Delivered... Continue reading

Name: Amy Mitchell Title: Managed Services Engineer Employer: KnowBe4 Location: Clearwater, FL, U.S. Education: Associates of Science Years in IT: 6 Years in cybersecurity: 4 Cybersecurity certifications: Security+, CISSP How did you decide upon a career in cybersecurity? I realized how important PCI DSS security is when I worked in the service industry. From there, I worked in network security for point of sale systems and have now moved to KnowBe4. I help teach people about cybersecurity awareness around the world. Why did you decide to pursue your CISSP? I interact and work with CISSPs on a regular basis. I... Continue reading

By Tony Vizza, CISSP, (ISC)² Director of Cybersecurity Advocacy, APAC Over the past few weeks, I have noticed a marked increase in the number of phishing attempts, both using cyber based methods as well as traditional methods such as phone calls, text messages and even postal service scams. Scammers rely on psychological trigger points to succeed. December, in particular, is a stressful time for many people. Boozy Christmas parties, buying presents for your family (and finding something your partner will like), planning the holiday getaway with the kids and of course wrapping up end-of-quarter and end-of-year and you have a... Continue reading

(ISC)² regularly conducts Job Task Analysis (JTA) studies to review and update the content outline of its credentialing examinations. A JTA is the methodical process used to determine tasks that are performed by credential holders and knowledge and skills required to perform those tasks successfully. Results of the JTA study link a candidate’s examination score directly to the domain knowledge being tested. A JTA Study Workshop for CISSP-ISSAP has tentatively been scheduled toward the end of March 2019. In preparation for the upcoming study, we would like to hear from our CISSP-ISSAP members. Please comment on any new content and... Continue reading

This week, SC Media released its list of Finalists for the 2019 SC Awards and (ISC)2 is once again in consideration as the best professional certification program in the cybersecurity industry. Winners will be announced at the SC Awards dinner, a gala evening convening hundreds of the industry’s brightest luminaries to network, toast the winners, and celebrate the best the cybersecurity community has to offer. The event takes place on March 5 at the InterContinental Hotel in San Francisco during the week of RSA Conference. Tickets can be purchased here. Continue reading

Name: Ramana Krothapalli Title: Consultant - Information Security & GRC Employer: Self-Employed Location: Hyderabad, India Education: M.Sc., PGDCA Years in IT: 7 Years in cybersecurity and/or privacy: 17 Cybersecurity certifications: CISSP, HCISSP, CISA, CISM, ISO 27001 LA How did you decide upon a career in healthcare security and/or privacy? It’s rather a chance than a choice. As the chief information security officer (CISO) of a software development firm, I was tasked to implement information security and privacy in multiple healthcare development projects. I am happy that I could contribute to security of healthcare. Why did you decide to pursue your... Continue reading