Today’s IT security landscape is tough terrain to navigate at the best of times. Cybersecurity professionals need all the guidance, insight and education they can get to help them stay on top of arguably the most challenging points where business and technology collide. As always, (ISC)2 is your partner on this journey, providing resources such as our series of webcasts to keep you up-to-date on the latest trends, issues, tactics and threats in cybersecurity. Want to know where to start? Here are the top 10 EMEA webcasts from the last year: Machine Learning in Infosec: Debunking Buzz and Demystifying Use... Continue reading

Today is an exciting day for (ISC)² members as your membership just got a whole lot more powerful. We are happy to announce the launch of the (ISC)² Professional Development Institute, known simply as PDI. PDI will be your go-to resource for timely and relevant continuing educational opportunities to keep your skills sharp and curiosity piqued. Best of all, these courses will all be available to members at no cost. With three courses already available — Building a Strong Culture of Security, DevSecOps: Integrating Security into DevOps, and GDPR for Security Professionals: A Framework for Success — we are thrilled... Continue reading

Stop us if you heard this one before: Cybersecurity professionals are responsible for protecting their organization’s users and data from the dangers of cyber threats, but they feel underappreciated. Two-thirds (67%) believe “IT security is viewed either as merely reactive to business needs or a cost rather than an asset to the organization,” says a survey of cybersecurity professionals and CISOs by Thycotic, a privileged access management (PAM) vendor. The survey found that a majority of cybersecurity professionals in the United Kingdom and Germany say executives and co-workers see them as more of a burden than a business benefit –... Continue reading

By John McCumber, Director of Cybersecurity Advocacy, (ISC)² After a lot of planning and coordination, we were excited to announce our new partnership with CyberUSA earlier this week. What is CyberUSA, you may ask? Governed by its members, the nonprofit was established to enhance information sharing between states and improve cyber resilience at all levels of participation: local, regional, and national. It is focused on the common mission of enabling innovation, education, workforce development, enhanced cyber readiness and resilience within our state and local communities, and connects them at the national level. What does all that mean? The key takeaway... Continue reading

Name: Renju Damodaran Title: Senior Manager, Cyber Risk Services Employer: Wipro Limited Location: Boston, MA Education: BS, Information Systems from BITS, Pilani. Years in IT: 20 Years in cybersecurity: 16 Cybersecurity certifications: CISSP, CISA, SABSA SCF How did you decide upon a career in cybersecurity? Back in the day (early 2000s), I was involved in setting up IT infrastructure for a startup company. I started interacting with information security professionals from external consulting firms and developed an interest in security as a profession. I learned BS7799 framework and landed an information security officer role in ING Vysya Bank (now known... Continue reading

Cheers to you on your decision to pursue an (ISC)² credential in 2019! You’re about to embark on a challenging and highly rewarding journey. Make sure you get the most out of it with the new (ISC)2 Certification Prep Kit. Preparing for the exam is no small task… Your path to success starts with the right study plan, and the Certification Prep Kit will help you map a course that fits your schedule and learning style. Dive right in for everything you’ll need to move ahead with confidence. Inside this free resource, you’ll find… Fast Facts on (ISC)2 Training and... Continue reading

By Marie E. Olson, CISM, CISSP, FIP Deputy Chief Privacy Officer, The Boeing Company This year, Data Privacy Day will spotlight the value of information. Whether you’re an individual looking to better manage your privacy and how your data is collected and shared, or a business collecting, using and storing that information, remember: Personal information is like money. Value it. Protect it. Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the January 28, 1981, signing of Convention 108, the first... Continue reading

Infographic available now: Get your Fast Facts about the CISSP Continue reading

A potential recession is on the minds of U.S. corporate executives, according to new research. But do you know what worries them even more? Cybersecurity. The C-Suite Challenge 2019 study by think tank The Conference Board reveals that American CEOs rank cybersecurity as their biggest “external concern” for 2019. It outranks recession fears, which took third place behind new competitors. It also matches a finding by the World Economic Forum that cyber attacks are the top risk of doing business in North America. Globally, recession fears top the list of external business concerns. This is a significant change from last... Continue reading

For the fourth year in a row, Certification Magazine named the Certified Cloud Security Professional (CCSP®) as the “Next Big Thing.” The magazine conducted their annual salary survey and found that the CCSP was the top choice for professionals to pursue in 2019. Ranking #2 in the list – for the third year in the row – is the CISSP certification. You can read the full article, “Certification leads to improved performance, increased earning power” here or in the January issue of Certification Magazine. This issue focuses on detailed results and findings from the annual salary survey. Continue reading

Call for speakers for the (ISC)² Security Congress 2019 is now open! The ninth annual cybersecurity conference will be held in Orlando, Fla., from October 28-30 at the Walt Disney World Swan and Dolphin Resort. We’re planning for the largest Congress yet with more than 4,000 attendees and 150 speakers. This year’s conference will be the largest ever as Security Congress has become a truly international event, with more attendees and sessions than ever before, aimed at a global audience. Security Congress will take place over three days with more than 100 educational and thought-provoking sessions to help security leaders... Continue reading

(ISC)²'s recent Cybersecurity Workforce Study asked what certifications professionals had plans to pursue in the coming year. Download the infographic: What Cybersecurity Certifications Are You Pursuing This Year? Continue reading

The (ISC)² Peru Chapter was started by initiative of Javier Romero, CISSP, by mid-2017, when he put in a petition to start a new chapter. Worried that top-level management of companies in Peru was not aware of – or possibly “not concerned enough about” - information security matters, a group of (ISC)² members committed to advocate information security in the country joined together with the goal of becoming the reliable reference in the subject for the local industry and government. Luis Mendoza, Michael Ocrospoma, and Rolando Navarro, together with J. Romero, then outlined an action strategy for the years to... Continue reading

Cybersecurity professionals are busy enough even without having to keep up with the constant changes in the threat landscape and advances in security technology. But keep up you must, and that’s why (ISC)² have webcasts throughout the year on various security-related topics. Based on ratings by cybersecurity professionals, here are the top 10 webcasts from 2018: State of the Internet/Security 2018: Web Attacks Learn how reptiles and hackers target the hotel industry by hitting the library, and how to fight back. This webcast includes case studies on how the aviation industry deploys crawler management solutions to protect their websites. Delivered... Continue reading

Name: Amy Mitchell Title: Managed Services Engineer Employer: KnowBe4 Location: Clearwater, FL, U.S. Education: Associates of Science Years in IT: 6 Years in cybersecurity: 4 Cybersecurity certifications: Security+, CISSP How did you decide upon a career in cybersecurity? I realized how important PCI DSS security is when I worked in the service industry. From there, I worked in network security for point of sale systems and have now moved to KnowBe4. I help teach people about cybersecurity awareness around the world. Why did you decide to pursue your CISSP? I interact and work with CISSPs on a regular basis. I... Continue reading

By Tony Vizza, CISSP, (ISC)² Director of Cybersecurity Advocacy, APAC Over the past few weeks, I have noticed a marked increase in the number of phishing attempts, both using cyber based methods as well as traditional methods such as phone calls, text messages and even postal service scams. Scammers rely on psychological trigger points to succeed. December, in particular, is a stressful time for many people. Boozy Christmas parties, buying presents for your family (and finding something your partner will like), planning the holiday getaway with the kids and of course wrapping up end-of-quarter and end-of-year and you have a... Continue reading

(ISC)² regularly conducts Job Task Analysis (JTA) studies to review and update the content outline of its credentialing examinations. A JTA is the methodical process used to determine tasks that are performed by credential holders and knowledge and skills required to perform those tasks successfully. Results of the JTA study link a candidate’s examination score directly to the domain knowledge being tested. A JTA Study Workshop for CISSP-ISSAP has tentatively been scheduled toward the end of March 2019. In preparation for the upcoming study, we would like to hear from our CISSP-ISSAP members. Please comment on any new content and... Continue reading

This week, SC Media released its list of Finalists for the 2019 SC Awards and (ISC)2 is once again in consideration as the best professional certification program in the cybersecurity industry. Winners will be announced at the SC Awards dinner, a gala evening convening hundreds of the industry’s brightest luminaries to network, toast the winners, and celebrate the best the cybersecurity community has to offer. The event takes place on March 5 at the InterContinental Hotel in San Francisco during the week of RSA Conference. Tickets can be purchased here. Continue reading

Name: Ramana Krothapalli Title: Consultant - Information Security & GRC Employer: Self-Employed Location: Hyderabad, India Education: M.Sc., PGDCA Years in IT: 7 Years in cybersecurity and/or privacy: 17 Cybersecurity certifications: CISSP, HCISSP, CISA, CISM, ISO 27001 LA How did you decide upon a career in healthcare security and/or privacy? It’s rather a chance than a choice. As the chief information security officer (CISO) of a software development firm, I was tasked to implement information security and privacy in multiple healthcare development projects. I am happy that I could contribute to security of healthcare. Why did you decide to pursue your... Continue reading

The National Cyber Security Centre (NCSC) has outlined new rules of the road for earning its Certified Cyber Professional (CCP) specialist certification. The new pilot program for the certification commences in 2019 and focuses on assessing two main areas of specialism: risk management and security architecture. Why is this of interest to you? The NCSC has outlined three ways in which candidates can demonstrate foundational cybersecurity knowledge in order to qualify for the scheme. One of those ways is to hold a CISSP certification and a full (ISC)2 membership. This is yet another signpost that highlights the industry recognition of... Continue reading

Our own John McCumber, director of cybersecurity advocacy for North America, was provided a great opportunity this week to present the findings from our recent 2018 Cybersecurity Workforce Study to the National Initiative for Cybersecurity Education Working Group (NICEWG) at its monthly meeting. As you may well know – or can guess – this working group covers the NICE Framework published by the National Institute for Standards and Technology (NIST) and brings together a diverse group of public and private sector cybersecurity experts to discuss ways to advance cybersecurity education, training and workforce development. To be invited to present to... Continue reading

Name: Shawn O’Reilly Title: Information Security Officer Employer: SUNY Upstate Medical University Location: Syracuse, New York Education: Master’s in Information Management, Syracuse University Years in IT: 25 Years in cybersecurity and/or privacy: 20 Cybersecurity certifications: CISSP, CCSP, HCISPP, CISM, CISA How did you decide upon a career in healthcare security and privacy? The opportunity to move into a healthcare security and privacy career presented itself about 15 years ago when I was searching for a new job. I was previously employed by a Big 4 accounting firm, where I got my start as a cybersecurity consultant. I was looking to... Continue reading

Cyberattacks rank as the number one risk of doing business in North America, Europe and the East Asia-Pacific region, according to a World Economic Forum report, Regional Risks of Doing Business. While business leaders in other areas of the globe are more concerned about unemployment, unstable governments and oil prices, cyber risks rank as the fifth highest worldwide. The concern about cyberattacks shows just how critical cybersecurity has become, ranking even higher than terrorism in the global top 10. Not surprisingly, cyber risks are a bigger concern among the most industrialized areas of the globe such as North America, where... Continue reading

Name: George Chacko Title: Senior Manager, Information Security Employer: New York Blood Center Location: New York, NY, U.S. Education: State University of New York at Buffalo Years in cybersecurity and/or privacy: 14 Cybersecurity certifications: CISSP, HCISPP How did you decide upon a career in healthcare security and/or privacy? After starting my career in financial services as an information security professional, I knew that the healthcare industry was an area in which experienced resources were needed due to the rise in major breaches of medical records and personal healthcare information. I had many family and friends in different roles in healthcare... Continue reading

The holidays are a great time to give back to your local community. November 27 is known as Giving Tuesday, a global day of giving. This year, the Center for Cyber Safety and Education is adding some “cattitude” to Giving Tuesday. Sign up for the Center’s “Round-Up” program from November 1 to November 27 and you will be entered for the chance to win a Jim Davis autographed holiday-themed Garfield print. Once enrolled, the program “rounds up” your change on every day purchases and donates them to the charity of your choice. Another way to give back is at the... Continue reading