24 May 2019

GDPR – One Year On

by Dr. Sanjana Mehta, Head of Market Research Strategy - EMEA May 25 marks the first anniversary since the European Union’s General Data Protection Regulation (GDPR) came into force. After a two-year preparation process, the regulation came into effect a year ago tomorrow, harmonizing data security, data protection, data retention and data usage laws across the EU member states. It also has significant ramifications for companies outside the EU that hold personal information relating to EU citizens and organizations. Failure to comply with the GDPR can and will result in fines and other legal sanctions. The GDPR has already had... Read more →

Posted by on 24 May 2019 at 04:00 AM in Ethics, Government , Privacy | | Comments (0)

Tags: data protection, EU GDPR, GDPR, GDPR education, GDPR fines, GDPR framework, GDPR legislation, GDPR training, general data protection regulation, privacy, privacy regulation

| |

23 May 2019

Going for (ISC)² Certification? Get the facts before you choose a training provider.

Whether you’re going for CISSP, SSCP, CCSP or another elite (ISC)² certification, the training route is an excellent way to prepare. (ISC)² certifications are highly regarded in the cybersecurity industry, and countless training companies offer exam prep for them. With so many options, it can be unnecessarily hard to make the right choice. Often, we think the more choices we have, the better. But too many cybersecurity training options have created confusion and led to false claims that border on unethical as companies compete for your business. When it comes to assertions trainer providers make about their courses for our... Read more →

Posted by on 23 May 2019 at 09:00 AM in Cybersecurity Certifications, Cybersecurity Training | | Comments (0)

Tags: (ISC)² certification, (ISC)² education, (ISC)² training, cybersecurity certification, cybersecurity education, cybersecurity training, cybersecurity training myths

| |

22 May 2019

(ISC)² Provides Insight to Congressional Subcommittee on Diversification in the Cybersecurity Workforce

On May 21, (ISC)² COO Wesley Simpson was invited to join a panel of experts for testimony in front of the U.S. House of Representatives Committee on Homeland Security. The hearing, titled “Growing and Diversifying the Cyber Talent Pipeline” was a forum for committee members to ask witnesses for their observations and input on methods for growing the U.S. cybersecurity workforce and also for encouraging more minorities to join the profession. Mr. Simpson was joined on the panel by three other witnesses representing Grambling State University, The National Cybersecurity Institute at Excelsior College and McAfee. (ISC)² was approached by the... Read more →

Posted by on 22 May 2019 at 10:46 AM in Cybersecurity Workforce, Government | | Comments (0)

Tags: congressional hearing, cybersecurity workforce, cybersecurity workforce diversity, cybersecurity workforce study, government cybersecurity, u.s. congress, u.s. government, women in cybersecurity, workforce diversity

| |

09 May 2019

Investing in the Next Generation of Cybersecurity Leaders

by Dr. Mansur Hasib, CISSP, PMP, CPHIMS Program Chair, Cybersecurity Technology, The Graduate School, University of Maryland University College In order for any discipline to advance and grow, each generation of established thought leaders must mentor and invest in the next generation. The new generation can infuse new ideas, varied approaches, and innovative new ways to explain and present material. This is exactly what happened in a dramatic way at the 2019 Secure Summit DC hosted by (ISC)² . John McCumber and Susan Lausch of (ISC)² invited me to organize a contingent of 30 graduate cybersecurity students and recent graduates... Read more →

Posted by on 09 May 2019 at 08:30 AM in (ISC)² Events, Cybersecurity Training, Cybersecurity Workforce | | Comments (0)

Tags: cybersecurity conference, cybersecurity education, cybersecurity event, cybersecurity students, cybersecurity training, secure summit DC, secure summits, security congress, SSDC

| |

08 May 2019

Four Keys to Investing in Your Group B Professional Development

By Dr. Chris Veltsos, CISSP, member of (ISC)² Advisory Council of North America After many years of developing expertise in several technical domains, you’ve decided that this year you will invest more diligently into Group B CPE professional development activities. But how should you go about it? The official (ISC)² CPE handbook provides guidelines about the many options that will count towards Group B CPEs — and how much they will count — but figuring out how to prioritize the vast array of choices can be a challenge. After all, the field of possibilities is wide open, leaving us wondering... Read more →

Posted by on 08 May 2019 at 09:00 AM | | Comments (0)

Tags: (ISC)2 CPEs, career development, continuing professional education, CPE credits, professional development

| |

07 May 2019

Right-to-Repair: Good or Bad for Cybersecurity?

A debate is raging over who has the right to repair electronic equipment without voiding manufacturers’ warranties. On one side, companies such as Apple, Lexmark and Verizon are seeking to quash “right-to-repair” legislation; on the other, supporters of right of repair initiatives are accusing the tech industry of scare tactics. At issue is whether right-to-repair laws may impact cybersecurity considerations. Manufacturers argue cybersecurity would suffer by allowing unauthorized individuals to repair devices, however many cybersecurity professionals consider this claim an overreach. On May 2, cybersecurity advocacy group Securepairs.org issued a statement strongly supporting right-to-repair efforts. Declaring that “fixable stuff is... Read more →

Posted by on 07 May 2019 at 09:30 AM in Government | | Comments (0)

Tags: cybersecurity governance, cybersecurity legislation, right to repair, right to repair legislation

| |

03 May 2019

U.S. Presidential Order Aims to Bolster Federal Cybersecurity

An Executive Order signed by United States President Donald Trump aims to grow the government’s cybersecurity capability, improve integration of the cybersecurity workforce between federal departments, and strengthen the skills of individual cybersecurity practitioners. The order, titled Executive Order on America’s Cybersecurity Workforce and signed by the president on May 2, creates measures to help federal agencies retrain workers interested in cybersecurity and requires agencies to adopt the National Initiative for Cybersecurity Education (NICE) Framework in government contracts. It includes an incentive component, creating an annual competition with cash rewards of at least $25,000 “to identify, challenge, and reward the... Read more →

Posted by on 03 May 2019 at 08:00 AM in Cybersecurity Workforce | | Comments (0)

Tags: cybersecurity orders, cybersecurity workforce, u.s. executive order, u.s. government cybersecurity, white house

| |

01 May 2019

CSSLP Spotlight: John Kent

Name: John Kent Title: Manager IT, DevSecOps Employer: FedEx Location: Irving, Texas Education: BAAS Computer Science, MS Cybersecurity Years in IT: 37 Years in cybersecurity and/or privacy: 13 Cybersecurity certifications: CSSLP, CEH, CHFI How did you decide upon a career in security software development? My passion for software development began in 1981 and launched my career in 1987. It wasn’t until my first exposure to pen test results in 2005 that I understood software design, development, test and operations from a much wider perspective. There was so much more to programming than creating working software — it had to be... Read more →

Posted by on 01 May 2019 at 09:10 AM in IT Security, Spotlight | | Comments (0)

Tags: CSSLP professional, cybersecurity career, cybersecurity professional, cybersecurity spotlight, IT career, IT job, IT manager

| |

30 April 2019

(ISC)² Secure Summit EMEA in Review

On April 16, at the World Forum in The Hague, The Netherlands, (ISC)2 COO Wesley Simpson provided closing remarks to summarize some of the key sessions from the two-day Secure Summit EMEA event as it was wrapping up. To give you a window into the kinds of topics addressed during the Summit, what follows is an excerpt from his address. [Edited for length] Now, to close out the 2019 (ISC)² Secure Summit EMEA, let’s take a few minutes to look back at what we can take away from this year’s event. I’ve had a chance to speak with many of... Read more →

Posted by on 30 April 2019 at 05:00 AM in (ISC)² Events | | Comments (0)

Tags: (ISC)² events, secure summit EMEA, secure summits

| |

29 April 2019

Heavy Industrial Companies Grapple with Cybersecurity Problems

Companies in heavy industrial industries such as mining, oil and gas, electricity and chemicals have become a major target for cybercrime. But securing these companies is complicated as they must not only protect their IT infrastructure but also their OT (operational technology) assets. Cybersecurity solutions and tools that work in IT environments do not transfer well to the OT side, potentially harming industrial devices. “Even merely scanning these devices for vulnerabilities has led to major process disruptions,” according to a recent McKinsey article. But even though the same tools aren’t effective for both environments, links between OT and IT are... Read more →

Posted by on 29 April 2019 at 08:55 AM in IT Security | | Comments (1)

Tags: cybersecurity lexicon, cybersecurity research, ICS, ICS cybersecurity, ICS lexicon, industrial control systems, IT security, IT/OT security, operational technology security

| |

Next »