« April 2019 | Main | June 2019 »

Posts from May 2019

30 May 2019

Additional Recognition for Cybersecurity Certifications

Following the signing of a Multilateral Recognition Arrangement (MLA) signed last year that confirms the American National Standards Institute’s (ANSI) standing as an internationally respected accrediting body with rigorous standards, all nine (ISC)² cybersecurity certifications are now recognized by the International Accreditation Forum (IAF). The MLA applies to IAF accrediting bodies, including ANSI, and shows that the organizations they accredit all meet the same rigorous standards. According to a press release issued by ANSI, “Regional Accreditation Group members of IAF are admitted to the IAF MLA only after a most stringent evaluation of their operations by a peer evaluation team... Read more →

Posted by on 30 May 2019 at 08:30 AM in Cybersecurity Certifications | | Comments (2)

Tags: American National Standards Institute, ANSI, ANSI/ISO/IEC, cybersecurity certifications, IAF, international accreditation forum, MLA

| |

28 May 2019

Be Part of the Workforce Study!

The (ISC)² Cybersecurity Workforce Study is conducted to assess the cybersecurity workforce gap, better understand the barriers facing the cybersecurity profession, and uncover solutions to issues facing the industry. The 2.93M workforce gap number has been reported on far and wide, but the gap is just one part of the report. It’s important that we focus on finding answers to the problems facing cybersecurity practitioners, management and organizations. In just a few weeks, we will be conducting our next round of research and we want to hear from you! We need the opinions and insights from professionals on the front... Read more →

Posted by on 28 May 2019 at 09:05 AM in Cybersecurity Workforce | | Comments (0)

Tags: cybersecurity research, cybersecurity workforce report, cybersecurity workforce research, cybersecurity workforce study

| |

24 May 2019

GDPR – One Year On

by Dr. Sanjana Mehta, Head of Market Research Strategy - EMEA May 25 marks the first anniversary since the European Union’s General Data Protection Regulation (GDPR) came into force. After a two-year preparation process, the regulation came into effect a year ago tomorrow, harmonizing data security, data protection, data retention and data usage laws across the EU member states. It also has significant ramifications for companies outside the EU that hold personal information relating to EU citizens and organizations. Failure to comply with the GDPR can and will result in fines and other legal sanctions. The GDPR has already had... Read more →

Posted by on 24 May 2019 at 04:00 AM in Ethics, Government , Privacy | | Comments (0)

Tags: data protection, EU GDPR, GDPR, GDPR education, GDPR fines, GDPR framework, GDPR legislation, GDPR training, general data protection regulation, privacy, privacy regulation

| |

23 May 2019

Going for (ISC)² Certification? Get the facts before you choose a training provider.

Whether you’re going for CISSP, SSCP, CCSP or another elite (ISC)² certification, the training route is an excellent way to prepare. (ISC)² certifications are highly regarded in the cybersecurity industry, and countless training companies offer exam prep for them. With so many options, it can be unnecessarily hard to make the right choice. Often, we think the more choices we have, the better. But too many cybersecurity training options have created confusion and led to false claims that border on unethical as companies compete for your business. When it comes to assertions trainer providers make about their courses for our... Read more →

Posted by on 23 May 2019 at 09:00 AM in Cybersecurity Certifications, Cybersecurity Training | | Comments (0)

Tags: (ISC)² certification, (ISC)² education, (ISC)² training, cybersecurity certification, cybersecurity education, cybersecurity training, cybersecurity training myths

| |

22 May 2019

(ISC)² Provides Insight to Congressional Subcommittee on Diversification in the Cybersecurity Workforce

On May 21, (ISC)² COO Wesley Simpson was invited to join a panel of experts for testimony in front of the U.S. House of Representatives Committee on Homeland Security. The hearing, titled “Growing and Diversifying the Cyber Talent Pipeline” was a forum for committee members to ask witnesses for their observations and input on methods for growing the U.S. cybersecurity workforce and also for encouraging more minorities to join the profession. Mr. Simpson was joined on the panel by three other witnesses representing Grambling State University, The National Cybersecurity Institute at Excelsior College and McAfee. (ISC)² was approached by the... Read more →

Posted by on 22 May 2019 at 10:46 AM in Cybersecurity Workforce, Government | | Comments (0)

Tags: congressional hearing, cybersecurity workforce, cybersecurity workforce diversity, cybersecurity workforce study, government cybersecurity, u.s. congress, u.s. government, women in cybersecurity, workforce diversity

| |

09 May 2019

Investing in the Next Generation of Cybersecurity Leaders

by Dr. Mansur Hasib, CISSP, PMP, CPHIMS Program Chair, Cybersecurity Technology, The Graduate School, University of Maryland University College In order for any discipline to advance and grow, each generation of established thought leaders must mentor and invest in the next generation. The new generation can infuse new ideas, varied approaches, and innovative new ways to explain and present material. This is exactly what happened in a dramatic way at the 2019 Secure Summit DC hosted by (ISC)² . John McCumber and Susan Lausch of (ISC)² invited me to organize a contingent of 30 graduate cybersecurity students and recent graduates... Read more →

Posted by on 09 May 2019 at 08:30 AM in Cybersecurity Training, Cybersecurity Workforce, ISC2 Events | | Comments (0)

Tags: cybersecurity conference, cybersecurity education, cybersecurity event, cybersecurity students, cybersecurity training, secure summit DC, secure summits, security congress, SSDC

| |

08 May 2019

Four Keys to Investing in Your Group B Professional Development

By Dr. Chris Veltsos, CISSP, member of (ISC)² Advisory Council of North America After many years of developing expertise in several technical domains, you’ve decided that this year you will invest more diligently into Group B CPE professional development activities. But how should you go about it? The official (ISC)² CPE handbook provides guidelines about the many options that will count towards Group B CPEs — and how much they will count — but figuring out how to prioritize the vast array of choices can be a challenge. After all, the field of possibilities is wide open, leaving us wondering... Read more →

Posted by on 08 May 2019 at 09:00 AM | | Comments (0)

Tags: (ISC)2 CPEs, career development, continuing professional education, CPE credits, professional development

| |

07 May 2019

Right-to-Repair: Good or Bad for Cybersecurity?

A debate is raging over who has the right to repair electronic equipment without voiding manufacturers’ warranties. On one side, companies such as Apple, Lexmark and Verizon are seeking to quash “right-to-repair” legislation; on the other, supporters of right of repair initiatives are accusing the tech industry of scare tactics. At issue is whether right-to-repair laws may impact cybersecurity considerations. Manufacturers argue cybersecurity would suffer by allowing unauthorized individuals to repair devices, however many cybersecurity professionals consider this claim an overreach. On May 2, cybersecurity advocacy group Securepairs.org issued a statement strongly supporting right-to-repair efforts. Declaring that “fixable stuff is... Read more →

Posted by on 07 May 2019 at 09:30 AM in Government | | Comments (0)

Tags: cybersecurity governance, cybersecurity legislation, right to repair, right to repair legislation

| |

03 May 2019

U.S. Presidential Order Aims to Bolster Federal Cybersecurity

An Executive Order signed by United States President Donald Trump aims to grow the government’s cybersecurity capability, improve integration of the cybersecurity workforce between federal departments, and strengthen the skills of individual cybersecurity practitioners. The order, titled Executive Order on America’s Cybersecurity Workforce and signed by the president on May 2, creates measures to help federal agencies retrain workers interested in cybersecurity and requires agencies to adopt the National Initiative for Cybersecurity Education (NICE) Framework in government contracts. It includes an incentive component, creating an annual competition with cash rewards of at least $25,000 “to identify, challenge, and reward the... Read more →

Posted by on 03 May 2019 at 08:00 AM in Cybersecurity Workforce | | Comments (0)

Tags: cybersecurity orders, cybersecurity workforce, u.s. executive order, u.s. government cybersecurity, white house

| |

01 May 2019

CSSLP Spotlight: John Kent

Name: John Kent Title: Manager IT, DevSecOps Employer: FedEx Location: Irving, Texas Education: BAAS Computer Science, MS Cybersecurity Years in IT: 37 Years in cybersecurity and/or privacy: 13 Cybersecurity certifications: CSSLP, CEH, CHFI How did you decide upon a career in security software development? My passion for software development began in 1981 and launched my career in 1987. It wasn’t until my first exposure to pen test results in 2005 that I understood software design, development, test and operations from a much wider perspective. There was so much more to programming than creating working software — it had to be... Read more →

Posted by on 01 May 2019 at 09:10 AM in IT Security, Spotlight | | Comments (1)

Tags: CSSLP professional, cybersecurity career, cybersecurity professional, cybersecurity spotlight, IT career, IT job, IT manager

| |