« July 2019 | Main | September 2019 »

Posts from August 2019

30 August 2019

Getting Started on the California Consumer Privacy Act

by Paul Lanois, SSCP, CIPP, CIPT, CIPM, Member of the (ISC)² Advisory Council of North America Privacy Working Group and Eric Tierling, CISSP, Member of the (ISC)² Advisory Council of North America Privacy Working Group If you have spent any amount of time online recently, then it is extremely likely that you have already heard about the General Data Protection Regulation (the "GDPR"), the European regulation which came into effect on May 25, 2018 and which governs data protection or individuals which have their personal data processed or stored by an organization within the European Economic Area (EEA). Meanwhile, information... Read more →

Posted by on 30 August 2019 at 07:30 AM in Cybersecurity Workforce, Government , Privacy | | Comments (1)

Tags: advisory council, CCPA, cybersecurity laws, cybersecurity legislation, cybersecurity regulations, GDPR, privacy, privacy laws, privacy regulations

| |

29 August 2019

VMware Acquisitions Highlight the Importance of DevSecOps

In the digital age, security can no longer be an afterthought. As organizations modernize their IT environments through digital transformation initiatives, it’s become more critical than ever to bake security into new applications from the start. Virtualization giant VMware recognizes this new reality, which explains why it has decided to acquire two companies that give the company a stronger foothold in digital transformation and cybersecurity. One of the companies, Pivotal Software, brings to VMware a platform for developing applications in the cloud. The other, Carbon Black, has a cloud-native endpoint protection platform that ensures this is done securely. Together, the... Read more →

Posted by on 29 August 2019 at 09:05 AM in Cloud Security, Cybersecurity Certifications, Cybersecurity Training, IT Security | | Comments (1)

Tags: CCSP, CISSP, cloud security education, cloud security training, continuing professional education, CPE, cybersecurity education, cybersecurity training, DevOps, DevSecOps, PDI, Professional Development Institute, VMware

| |

28 August 2019

CCSP and CCSK: Which Cloud Security Credential Is Right For You?

Two of the industry’s most highly regarded cloud security credentials are the CCSP from (ISC)² and the CCSK from Cloud Security Alliance (CSA). Both offer a comprehensive education on cloud security fundamentals, but there are important differences. Here’s a quick breakdown of each. CCSP (Certified Cloud Security Professional). The CCSP is for IT and information security leaders seeking to prove their understanding of cybersecurity and securing critical assets in the cloud. It shows you have the advanced technical skills and knowledge to design, manage and secure data, applications and infrastructure in the cloud. Roles that typically require a CCSP include... Read more →

Posted by on 28 August 2019 at 09:30 AM in Cloud Security, Cybersecurity Certifications | | Comments (0)

Tags: CCSK, CCSP, cloud security career, cloud security certificate, cloud security certification, cloud security training, cybersecurity certification

| |

27 August 2019

IT Professionals: Use the Security Skills Shortage to Your Advantage

A cybersecurity skills shortage is expected to result in 3.5 million unfilled positions by 2021. Research from ESG finds 51% of organizations believe they have a “problematic shortage” of cybersecurity skills – an increase of 7% year-over-year. Clearly, the skills gap is a serious problem, impacting an organization’s ability to keep up with software vulnerabilities, harden devices, respond to security issues quickly and strategically manage security in an ever-evolving threat landscape. With the odds stacked against them, businesses must find new ways to recruit and retain skilled security employees and proactively address the lack of talent to fill critical roles.... Read more →

Posted by on 27 August 2019 at 08:30 AM in Cybersecurity Certifications, Cybersecurity Workforce, IT Security | | Comments (0)

Tags: cybersecurity career, cybersecurity career path, cybersecurity skills shortage, cybersecurity workforce

| |

26 August 2019

The Collaborative Alliance to Develop New Cybersecurity Council and Professional Recognition as part of the UK’s National Cybersecurity Strategy

(ISC)² is a member of The Collaborative Alliance for Cybersecurity, a consortium of organisations that represent a substantial part of the cybersecurity community in the UK. As part of the Alliance, we will be participating in the design and delivery of the new UK Cyber Security Council on behalf of the Department for Digital, Culture, Media & Sport (DCMS). The Alliance, with the Institution of Engineering and Technology (IET) nominated as lead organisation, was selected following a competitive grant competition by DCMS. The Collaborative Alliance for Cybersecurity brings stakeholders together in the interest of advancing a healthy cybersecurity workforce for... Read more →

Posted by on 26 August 2019 at 04:00 AM in Cybersecurity Workforce, Government | | Comments (0)

Tags: Collaborative Alliance for Cybersecurity, Culture, DCMS, Department for Digital, Media & Sport, UK Cyber Security Council, UK cybersecurity

| |

22 August 2019

(ISC)² is Now an Approved Professional Organisation for Tax Relief in the UK

There are few certainties in life, with taxes being very much at the top of the list. However, for (ISC)2 members in the UK, we have some good news for you on that front. From now on, members in the UK will be able to claim tax relief on their annual maintenance fee (AMF) in most cases. We have been granted Approved Professional Organisations and Learned Societies status by HM Revenue & Customs (HMRC), the UK’s tax, payments and customs authority. This status recognises (ISC)2 among a select number of essential professional societies and bodies operating in the UK that... Read more →

Posted by on 22 August 2019 at 04:00 AM in Cybersecurity Workforce | | Comments (0)

Tags: cybersecurity tax relief, HM Revenue & Customs, UK tax relief

| |

21 August 2019

Salaries for Cybersecurity Chiefs Soar

As the cybersecurity skills shortage intensifies, cyber professionals have become the target of stiff competition among recruiters and employers. Compensation and benefits packages are becoming increasingly generous, essentially giving jobseekers the chance to write their own ticket. Compensation packages have exceeded $6 million at some large technology companies, according to a recent Bloomberg article. Such packages typically involve mostly stock but even so, they prove that it definitely pays to be in the cybersecurity field. Even the direct charges of top security officers are commanding salaries in the $1 million range, according to Bloomberg. The reasons for these bloated pay... Read more →

Posted by on 21 August 2019 at 08:30 AM in Cybersecurity Certifications, Cybersecurity Workforce | | Comments (0)

Tags: CCSP, certification magazine, CISSP, cybersecurity career, cybersecurity certifications, cybersecurity job, cybersecurity pay, cybersecurity salaries, cybersecurity workforce, IT security job, IT security salaries

| |

20 August 2019

Most Cyber Workers Plan to See Out Their Careers in the Field

Recruiting cybersecurity professionals is a major challenge because of the scarcity of qualified candidates, but at least employers don’t have to worry about them wanting to change professions. Most cybersecurity workers (64%) plan to finish out their careers in cybersecurity, according to (ISC)² research. Of course, this creates a new challenge for employers – how to retain their cybersecurity staff. With a worldwide shortage of nearly 3 million, there’s always a chance workers will leave for better pay or more attractive working conditions. To prevent this, employers must put serious effort into retention with measures such as robust training, professional... Read more →

Posted by on 20 August 2019 at 08:55 AM in Cybersecurity Training, Cybersecurity Workforce | | Comments (0)

Tags: cybersecurity career, cybersecurity career length, cybersecurity certification, cybersecurity salary, IT security career

| |

15 August 2019

3 Pro Tips for Moving from IT to Security

Already have a background in IT? Here are three tips for moving toward a more security-focused role. Take a cue from Goldilocks: Go after the industry certification that’s “just right.” This entails pursuing a credential that helps augment technical skills with security practices. Many choose the SSCP for its balance between the foundational and technical. SSCP allows you to prove a technical understanding without having to seek a more entry-level certification. Change your perspective to layer security into the work you’re already doing. Moving from IT to security is a natural evolution. Once you’ve gained the requisite knowledge and put... Read more →

Posted by on 15 August 2019 at 09:10 AM in Cybersecurity Certifications, Cybersecurity Training, IT Security | | Comments (1)

Tags: cybersecurity career, cybersecurity certification, devsecops, IT security, security career, SSCP

| |

14 August 2019

Center Day at Congress

(ISC)²’s biggest and best Security Congress yet – with three days of more than 175 sessions and 200 speakers – kicks off in less than three months! Act now - Early Bird registration is still open and workshops and pre-conference trainings are filling up. This year’s conference will be held at the Walt Disney World Swan and Dolphin Resort and will feature workshops, career resources, awards, an escape room and so much more. Our Center for Cyber Safety and Education will once again host its annual volunteer orientation and other special programming. Find out what Center Day at (ISC)² Security... Read more →

Posted by on 14 August 2019 at 09:05 AM in (ISC)² Events, Center for Cyber Safety and Education | | Comments (0)

Tags: (ISC)² conference, (ISC)² foundation, center day, center for cyber safety and education, cybersecurity awareness month, security congress

| |

13 August 2019

(ISC)² Meeting with Department of Commerce to Discuss Cybersecurity Workforce Issues

Part of (ISC)²’s role in the cybersecurity industry includes representing its members in legislative matters to ensure that we’re advocating for the profession and providing guidance to government leaders on new policies that may be championed. On Wednesday, August 14, (ISC)² Director of Cybersecurity Advocacy John McCumber will meet with The U.S. Senate Committee on Commerce, Science and Transportation to discuss the findings of the (ISC)² Cybersecurity Workforce Study and its implications on cybersecurity workforce advancement that the U.S. government might spearhead in collaboration with the private sector. This type of input session will help to inform the committee during... Read more →

Posted by on 13 August 2019 at 01:32 PM in Cybersecurity Workforce, Government | | Comments (0)

Tags: cybersecurity advocacy, cybersecurity legislation, cybersecurity workforce, government cybersecurity, homeland security, john mccumber

| |

SSCP vs. CISSP Exams: How are they different?

You’re considering a cybersecurity certification and the SSCP and CISSP are both on your list. After comparing the material, you’re thinking there’s a good bit of overlap between the two. But is there, really? And if you sit for one exam would you be able to sit for the other without additional study or preparation? These are excellent questions. In fact, we hear them a lot. And the reality is, there ARE commonalities, which is true for most things in the field. However, these two certifications are wholly different and were developed from two distinct perspectives. In many ways, the... Read more →

Posted by on 13 August 2019 at 08:30 AM in Cybersecurity Certifications, Cybersecurity Training, IT Security, Network Security, Privacy, Ransomware, Risk | | Comments (6)

Tags: certification exam comparisons, CISSP, CISSP comparison, CISSP vs SSCP, cybersecurity certification comparison, cybersecurity certification exams, SSCP, SSCP certification

| |

06 August 2019

Why Certified Cloud Security Professionals are in Higher Demand Than Ever

A new report from Palo Alto Networks’ Unit 42 threat intelligence team titled “Cloudy With a Chance of Entropy” reports that there are at least 34 million vulnerabilities across some of the largest cloud platforms, including Amazon Web Services, Google Compute Engine and Microsoft Azure. Notably, the threats were not found to be the result of cloud providers themselves, but rather the applications customers deploy on cloud infrastructure. As the report states, “cloud service providers maintained their sterling reputation for platform security . . . however, consumers of infrastructure- and platform-as-a-service (IaaS and PaaS) cloud offerings continue to struggle with... Read more →

Posted by on 06 August 2019 at 08:30 AM in (ISC)² Events, Cloud Security | | Comments (0)

Tags: CCSP, cloud security, cloud security alliance, cloud security certification, cloud security professional, csa summit, security congress

| |

01 August 2019

Writing Cybersecurity Articles – Getting Through the Tough Times

by Dr. Chris Veltsos, CISSP, member of (ISC)² Advisory Council of North America We’ve all been there, staring at the blank page or the blank screen, frustrated that the words aren’t flowing anymore, if they ever were. For the fortunate, this feeling can be fleeting, quickly replaced by a geyser of ideas and sentences that flow onto the page. For the rest of us, the momentary blockage can take a more serious turn, resulting in days or weeks of “challenged writing” in which you have no choice but to plow through the slow drip-drip of words and ideas. In extreme... Read more →

Posted by on 01 August 2019 at 08:50 AM | | Comments (0)

Tags: business writing tips, cybersecurity writing, cybersecurity writing tips. professional development tips, writing for cybersecurity

| |