When it comes time to decommission data storage systems, there is much that must be planned and thoroughly carried out. It’s not just about the activity, it is also about due diligence, oversight, and proof. Data that appears to have been deleted is often still recoverable, and in many cases, people make mistakes, such as forgetting a second backup exists somewhere else, or forgetting to verify that a destruction has been successfully and completely deployed. Human errors like this are referred to as unintentional insider threats, since they lead to the potential of data theft, litigation, and penalties. It is... Read more →
« October 2021 | Main | December 2021 »
Posts from November 2021
30 November 2021
A Safe and Secure Way to Decommission
Posted by (ISC)² Management on 30 November 2021 at 08:00 AM in Cybersecurity Certifications | Permalink
|
Comments (0)
29 November 2021
How to Prepare for CISSP Exam Day
By deciding to take the CISSP exam, you’ve chosen to further your education and showcase your knowledge and experience by achieving the world’s premier cybersecurity certification. Soon, you will join the ranks of more than 147,000 global leaders committed to a safe and secure cyber world. Make a Timeline As you prep for your CISSP exam, first consider your experience level and determine a timeline that fits for your current workload and lifestyle. The amount of time you need to dedicate to studying can vary based on your experience. Do you have questions about creating a CISSP study plan? Learn... Read more →
Posted by (ISC)² Management on 29 November 2021 at 07:00 AM in Cybersecurity Certifications, Cybersecurity Training | Permalink
|
Comments (0)
23 November 2021
The Best Way to Start Your Cloud Security Career
Where do you begin your journey in InfoSec? What do you need to study? How do you even get started in a vast field with so many areas, and so many opportunities? These questions often haunt a new InfoSec candidate, sometimes causing them to freeze, doing nothing for fear of taking the wrong path. Everywhere you look, it is apparent that cloud computing is not only the future of Information Security, it is happening right now. If you are asking the question of where to begin, there is no better place to look than cloud security. Along with that, while... Read more →
Posted by (ISC)² Management on 23 November 2021 at 08:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
22 November 2021
Four Cybersecurity Tips Everyone Should Know Before Black Friday and Cyber Monday
According to a new report from Cybereason, 89% of global companies are concerned about repeat cyberattacks ahead of the holiday season, but, surprisingly, only two-thirds have a cyber response plan. Concerns that attackers will strike over the holidays are valid, as cybersecurity researchers have observed a year-over-year uptick in cybercriminal activity on Black Friday through Cyber Monday. The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have previously issued warnings that they’ve observed an “increase in highly impactful ransomware attacks occurring on holidays and weekends.” Furthermore, the volume of ransomware attacks is up significantly. Unit 42, the Palo Alto... Read more →
Posted by (ISC)² Management on 22 November 2021 at 08:00 AM in Cybersecurity Training | Permalink
|
Comments (0)
17 November 2021
Insider Threats Can Turn Your Cloud Security Into a Storm
Insiders can become a real threat to organizations migrating to the cloud because they do not have to breach any external security fences. Insider threats could either come in the form of a human error or as a malicious action. Human errors in cloud security configurations could result in sensitive data and asset disclosure, loss or theft. On the other hand, malicious insiders misuse authorized access to an organization’s cloud assets to overcome security controls and launch their malicious actions. Insiders are a growing risk to cloud security because insider attacks are hard to detect and respond to and they... Read more →
Posted by (ISC)² Management on 17 November 2021 at 08:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
16 November 2021
The Importance of Security Control Baselines
For cybersecurity professionals, baseline management is vital because any asset not properly configured can become a security vulnerability. Baselines are fundamental to managing projects of all types and this is especially important in cybersecurity, where everything is a race against time and against very guileful opponents. Although baseline management seems like time-consuming “record keeping,” it is in fact the only way to know where you are, how your assets are operating, what has changed, and what needs to be changed. Not only does this help ensure the safety and security of the assets under your watch, it also helps with... Read more →
Posted by (ISC)² Management on 16 November 2021 at 08:00 AM in Cybersecurity Certifications, Network Security | Permalink
|
Comments (3)
15 November 2021
Rookies Needed - Experience Required
Are Employer Demands Contributing to the Cybersecurity Skills Gap? You’ve seen the job posting. It starts, “Looking for a cybersecurity specialist. Must have a master’s degree, certifications and 10 years of experience,” followed by, “This is an entry-level position with non-compensated job shadowing requirements.” These unrealistic expectations are the obstacles many cybersecurity professionals face once they complete their studies and rigorous exams. It’s an unfair barrier to entry. Clearly, hiring a person to work in any department in any organization is a risk. It costs money to locate, attract, assess, interview, hire, onboard and train someone, and it’s many months... Read more →
Posted by (ISC)² Management on 15 November 2021 at 08:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
11 November 2021
CCSP vs. Symantec Certified Cloud Credentials: How Do They Compare?
The mounting cybersecurity challenges facing organizations worldwide show no sign of slowing. Not only the shortage of qualified cybersecurity staff but also the lack of security awareness and skills among employees remain the biggest concerns, according to the 2021 Cloud Security Report by Cybersecurity Insiders. Global need for cybersecurity experts specializing in cloud security is growing demand for certification. But with so many credentials out there, which most effectively demonstrates the broad knowledge and skills required to secure any cloud environment? Let’s compare three leading certifications: (ISC)² Certified Cloud Security Professional (CCSP) vs. Symantec Certified Specialist-Administration of Symantec Cloud Workload... Read more →
Posted by (ISC)² Management on 11 November 2021 at 09:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
10 November 2021
(ISC)² Security Congress Goes West – Las Vegas Here We Come!
(ISC)² Security Congress 2021 was a big success with more than 3,000 virtual attendees participating live and viewing 125+ educational breakout sessions on demand as well. During and after the show, we prioritized getting feedback on improving attendees’ conference experience year over year. We heard your feedback and are happy to share that we will host (ISC)² Security Congress 2022 in Las Vegas, NV, October 10-12, 2022, at Caesars Palace and virtually. What’s In the Works for 2022 Star keynotes with marquee value 100+ educational sessions on trending cyber topics CPE credit opportunities Exclusive (ISC)² networking Career guidance and resources... Read more →
Posted by (ISC)² Management on 10 November 2021 at 03:22 PM in (ISC)² Events | Permalink
|
Comments (0)
The Dawn of True IoT Security
Internet of Things (IoT) devices are now everywhere. Ever since the earliest devices started to appear on the market, in homes, and worse, in corporations, security professionals have sounded the alarm about how these devices were built with no security in mind. Now, the National Institute of Standards and Technology (NIST) has released new draft guidance documents on securing these devices, both before release, as well as acquisition, and integration. These new publications will serve both corporations and consumers in a positive way. However, like any technical directions, the ideas set forth are only effective in capable and qualified hands.... Read more →
Posted by (ISC)² Management on 10 November 2021 at 08:00 AM in Cybersecurity Certifications, IT Security | Permalink
|
Comments (0)
09 November 2021
(ISC)² Cybersecurity Entry-Level Certification Exam Topics Announced
To fill the cybersecurity workforce gap, we need to address the workforce shortage facing the industry, especially among entry- and junior-level positions. Creating an entry-level certification will help encourage new professionals to begin a cybersecurity career. After surveying cybersecurity experts on the most important domains, or subject matter areas, for new professionals, we have published the preliminary exam outline for the upcoming entry-level cybersecurity certification pilot program. This exam outline will allow the pilot program candidates to know which subjects they should be familiar with prior to taking the exam. Since this is an exam pilot program, topics are subject... Read more →
Posted by (ISC)² Management on 09 November 2021 at 01:56 PM in Cybersecurity Certifications, Cybersecurity Workforce | Permalink
|
Comments (1)
(ISC)² Chapter Creates Space for Entry-Level Members and Professional Connections
(ISC)² currently supports more than 150 chapter groups in 50 countries with 32,000 members and growing. Chapter membership is open to all aspiring and current cybersecurity professionals encouraging connections on a local level. In joining an (ISC)² Chapter, you will find opportunities for mentorship, leadership roles, volunteer days, study groups and more. This year, the (ISC)² New Jersey Chapter has seen rapid growth through various recruitment efforts and word of mouth has made a stand-out mark within their geographical area, by increasing their membership by 400% within a year. The chapter has coordinated many successful meetings, generating deeper relationships and... Read more →
Posted by (ISC)² Management on 09 November 2021 at 08:00 AM in (ISC)² Chapters | Permalink
|
Comments (0)
08 November 2021
We Heard You: Updates to the (ISC)² Ethics Questions
Earlier this year, several (ISC)² members reached out to us regarding the candidate background qualifications that we ask all individuals as part of their endorsement process after passing an (ISC)² exam. The question on our eligibility review asked candidates: “Have you ever been involved, or publicly identified, with criminal hackers or hacking?” We heard you loud and clear. Being involved in “hacking” – especially in regard to learning how systems work, researching vulnerabilities or general curiosity and learning – doesn’t make you ineligible for (ISC)² certification. The use of the term “hacker” has changed significantly over the years, and we... Read more →
Posted by (ISC)² Management on 08 November 2021 at 08:05 AM in Ethics | Permalink
|
Comments (0)
05 November 2021
CCSP vs. Microsoft Certified: Azure Administrator Associate — How Does Vendor Focus Factor In?
Adoption and usage of the cloud is evolving to combine with technologies like artificial intelligence, the Internet of Things, 5G and more, according to Sid Nag, Research Vice President at Gartner. “In other words,” he says, “cloud will serve as the glue between many other technologies that CIOs want to use more of, allowing them to leapfrog into the next century as they address more complex and emerging use cases.” With cloud roles expanding and so many certifications out there, which option offers cybersecurity experts the flexibility to grow with the coming waves of opportunity? Let’s compare two popular options,... Read more →
Posted by (ISC)² Management on 05 November 2021 at 08:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
04 November 2021
CISSPs from Around the Globe: An Interview with Dr. Christine Izuakor
The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP professional. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted. In this installment, we talk to influential trailblazer Dr. Christine Izuakor. Christine shares with us her incredible story as the youngest student and first African-American woman to achieve a P.hD in Security Engineering, how she planned her journey to achieve her dream job and how her passion... Read more →
Posted by (ISC)² Management on 04 November 2021 at 08:00 AM in Cybersecurity Certifications, Spotlight | Permalink
|
Comments (0)
03 November 2021
The Threat of Insecure Interfaces and APIs
Application programming interfaces (APIs) allow applications to communicate with each other, simplifying software development. Developers add functionality from other existing solutions or build applications using services by third-party providers. APIs have become the drivers for businesses digital transformation initiatives opening up their apps and data to partners, suppliers and customers. Besides their increased applicability and benefits, APIs are often the source of security concerns and threats because businesses fail to secure them. Surveys have identified that authentication, vulnerabilities and visibility are the key pain points, enabling malicious actors to exploit insecure APIs and turn them into attack vectors. Despite the... Read more →
Posted by (ISC)² Management on 03 November 2021 at 08:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
02 November 2021
Meet Roela Santos, Honoree of the 2021 (ISC)² Julie Peeler Franz "Do It for The Children" Volunteer Award
The Center for Cyber Safety and Education Julie Peeler Franz "Do It for The Children" Volunteer Award recognizes an individual who has significantly contributed to the betterment of internet safety. This year's distinction is awarded to Roela Santos of BAE Systems, Inc. for her long-time support of Center programs and leadership in developing the Raytheon, Engility, and SAIC cybersecurity scholarships, which have awarded $424,000 to 56 students over the past six years. Santos is the Vice President of Communications at BAE Systems, a global leader in defense technology and systems integration for the U.S. government and one of the world’s... Read more →
Posted by (ISC)² Management on 02 November 2021 at 08:00 AM in (ISC)² Events, Center for Cyber Safety and Education | Permalink
|
Comments (0)
01 November 2021
(ISC)² CEO Clar Rosso Receives Cyber Futurist Executive Award
This month, CEO Clar Rosso received a Cyber Futurist Executive Award during the 6th Annual Cyber Future Summit in Augusta, Georgia, U.S. The Cyber Futurist awards celebrate c-suite and boardroom leaders who recognize the importance of cybersecurity within their organization and community. These awards shine a light on senior level leadership who exemplify the importance of cyber resilience in all aspects of decision-making within their organization. During the presentation, Clar was introduced by Karl Mattson, CISO at No Name Security, as an “innovator that is representative of being a thought leader in the industry.” He further described Clar and the... Read more →
Posted by (ISC)² Management on 01 November 2021 at 08:00 AM in Spotlight | Permalink
|
Comments (0)
Search
Categories
- (ISC)² Chapters (22)
- (ISC)² Events (152)
- Center for Cyber Safety and Education (52)
- Cloud Security (128)
- Cybersecurity Certifications (373)
- Cybersecurity Training (305)
- Cybersecurity Workforce (232)
- Digital Forensics (28)
- Ethics (51)
- Government (112)
- Insider Risk (55)
- IT Security (362)
- Legal (43)
- Malware (107)
- Network Security (166)
- Operations Security (133)
- Privacy (108)
- Ransomware (75)
- Risk (188)
- Software Development (44)
- Spotlight (70)