If you were called into one of your executive’s offices and asked to explain the difference between Diffie-Hellman key exchange and RSA in non-technical terms, could you do it? As a security professional, that is probably not a problem. Even without too much effort, or math, you could easily help a non-technical person so that they would have a reasonable understanding of why these mathematical functions create the ability to securely conduct business on the internet. Now, if that same executive asked you to describe which one is recommended in the General Data Protection Regulation (GDPR), or the California Consumer... Read more →
387 posts categorized "Cybersecurity Certifications"
16 December 2021
The Cybersecurity Role as a Business Partner
Posted by ISC2 Management on 16 December 2021 at 08:00 AM in Cybersecurity Certifications | Permalink
|
Comments (0)
15 December 2021
Cloud Security Complements Data Privacy
The data protection and privacy landscape is evolving and almost every country has now a privacy law or regulation that dictates how businesses should safeguard sensitive, personal data. Although these laws share many similarities with the EU GDPR, businesses migrating their employee or customers data to the cloud should consider the specific requirements of these laws before collecting, storing, and processing electronic data in the cloud. In addition to the privacy and security requirements, businesses should understand that although cloud security and privacy are distinct concepts, data privacy complements and strengthens existing data security in the cloud. With data locality... Read more →
Posted by ISC2 Management on 15 December 2021 at 08:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
14 December 2021
Top Books to Prepare You for CISSP Exam
With an exam as prestigious at the CISSP, it is important to be well prepared. To ensure your path is on track CISSP books are your best assets to gain exam item knowledge and a complete understanding of the CBK and the eight domains covered in the CISSP exam. To help you select the best texts, we asked CISSPs what books helped them prepare for the exam. Top CISSP Books to Prepare for Exam Day The Official (ISC)² CISSP CBK Reference, 6th Edition by Arthur Deane and Aaron Kraus This is the authoritative common body of knowledge (CBK) from (ISC)2for... Read more →
Posted by ISC2 Management on 14 December 2021 at 07:00 AM in Cybersecurity Certifications, Cybersecurity Training | Permalink
|
Comments (2)
13 December 2021
CCSP vs. Microsoft Azure Certified Security Engineer Associate — How Does Vendor Focus Factor In?
Adoption and usage of the cloud is evolving to combine with technologies like artificial intelligence, the Internet of Things, 5G and more, according to Sid Nag, Research Vice President at Gartner. “In other words,” he says, “cloud will serve as the glue between many other technologies that CIOs want to use more of, allowing them to leapfrog into the next century as they address more complex and emerging use cases.” With cloud roles expanding and so many certifications out there, which option offers cybersecurity experts the flexibility to grow with the coming waves of opportunity? Let’s compare two popular options,... Read more →
Posted by ISC2 Management on 13 December 2021 at 08:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
10 December 2021
What is Relevant Work Experience for CISSP?
In order to become fully certified as a CISSP, you must not only pass a rigorous experiential exam, but meet the CISSP work experience requirements. CISSP candidates are required to have a minimum of five years of cumulative work experience in two or more of the eight domains of the CISSP CBK. There are a few paths to accumulate this time: Education You can satisfy one year of work experience with either a college degree or an approved certification. You can apply either of the below to meet one year of the requirement: A four-year college degree or regional equivalent... Read more →
Posted by ISC2 Management on 10 December 2021 at 07:00 AM in Cybersecurity Certifications | Permalink
|
Comments (0)
09 December 2021
CCSP vs. Google Cloud Certified-Professional Cloud Security Engineer: Which Shows Broader Mastery in Cloud Security?
A surge of organizations are moving their operations to the cloud for the benefits of improved efficiency, better scalability and faster deployment. But with the wave of migration to the cloud come more threats than ever before. The cloud is giving bad actors a more expansive set of targets, as well as new tools to conduct attacks, says Or Azarzar, Co-founder and CTO of Lightspin, in an article in Dark Reading. With so many risks for cyberattacks targeting the cloud, which certification demonstrates a broader understanding and skillset to protect cloud security? Let’s compare two cloud certs, (ISC)² Certified Cloud... Read more →
Posted by ISC2 Management on 09 December 2021 at 08:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
07 December 2021
Bringing Cybersecurity to the Board (and Vice Versa)
The Role of the Board in Effective Risk Assessment The growing sophistication of cybercrime is making it a necessity for companies to discuss its challenges and defense methods regularly at the board level. The results of an attack may involve refusal of an insurance company to pay, the potential for class action lawsuits, infections that penetrate too deep into the IT system to be removed, and violation of data protection rules. Boards and directors must approach cybersecurity as an enterprise-wide risk management issue. They must embrace their organization’s cyber risk appetite and understand the types of internal and external threats... Read more →
Posted by ISC2 Management on 07 December 2021 at 08:00 AM in Cybersecurity Certifications | Permalink
|
Comments (0)
02 December 2021
Data Consistency Storage in the Cloud
In cloud computing environments, files are not stored in a hierarchical way. Most cloud architectures use a combination of splitting data vertically, horizontally and replication to improve response times, scalability, availability and fault tolerance. This is called object storage. Objects are accessible through APIs or through a web interface. Object storage introduces new challenges related to data consistency, which are not present in relational databases. One of the more fundamental decisions cloud professionals need to make is whether they will choose eventual consistency for data in corporate systems or strong consistency. Selecting a data consistency model is a decision that... Read more →
Posted by ISC2 Management on 02 December 2021 at 08:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
30 November 2021
A Safe and Secure Way to Decommission
When it comes time to decommission data storage systems, there is much that must be planned and thoroughly carried out. It’s not just about the activity, it is also about due diligence, oversight, and proof. Data that appears to have been deleted is often still recoverable, and in many cases, people make mistakes, such as forgetting a second backup exists somewhere else, or forgetting to verify that a destruction has been successfully and completely deployed. Human errors like this are referred to as unintentional insider threats, since they lead to the potential of data theft, litigation, and penalties. It is... Read more →
Posted by ISC2 Management on 30 November 2021 at 08:00 AM in Cybersecurity Certifications | Permalink
|
Comments (0)
29 November 2021
How to Prepare for CISSP Exam Day
By deciding to take the CISSP exam, you’ve chosen to further your education and showcase your knowledge and experience by achieving the world’s premier cybersecurity certification. Soon, you will join the ranks of more than 147,000 global leaders committed to a safe and secure cyber world. Make a Timeline As you prep for your CISSP exam, first consider your experience level and determine a timeline that fits for your current workload and lifestyle. The amount of time you need to dedicate to studying can vary based on your experience. Do you have questions about creating a CISSP study plan? Learn... Read more →
Posted by ISC2 Management on 29 November 2021 at 07:00 AM in Cybersecurity Certifications, Cybersecurity Training | Permalink
|
Comments (0)
23 November 2021
The Best Way to Start Your Cloud Security Career
Where do you begin your journey in InfoSec? What do you need to study? How do you even get started in a vast field with so many areas, and so many opportunities? These questions often haunt a new InfoSec candidate, sometimes causing them to freeze, doing nothing for fear of taking the wrong path. Everywhere you look, it is apparent that cloud computing is not only the future of Information Security, it is happening right now. If you are asking the question of where to begin, there is no better place to look than cloud security. Along with that, while... Read more →
Posted by ISC2 Management on 23 November 2021 at 08:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
17 November 2021
Insider Threats Can Turn Your Cloud Security Into a Storm
Insiders can become a real threat to organizations migrating to the cloud because they do not have to breach any external security fences. Insider threats could either come in the form of a human error or as a malicious action. Human errors in cloud security configurations could result in sensitive data and asset disclosure, loss or theft. On the other hand, malicious insiders misuse authorized access to an organization’s cloud assets to overcome security controls and launch their malicious actions. Insiders are a growing risk to cloud security because insider attacks are hard to detect and respond to and they... Read more →
Posted by ISC2 Management on 17 November 2021 at 08:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
16 November 2021
The Importance of Security Control Baselines
For cybersecurity professionals, baseline management is vital because any asset not properly configured can become a security vulnerability. Baselines are fundamental to managing projects of all types and this is especially important in cybersecurity, where everything is a race against time and against very guileful opponents. Although baseline management seems like time-consuming “record keeping,” it is in fact the only way to know where you are, how your assets are operating, what has changed, and what needs to be changed. Not only does this help ensure the safety and security of the assets under your watch, it also helps with... Read more →
Posted by ISC2 Management on 16 November 2021 at 08:00 AM in Cybersecurity Certifications, Network Security | Permalink
|
Comments (3)
15 November 2021
Rookies Needed - Experience Required
Are Employer Demands Contributing to the Cybersecurity Skills Gap? You’ve seen the job posting. It starts, “Looking for a cybersecurity specialist. Must have a master’s degree, certifications and 10 years of experience,” followed by, “This is an entry-level position with non-compensated job shadowing requirements.” These unrealistic expectations are the obstacles many cybersecurity professionals face once they complete their studies and rigorous exams. It’s an unfair barrier to entry. Clearly, hiring a person to work in any department in any organization is a risk. It costs money to locate, attract, assess, interview, hire, onboard and train someone, and it’s many months... Read more →
Posted by ISC2 Management on 15 November 2021 at 08:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
11 November 2021
CCSP vs. Symantec Certified Cloud Credentials: How Do They Compare?
The mounting cybersecurity challenges facing organizations worldwide show no sign of slowing. Not only the shortage of qualified cybersecurity staff but also the lack of security awareness and skills among employees remain the biggest concerns, according to the 2021 Cloud Security Report by Cybersecurity Insiders. Global need for cybersecurity experts specializing in cloud security is growing demand for certification. But with so many credentials out there, which most effectively demonstrates the broad knowledge and skills required to secure any cloud environment? Let’s compare three leading certifications: (ISC)² Certified Cloud Security Professional (CCSP) vs. Symantec Certified Specialist-Administration of Symantec Cloud Workload... Read more →
Posted by ISC2 Management on 11 November 2021 at 09:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
10 November 2021
The Dawn of True IoT Security
Internet of Things (IoT) devices are now everywhere. Ever since the earliest devices started to appear on the market, in homes, and worse, in corporations, security professionals have sounded the alarm about how these devices were built with no security in mind. Now, the National Institute of Standards and Technology (NIST) has released new draft guidance documents on securing these devices, both before release, as well as acquisition, and integration. These new publications will serve both corporations and consumers in a positive way. However, like any technical directions, the ideas set forth are only effective in capable and qualified hands.... Read more →
Posted by ISC2 Management on 10 November 2021 at 08:00 AM in Cybersecurity Certifications, IT Security | Permalink
|
Comments (0)
09 November 2021
(ISC)² Cybersecurity Entry-Level Certification Exam Topics Announced
To fill the cybersecurity workforce gap, we need to address the workforce shortage facing the industry, especially among entry- and junior-level positions. Creating an entry-level certification will help encourage new professionals to begin a cybersecurity career. After surveying cybersecurity experts on the most important domains, or subject matter areas, for new professionals, we have published the preliminary exam outline for the upcoming entry-level cybersecurity certification pilot program. This exam outline will allow the pilot program candidates to know which subjects they should be familiar with prior to taking the exam. Since this is an exam pilot program, topics are subject... Read more →
Posted by ISC2 Management on 09 November 2021 at 01:56 PM in Cybersecurity Certifications, Cybersecurity Workforce | Permalink
|
Comments (1)
05 November 2021
CCSP vs. Microsoft Certified: Azure Administrator Associate — How Does Vendor Focus Factor In?
Adoption and usage of the cloud is evolving to combine with technologies like artificial intelligence, the Internet of Things, 5G and more, according to Sid Nag, Research Vice President at Gartner. “In other words,” he says, “cloud will serve as the glue between many other technologies that CIOs want to use more of, allowing them to leapfrog into the next century as they address more complex and emerging use cases.” With cloud roles expanding and so many certifications out there, which option offers cybersecurity experts the flexibility to grow with the coming waves of opportunity? Let’s compare two popular options,... Read more →
Posted by ISC2 Management on 05 November 2021 at 08:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
04 November 2021
CISSPs from Around the Globe: An Interview with Dr. Christine Izuakor
The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP professional. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted. In this installment, we talk to influential trailblazer Dr. Christine Izuakor. Christine shares with us her incredible story as the youngest student and first African-American woman to achieve a P.hD in Security Engineering, how she planned her journey to achieve her dream job and how her passion... Read more →
Posted by ISC2 Management on 04 November 2021 at 08:00 AM in Cybersecurity Certifications, Spotlight | Permalink
|
Comments (0)
03 November 2021
The Threat of Insecure Interfaces and APIs
Application programming interfaces (APIs) allow applications to communicate with each other, simplifying software development. Developers add functionality from other existing solutions or build applications using services by third-party providers. APIs have become the drivers for businesses digital transformation initiatives opening up their apps and data to partners, suppliers and customers. Besides their increased applicability and benefits, APIs are often the source of security concerns and threats because businesses fail to secure them. Surveys have identified that authentication, vulnerabilities and visibility are the key pain points, enabling malicious actors to exploit insecure APIs and turn them into attack vectors. Despite the... Read more →
Posted by ISC2 Management on 03 November 2021 at 08:00 AM in Cloud Security, Cybersecurity Certifications | Permalink
|
Comments (0)
Search
Categories
- Center for Cyber Safety and Education (52)
- Cloud Security (137)
- Cybersecurity Certifications (387)
- Cybersecurity Training (315)
- Cybersecurity Workforce (254)
- Digital Forensics (30)
- Ethics (53)
- Government (127)
- Insider Risk (57)
- ISC2 Chapters (22)
- ISC2 Events (166)
- IT Security (389)
- Legal (46)
- Malware (116)
- Network Security (178)
- Operations Security (144)
- Privacy (117)
- Ransomware (90)
- Risk (204)
- Software Development (46)
- Spotlight (71)