• October Cybersecurity Awareness Month Register TODAY for free, exciting, and engaging Cybersecurity Awareness Month Virtual Activities.Held every October, Cybersecurity Awareness Month is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online. University of Maryland Global Campus and the Center for Security Studies are proud to be champions in support of this essential online safety, awareness, and education initiative.Click here for more information.

    Oct 06,
  • Position: Cybersecurity Senior Specialist #5373 Department: Cybersecurity / Information Assurance / Governance, Risk and Compliance Position Description: Cybersecurity Senior Specialist Salary: $89,820 - $134,722 Link to Apply: https://sen.gov/729V Posting Date: Wednesday, September 30, 2020 Deadline Date: Until Filled

    Oct 01,
  • This white paper examines two recent case studies of criminal attacks against critical financial infrastructure and local government information. Both attacks had direct costs for the victim organizations, and second-order effects were felt by the organizations’ clients that suffered potential identity theft. This paper provides technical recommendations, including practices to mitigate future attacks, to organizational management and information security practitioners. These case studies are cautionary tales - of many in 2019 – that are informative lessons for examination by security professionals who want to improve their defenses, policies, practices and core capabilities.​​​​About the AuthorsTravis Howard, CISSP, and (ISC)​ National Capital Region chapter member is an active duty U.S. Naval officer specializing in information warfare, currently assigned to the Pentagon in

    Oct 23,
  • We are pleased to introduce two new opportunities for members in good standing to receive tuition assistance or ISC2 exam registration fee assistance. We look forward to you taking advantage of these opportunities as outlined below. Submission instructions can be found in the online application.If you have additional questions, please forward them to bod@isc2ncrchapter.org; Attention: Dr. Loyce Best Pailen, CISSP, ISC2-NCR – Education Chair For Tuition Assistance applicants must submit the following documents: A complete Application Form (see link below)A well-written, one-page (double-spaced) ESSAY, in Section 3 of the application form, clearly articulating “WHY YOUR APPLICATION SHOUD BE CONSIDERED FOR THIS SCHOLARSHIP.”A current resume or curriculum vitae (CV).Copy of recent university transcripts with a 2.5 minimum GPA (official transcript may

    Sep 15,
  • Register to attend CyberMaryland 2018 to hear industry leaders—including UMUC faculty—talk about the job of a chief information security officer (CISO). At the UMUC-sponsored Education Track (What CISOs Worry About), you can hear insights from academic leaders and professionals in the public and private sectors as they discuss how the right certifications, training, and education can help prepare you to deal with threats and job concerns.At this event, you can:• Hear from industry thought leaders including UMUC's own Dr. Lawrence Awuah and Dr. Balakrishnan Dasarathy• Network with CISOs from the public and private sectors and find out how their education got them where they are• Talk to former and current students, including members of the UMUC Cyber Padawans - the

    Sep 13,
  • Dear (ISC)² National Capital Region Chapter member, As a member of the NCR Chapter, you are eligible to receive a 10% discount on (ISC)² Direct Training Seminars. The upcoming local (ISC)² Direct Training Seminars are: CCSP and CAP Stafford, Virginia July 16 – 20 HCISPP and CSSLP Stafford, Virginia July 23 – 27 While the focus is on classroom-based, instructor-led training, if you are only able to attend remotely, you can get a 10% discount on recorded sessions, which are available at www.isc2.org under the “Education & Training” tab. All (ISC)² Direct instructor-led training comes with an Education Guarantee. This means that if you attend an (ISC)² Direct instructor-led training seminar and happen to be unsuccessful in your exam attempt,

    Jun 27,
  • Greetings, As an active (ISC)2 NCR chapter member you are eligible for a 15% discount to the ISC2 Secure Summit DC event being held on May 7th and 8th. Just enter the coupon code ”Chapter18” when checking out.Here’s a link to the event:http://www.cvent.com/events/securesummitdc/event-summary-a73abe5f2a50473fa0f143415094cbb9.aspxIf you attend, please be sure to visit our Chapter’s vendor booth.We hope to see you there!

    Apr 13,
  • Today begins an exciting new series to the (ISC)² blog – our CCSP Spotlight series. Over the next several months, we will share some of our member experiences with you. We hope this will shed some light on the ever-evolving field of cloud security. Name: James Simonetti Title: Cryptographic Engineer Employer: Verisign Degree: B.S. Information Security and Assurance Years in IT: 8 Years in cybersecurity: 1 Cybersecurity certifications: CCSP, CISSP, Security+ How did you decide upon a career in cybersecurity? I knew that I wanted to work in cybersecurity after spending the majority of my career in IT operations roles, and seeing the clear correlation between an organization's cybersecurity maturity, and operational success. I knew that by applying a deep understanding

    Aug 31,
  • The sixth annual (ISC)2 Security Congress is just a few weeks away. The event, colocated with ASIS Seminar and Expo, will take place at the Orange County Convention Center in Orlando, Florida from September 12-14. The annual (ISC)2 Town Hall Meeting will be held from 5:00-7:00 p.m. on Sunday, September 11. The member-only meeting will consist of remarks from (ISC)2 CEO, David Shearer, on what to expect at the Congress event, as well as in the coming year for members. As in previous years, members are able to submit questions for (ISC)2 Management and Board of Directors to address. These questions can be about membership, certifications, or just about the industry in general. Questions can be submitted via email to

    Aug 29,
  • (ISC)² NCR is pleased to announce an agreement with (ISC)² to offer NCR members a discount of 15% off official course and book prices. For more information, please contact Steve Chichester at (703) 637-4409 or schichester@isc2.org and advise him that you are an member of (ISC)² NCR and what you are interested in learning more about.

    Aug 28,
  • The SSH protocol that is embedded on Unix, Linux, Mainframe, and Windows 16 Servers – in additional to Switches, Routers, IOT devices, etc. can be compromised by bad actors with access to keys. This is also true for anyone deploying applications in the cloud. The SSH protocol creates an encrypted tunnel providing users with root level access. In the wrong hands, misuse of the SSH protocol have led to disastrous consequences. Here is why: Encrypted SSH traffic cannot be monitored by existing tools. DLP, SIEM’s, Firewall’s etc. do not workSSH Key’s don’t expire – a key created 20 years ago still works today. SSH Keys are often copied and shared, creating a challenges to tie back who did what and

    Aug 25,
  • At the recent Security Congress APAC 2016 held in Bangkok, attendees consisted of ICT professionals, information security professionals, practitioners, and university students and professors from some regional universities. It was a successful gathering where the attendees shared their ideas and views. We also had a great student track presentation from a young information security practitioner, Vijay Luiz, CISSP (Read Vijay’s blog on how he got into cybersecurity http://blog.isc2.org/isc2_blog/2016/02/associate-security.html), which the students found very informative. While the Congress was a great success, it became an issue that not everyone spoke the “same language”. Something was amiss and upon looking back, one can only rule that an information security knowledge baseline was lacking amongst attendees. This brings about the importance of creating

    Aug 24,