Part of (ISC)²’s role in the cybersecurity industry includes representing its members in legislative matters to ensure that we’re advocating for the profession and providing guidance to government leaders on new policies that may be championed. On Wednesday, August 14, (ISC)² Director of Cybersecurity Advocacy John McCumber will meet with The U.S. Senate Committee on Commerce, Science and Transportation to discuss the findings of the (ISC)² Cybersecurity Workforce Study and its implications on cybersecurity workforce advancement that the U.S. government might spearhead in collaboration with the private sector.  This type of input session will help to inform the committee during the August Congressional recess so that legislative decisions can be moved forward when Congressional leaders return to Capitol Hill in

You’re considering a cybersecurity certification and the SSCP and CISSP are both on your list. After comparing the material, you’re thinking there’s a good bit of overlap between the two. But is there, really? And if you sit for one exam would you be able to sit for the other without additional study or preparation? These are excellent questions. In fact, we hear them a lot. And the reality is, there ARE commonalities, which is true for most things in the field. However, these two certifications are wholly different and were developed from two distinct perspectives. In many ways, the CISSP certification holder would find the SSCP exam more difficult, as it’s focused on technical application. Although considered “entry level,”

A new report from Palo Alto Networks’ Unit 42 threat intelligence team titled “Cloudy With a Chance of Entropy” reports that there are at least 34 million vulnerabilities across some of the largest cloud platforms, including Amazon Web Services, Google Compute Engine and Microsoft Azure.    Notably, the threats were not found to be the result of cloud providers themselves, but rather the applications customers deploy on cloud infrastructure. As the report states, “cloud service providers maintained their sterling reputation for platform security . . . however, consumers of infrastructure- and platform-as-a-service (IaaS and PaaS) cloud offerings continue to struggle with getting the basics of security right.” The surging adoption of cloud container systems such as Docker and Kubernetes is

by Dr. Chris Veltsos, CISSP, member of (ISC)² Advisory Council of North America  We’ve all been there, staring at the blank page or the blank screen, frustrated that the words aren’t flowing anymore, if they ever were. For the fortunate, this feeling can be fleeting, quickly replaced by a geyser of ideas and sentences that flow onto the page. For the rest of us, the momentary blockage can take a more serious turn, resulting in days or weeks of “challenged writing” in which you have no choice but to plow through the slow drip-drip of words and ideas. In extreme cases, one might even begin to think that they are experiencing writer’s block, followed by the realization that the thud