October Cybersecurity Awareness Month Register TODAY for free, exciting, and engaging Cybersecurity Awareness Month Virtual Activities.Held every October, Cybersecurity Awareness Month is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online. University of Maryland Global Campus and the Center for Security Studies are proud to be champions in support of this essential online safety, awareness, and education initiative.Click here for more information.
- Oct 06,
Position: Cybersecurity Senior Specialist #5373 Department: Cybersecurity / Information Assurance / Governance, Risk and Compliance Position Description: Cybersecurity Senior Specialist Salary: $89,820 - $134,722 Link to Apply: https://sen.gov/729V Posting Date: Wednesday, September 30, 2020 Deadline Date: Until Filled
Oct 01,This white paper examines two recent case studies of criminal attacks against critical financial infrastructure and local government information. Both attacks had direct costs for the victim organizations, and second-order effects were felt by the organizations’ clients that suffered potential identity theft. This paper provides technical recommendations, including practices to mitigate future attacks, to organizational management and information security practitioners. These case studies are cautionary tales - of many in 2019 – that are informative lessons for examination by security professionals who want to improve their defenses, policies, practices and core capabilities.About the AuthorsTravis Howard, CISSP, and (ISC) National Capital Region chapter member is an active duty U.S. Naval officer specializing in information warfare, currently assigned to the Pentagon in
Oct 23,We are pleased to introduce two new opportunities for members in good standing to receive tuition assistance or ISC2 exam registration fee assistance. We look forward to you taking advantage of these opportunities as outlined below. Submission instructions can be found in the online application.If you have additional questions, please forward them to bod@isc2ncrchapter.org; Attention: Dr. Loyce Best Pailen, CISSP, ISC2-NCR – Education Chair For Tuition Assistance applicants must submit the following documents: A complete Application Form (see link below)A well-written, one-page (double-spaced) ESSAY, in Section 3 of the application form, clearly articulating “WHY YOUR APPLICATION SHOUD BE CONSIDERED FOR THIS SCHOLARSHIP.”A current resume or curriculum vitae (CV).Copy of recent university transcripts with a 2.5 minimum GPA (official transcript may
Sep 15,Register to attend CyberMaryland 2018 to hear industry leaders—including UMUC faculty—talk about the job of a chief information security officer (CISO). At the UMUC-sponsored Education Track (What CISOs Worry About), you can hear insights from academic leaders and professionals in the public and private sectors as they discuss how the right certifications, training, and education can help prepare you to deal with threats and job concerns.At this event, you can:• Hear from industry thought leaders including UMUC's own Dr. Lawrence Awuah and Dr. Balakrishnan Dasarathy• Network with CISOs from the public and private sectors and find out how their education got them where they are• Talk to former and current students, including members of the UMUC Cyber Padawans - the
Sep 13,Dear (ISC)² National Capital Region Chapter member, As a member of the NCR Chapter, you are eligible to receive a 10% discount on (ISC)² Direct Training Seminars. The upcoming local (ISC)² Direct Training Seminars are: CCSP and CAP Stafford, Virginia July 16 – 20 HCISPP and CSSLP Stafford, Virginia July 23 – 27 While the focus is on classroom-based, instructor-led training, if you are only able to attend remotely, you can get a 10% discount on recorded sessions, which are available at www.isc2.org under the “Education & Training” tab. All (ISC)² Direct instructor-led training comes with an Education Guarantee. This means that if you attend an (ISC)² Direct instructor-led training seminar and happen to be unsuccessful in your exam attempt,
Jun 27,Greetings, As an active (ISC)2 NCR chapter member you are eligible for a 15% discount to the ISC2 Secure Summit DC event being held on May 7th and 8th. Just enter the coupon code ”Chapter18” when checking out.Here’s a link to the event:http://www.cvent.com/events/securesummitdc/event-summary-a73abe5f2a50473fa0f143415094cbb9.aspxIf you attend, please be sure to visit our Chapter’s vendor booth.We hope to see you there!
Apr 13,It’s time again for another (ISC)² Job Task Analysis (JTA) study, this time for the CAP certification. We frequently review and update our content outlines (aka exam blueprints) of our credentialing examinations. If you’re not familiar, the JTA is a methodical process used to determine tasks that are performed by credential holders and knowledge and skills required to perform those tasks successfully. As we prepare for a review of the CAP exam, we would like to hear from our CAP members! We would like you to comment on the new and emerging cybersecurity issues that should be addressed, but are not currently covered in the current CAP exam outline. This is your opportunity to shape the content of the CAP
Feb 28,Being a CISO can be stressful. That should come as no surprise. According to a new report, the stress is bad enough to cause health issues and personal relationship crises, and on average, CISOs stay in each job for just 26 months. The CISO Stress Report by Nominet, a U.K. domain registry, reveals that 95% of CISOs work longer hours than they are contracted for and 88% are “moderately or tremendously stressed.” While CISOs are undoubtedly under a lot of pressure, it’s important to not paint all of cybersecurity with the same brush, and to draw a distinction between job stressors and job dissatisfaction. The two are not always synonymous. In fact, the 2019 (ISC)2 Cybersecurity Workforce Study found that
Feb 27,Cloud security today is touted as better than ever. So how do we explain the ever-increasing number of data breaches? According to the new white paper, Cloud Security Risks & How to Mitigate Them, the disconnect arises from a shared security model. Cloud Service Providers protect the datacenter, but customers are responsible for safeguarding their own data, and focus is shifting from the provider to the customer. To reduce risks, cloud customers must take charge of data security. This is no small feat as many are in a period of transition and facing a wide range of threats… Insufficient access management and account hijacking System misconfiguration Hyperconverged environments Insecure interfaces and APIs Emerging technologies like AI and machine learning Clearly,
Feb 25,As published in the November/December edition of InfoSecurity Professional Magazine. It could be a blended attack as slick as a multichannel marketing campaign. Or a spontaneous crime of opportunity by a single dis-gruntled employee. It could even be an innocent configuration error. When a threat exists, there will be indicators. The perennial challenge is to hunt for signs in the right places and to isolate the signal from the noise. How best to find—and remove, where possible—such threats remains up for debate. Lance Cottrell, chief scientist at Ntrepid, approaches threat hunting less as a specific set of techniques than as a set of high-level goals. “From the 50,000-foot view, we’re trying to understand the threat landscape,” he says. “Writ large,
Feb 24,If you hold the CISSP certification, you may have asked yourself “What’s next for me?” as far as your certification journey is concerned. For many professionals, the next step is one of the CISSP concentrations: architecture, engineering or management. This year, the CISSP-ISSAP (Information Systems Security Architecture Professional) exam will be updated. The exam length (125 items in three hours) remains unchanged, as do the number of domains (six). However, the domains have been reordered and reweighted based on last year’s Job Task Analysis (JTA) which is a process by which professionals who hold the CISSP-ISSAP review the content of the exam and make recommendations to best align the exam’s domains with the current work performed by those in relevant
Feb 21,