October Cybersecurity Awareness Month Register TODAY for free, exciting, and engaging Cybersecurity Awareness Month Virtual Activities.Held every October, Cybersecurity Awareness Month is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online. University of Maryland Global Campus and the Center for Security Studies are proud to be champions in support of this essential online safety, awareness, and education initiative.Click here for more information.
- Oct 06,
Position: Cybersecurity Senior Specialist #5373 Department: Cybersecurity / Information Assurance / Governance, Risk and Compliance Position Description: Cybersecurity Senior Specialist Salary: $89,820 - $134,722 Link to Apply: https://sen.gov/729V Posting Date: Wednesday, September 30, 2020 Deadline Date: Until Filled
Oct 01,This white paper examines two recent case studies of criminal attacks against critical financial infrastructure and local government information. Both attacks had direct costs for the victim organizations, and second-order effects were felt by the organizations’ clients that suffered potential identity theft. This paper provides technical recommendations, including practices to mitigate future attacks, to organizational management and information security practitioners. These case studies are cautionary tales - of many in 2019 – that are informative lessons for examination by security professionals who want to improve their defenses, policies, practices and core capabilities.About the AuthorsTravis Howard, CISSP, and (ISC) National Capital Region chapter member is an active duty U.S. Naval officer specializing in information warfare, currently assigned to the Pentagon in
Oct 23,We are pleased to introduce two new opportunities for members in good standing to receive tuition assistance or ISC2 exam registration fee assistance. We look forward to you taking advantage of these opportunities as outlined below. Submission instructions can be found in the online application.If you have additional questions, please forward them to bod@isc2ncrchapter.org; Attention: Dr. Loyce Best Pailen, CISSP, ISC2-NCR – Education Chair For Tuition Assistance applicants must submit the following documents: A complete Application Form (see link below)A well-written, one-page (double-spaced) ESSAY, in Section 3 of the application form, clearly articulating “WHY YOUR APPLICATION SHOUD BE CONSIDERED FOR THIS SCHOLARSHIP.”A current resume or curriculum vitae (CV).Copy of recent university transcripts with a 2.5 minimum GPA (official transcript may
Sep 15,Register to attend CyberMaryland 2018 to hear industry leaders—including UMUC faculty—talk about the job of a chief information security officer (CISO). At the UMUC-sponsored Education Track (What CISOs Worry About), you can hear insights from academic leaders and professionals in the public and private sectors as they discuss how the right certifications, training, and education can help prepare you to deal with threats and job concerns.At this event, you can:• Hear from industry thought leaders including UMUC's own Dr. Lawrence Awuah and Dr. Balakrishnan Dasarathy• Network with CISOs from the public and private sectors and find out how their education got them where they are• Talk to former and current students, including members of the UMUC Cyber Padawans - the
Sep 13,Dear (ISC)² National Capital Region Chapter member, As a member of the NCR Chapter, you are eligible to receive a 10% discount on (ISC)² Direct Training Seminars. The upcoming local (ISC)² Direct Training Seminars are: CCSP and CAP Stafford, Virginia July 16 – 20 HCISPP and CSSLP Stafford, Virginia July 23 – 27 While the focus is on classroom-based, instructor-led training, if you are only able to attend remotely, you can get a 10% discount on recorded sessions, which are available at www.isc2.org under the “Education & Training” tab. All (ISC)² Direct instructor-led training comes with an Education Guarantee. This means that if you attend an (ISC)² Direct instructor-led training seminar and happen to be unsuccessful in your exam attempt,
Jun 27,Greetings, As an active (ISC)2 NCR chapter member you are eligible for a 15% discount to the ISC2 Secure Summit DC event being held on May 7th and 8th. Just enter the coupon code ”Chapter18” when checking out.Here’s a link to the event:http://www.cvent.com/events/securesummitdc/event-summary-a73abe5f2a50473fa0f143415094cbb9.aspxIf you attend, please be sure to visit our Chapter’s vendor booth.We hope to see you there!
Apr 13,By AJ Yawn, CISSP Introduction Amazon Web Services (AWS) is the market-leading cloud service provider for many reasons. One of the reasons for its market share is the breadth and depth of security services available to organizations hosted on AWS. With new services being released almost daily, it is understandable for security practitioners to get lost in the many options to secure your AWS account. AWS CloudTrail is one of these services that are commonly underused but fairly simple to set up and critical for security governance, detection, and incident response. What is CloudTrail, and Why Does it Matter? AWS CloudTrail is an AWS service that helps you audit your AWS account, providing complete visibility into the governance, compliance, and
Jul 30,As published in the May/June 2020 edition of InfoSecurity Professional Magazine. BY JASON McDOWELL, CISSP Companies from all industries are looking for qualified cybersecurity professionals to fill the skills gap in their current workforce. Demand is high, and many companies are willing to pay top dollar to those who possess the skills they need. With this high-demand, high-paying environment, what could go wrong? Plenty. With the exception of companies that specialize in information security, accurate valuation of the cybersecurity role in many companies is still very challenging, and many managers lack even a basic understanding of what cybersecurity professionals do within the organization. Add in the urgency to meet industry-specified cybersecurity requirements, and things can quickly lead to corporate desperation and poor
Jul 27,Professionalizing the world of cybersecurity education and training is a major focus area for the UK Government, especially in the new realities we find ourselves in. It included plans in its National Cyber Security Strategy in 2016 to develop the cyber security profession, including creating a UK Cyber Security Council to focus on professional development, professional ethics, thought leadership, influence and outreach. Late last year, the Department for Digital, Culture, Media and Sport commissioned the creation of the Council through a consortium of cyber security professional bodies – including (ISC)² –known as the Cyber Security Alliance. (ISC)² has been diligently working alongside other Alliance volunteers to build the UK Cyber Security Council. It is set to commence operations in April 2021.
Jul 24,By Diana-Lynn Contesti, CISSP-ISSAP, ISSMP, CSSLP, SSCP and John Martin, CISSP-ISSAP In February 2020, we put together our thoughts on Security Predictions for the upcoming year in a two-part series (Part 1, Part 2). Little did we know that COVID-19 would happen and change the way that folks work in our organizations, nor we as security practitioners work. In our original blog, we suggested that the following issues would be of concern to the industry: Data Privacy changes Lack of secure coding practices 5G and WiFi-6 Phasing out passwords Lack of perimeters Backups and their role with ransomware We believe that we got several predictions right. However, due to COVID-19, we have moved a few to 2021 or beyond, increased
Jul 23,As published in the May/June 2020 edition of InfoSecurity Professional Magazine. By Anne Saita In 2012, a Fortune 500 oil and gas company joined the early adopters migrating assets and business processes to “the cloud.” Corporate executives’ biggest security concern then was the potential for a rogue administrator from a chosen cloud service provider to pilfer all of its data. “That was the big fear at the time,” explained Jon-Michael C. Brook, CISSP, CCSK, a principal at Guide Holdings who consulted with the company during its initial cloud migration. “They weren’t as worried about errors that they might make; they were more worried about the trusted insider within the cloud service provider.” Those concerns haven’t gone away, but eight years later a
Jul 22,