• October Cybersecurity Awareness Month Register TODAY for free, exciting, and engaging Cybersecurity Awareness Month Virtual Activities.Held every October, Cybersecurity Awareness Month is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online. University of Maryland Global Campus and the Center for Security Studies are proud to be champions in support of this essential online safety, awareness, and education initiative.Click here for more information.

    Oct 06,
  • Position: Cybersecurity Senior Specialist #5373 Department: Cybersecurity / Information Assurance / Governance, Risk and Compliance Position Description: Cybersecurity Senior Specialist Salary: $89,820 - $134,722 Link to Apply: https://sen.gov/729V Posting Date: Wednesday, September 30, 2020 Deadline Date: Until Filled

    Oct 01,
  • This white paper examines two recent case studies of criminal attacks against critical financial infrastructure and local government information. Both attacks had direct costs for the victim organizations, and second-order effects were felt by the organizations’ clients that suffered potential identity theft. This paper provides technical recommendations, including practices to mitigate future attacks, to organizational management and information security practitioners. These case studies are cautionary tales - of many in 2019 – that are informative lessons for examination by security professionals who want to improve their defenses, policies, practices and core capabilities.​​​​About the AuthorsTravis Howard, CISSP, and (ISC)​ National Capital Region chapter member is an active duty U.S. Naval officer specializing in information warfare, currently assigned to the Pentagon in

    Oct 23,
  • We are pleased to introduce two new opportunities for members in good standing to receive tuition assistance or ISC2 exam registration fee assistance. We look forward to you taking advantage of these opportunities as outlined below. Submission instructions can be found in the online application.If you have additional questions, please forward them to bod@isc2ncrchapter.org; Attention: Dr. Loyce Best Pailen, CISSP, ISC2-NCR – Education Chair For Tuition Assistance applicants must submit the following documents: A complete Application Form (see link below)A well-written, one-page (double-spaced) ESSAY, in Section 3 of the application form, clearly articulating “WHY YOUR APPLICATION SHOUD BE CONSIDERED FOR THIS SCHOLARSHIP.”A current resume or curriculum vitae (CV).Copy of recent university transcripts with a 2.5 minimum GPA (official transcript may

    Sep 15,
  • Register to attend CyberMaryland 2018 to hear industry leaders—including UMUC faculty—talk about the job of a chief information security officer (CISO). At the UMUC-sponsored Education Track (What CISOs Worry About), you can hear insights from academic leaders and professionals in the public and private sectors as they discuss how the right certifications, training, and education can help prepare you to deal with threats and job concerns.At this event, you can:• Hear from industry thought leaders including UMUC's own Dr. Lawrence Awuah and Dr. Balakrishnan Dasarathy• Network with CISOs from the public and private sectors and find out how their education got them where they are• Talk to former and current students, including members of the UMUC Cyber Padawans - the

    Sep 13,
  • Dear (ISC)² National Capital Region Chapter member, As a member of the NCR Chapter, you are eligible to receive a 10% discount on (ISC)² Direct Training Seminars. The upcoming local (ISC)² Direct Training Seminars are: CCSP and CAP Stafford, Virginia July 16 – 20 HCISPP and CSSLP Stafford, Virginia July 23 – 27 While the focus is on classroom-based, instructor-led training, if you are only able to attend remotely, you can get a 10% discount on recorded sessions, which are available at www.isc2.org under the “Education & Training” tab. All (ISC)² Direct instructor-led training comes with an Education Guarantee. This means that if you attend an (ISC)² Direct instructor-led training seminar and happen to be unsuccessful in your exam attempt,

    Jun 27,
  • Greetings, As an active (ISC)2 NCR chapter member you are eligible for a 15% discount to the ISC2 Secure Summit DC event being held on May 7th and 8th. Just enter the coupon code ”Chapter18” when checking out.Here’s a link to the event:http://www.cvent.com/events/securesummitdc/event-summary-a73abe5f2a50473fa0f143415094cbb9.aspxIf you attend, please be sure to visit our Chapter’s vendor booth.We hope to see you there!

    Apr 13,
  • Happy Data Privacy Day! The National Cyber Security Alliance (NCSA) designates January 28 as a day to empower individuals and encourage businesses around the world to respect privacy, safeguard data and enable trust.  In honor of the effort to inspire dialogue and empower learning about how personal information is used, collected and shared in our digital society, following is a list of helpful (ISC)2 resources and activities focused on privacy best practices. Professional Development Institute courses The PDI is a portfolio of more than 40 continuing cybersecurity education courses that is free to (ISC)2 members. Among the wide array of topics covered, these two courses focus specifically on giving learners an overview of privacy regulations: GDPR for Security Professionals: A

    Jan 28,
  • The new President’s administration is asking Congress to allocate U.S. $9 billion in emergency funds to fortify the federal IT and cybersecurity infrastructure. Although cybersecurity didn’t get much attention during the presidential campaign, the move indicates that protecting federal systems from cyber attacks is a key priority and focus area for the new administration. The spending proposal is part of a COVID-19 response package proposed by the Biden administration. The sense of urgency to strengthen cybersecurity stems from a massive data breach in December 2020, which affected a number of federal agencies, including the U.S. Treasury Department and U.S. Department of Commerce. It is believed Russian attackers exploited vulnerabilities in software used by the agencies, as well as numerous private

    Jan 27,
  • What cybersecurity professionals could learn from nature to build a more resilient career By Catherine Kozak Minuscule fruit flies have been doing their thing for 40 million years, somehow managing for millennia in southern Africa on a diet of marula fruit. After a fateful meetup about 10,000 years ago with multiple-fruit-loving humans, the insect promptly started evolving to the non-fussy generalist we know today.  “Their offspring then colonized the world,” Marcus Stensmyr, senior lecturer at Lund University in Sweden, says in a 2018 news statement about his research. “It’s actually quite awesome.” Although the humble fruit fly may not be awe-inspiring beyond the science laboratory, its very existence offers a valuable lesson on how to build a resilient cybersecurity career:

    Jan 26,
  • Going forward, all (ISC)² webinars, recorded and live, will be available on the BrightTALK platform. All recorded Solutions Summits from 2020 have moved from BlueSky to BrightTALK. This consolidation will provide a seamless viewing experience for you on one platform and with one login. Members who are logged in will automatically receive CPE credits when viewing live or recorded webinars.   Free Cybersecurity Webinars. Earn CPE Credits. Solutions Summits are typically three-part webinar series which provide three CPE credits. Check out these archived Solutions Summits from 2020: Top Cybersecurity Threats Every Online Business Should Know Online businesses are particularly vulnerable to attackers trying to compromise customers and the business itself. This Solutions Summit explores cyberattacks that threaten every online business. Session

    Jan 25,
  • Businesses are increasingly dependent on emerging technology and reaping its benefits to provide better quality of services, change the way they collaborate and interact with employees and customers. Corporate data is being moved to multi-cloud environments, while the adoption of containers helps the fast and agile development of applications. IoT devices and sensors provide businesses with an abundance of data useful for timely and accurate decision making. An Expanding Threat Landscape However, businesses are not the only ones taking advantage of this technology. Criminals, as well, are following suit. According to the Verizon DBIR 2020 report, cloud assets were involved in about 24% of breaches. This is not so much an indictment of cloud security as it is an illustration

    Jan 22,