• October Cybersecurity Awareness Month Register TODAY for free, exciting, and engaging Cybersecurity Awareness Month Virtual Activities.Held every October, Cybersecurity Awareness Month is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online. University of Maryland Global Campus and the Center for Security Studies are proud to be champions in support of this essential online safety, awareness, and education initiative.Click here for more information.

    Oct 06,
  • Position: Cybersecurity Senior Specialist #5373 Department: Cybersecurity / Information Assurance / Governance, Risk and Compliance Position Description: Cybersecurity Senior Specialist Salary: $89,820 - $134,722 Link to Apply: https://sen.gov/729V Posting Date: Wednesday, September 30, 2020 Deadline Date: Until Filled

    Oct 01,
  • This white paper examines two recent case studies of criminal attacks against critical financial infrastructure and local government information. Both attacks had direct costs for the victim organizations, and second-order effects were felt by the organizations’ clients that suffered potential identity theft. This paper provides technical recommendations, including practices to mitigate future attacks, to organizational management and information security practitioners. These case studies are cautionary tales - of many in 2019 – that are informative lessons for examination by security professionals who want to improve their defenses, policies, practices and core capabilities.​​​​About the AuthorsTravis Howard, CISSP, and (ISC)​ National Capital Region chapter member is an active duty U.S. Naval officer specializing in information warfare, currently assigned to the Pentagon in

    Oct 23,
  • We are pleased to introduce two new opportunities for members in good standing to receive tuition assistance or ISC2 exam registration fee assistance. We look forward to you taking advantage of these opportunities as outlined below. Submission instructions can be found in the online application.If you have additional questions, please forward them to bod@isc2ncrchapter.org; Attention: Dr. Loyce Best Pailen, CISSP, ISC2-NCR – Education Chair For Tuition Assistance applicants must submit the following documents: A complete Application Form (see link below)A well-written, one-page (double-spaced) ESSAY, in Section 3 of the application form, clearly articulating “WHY YOUR APPLICATION SHOUD BE CONSIDERED FOR THIS SCHOLARSHIP.”A current resume or curriculum vitae (CV).Copy of recent university transcripts with a 2.5 minimum GPA (official transcript may

    Sep 15,
  • Register to attend CyberMaryland 2018 to hear industry leaders—including UMUC faculty—talk about the job of a chief information security officer (CISO). At the UMUC-sponsored Education Track (What CISOs Worry About), you can hear insights from academic leaders and professionals in the public and private sectors as they discuss how the right certifications, training, and education can help prepare you to deal with threats and job concerns.At this event, you can:• Hear from industry thought leaders including UMUC's own Dr. Lawrence Awuah and Dr. Balakrishnan Dasarathy• Network with CISOs from the public and private sectors and find out how their education got them where they are• Talk to former and current students, including members of the UMUC Cyber Padawans - the

    Sep 13,
  • Dear (ISC)² National Capital Region Chapter member, As a member of the NCR Chapter, you are eligible to receive a 10% discount on (ISC)² Direct Training Seminars. The upcoming local (ISC)² Direct Training Seminars are: CCSP and CAP Stafford, Virginia July 16 – 20 HCISPP and CSSLP Stafford, Virginia July 23 – 27 While the focus is on classroom-based, instructor-led training, if you are only able to attend remotely, you can get a 10% discount on recorded sessions, which are available at www.isc2.org under the “Education & Training” tab. All (ISC)² Direct instructor-led training comes with an Education Guarantee. This means that if you attend an (ISC)² Direct instructor-led training seminar and happen to be unsuccessful in your exam attempt,

    Jun 27,
  • Greetings, As an active (ISC)2 NCR chapter member you are eligible for a 15% discount to the ISC2 Secure Summit DC event being held on May 7th and 8th. Just enter the coupon code ”Chapter18” when checking out.Here’s a link to the event:http://www.cvent.com/events/securesummitdc/event-summary-a73abe5f2a50473fa0f143415094cbb9.aspxIf you attend, please be sure to visit our Chapter’s vendor booth.We hope to see you there!

    Apr 13,
  • The U.S. House of Representatives is scheduled to vote on a $1 trillion bipartisan infrastructure bill on September 30, 2021. Back in August, the U.S. Senate passed the bill, which included $1.9 billion for cybersecurity initiatives. According to The Hill, the funds will go toward securing critical infrastructure against attacks, helping vulnerable organizations defend themselves and providing funding for a key federal cyber office, among other initiatives. The House is now set to vote on the bill, and if passed, it will go to the President for his signature. But what exactly are the cybersecurity provisions within the Infrastructure Investment and Jobs Act (H.R. 3684)? The (ISC)² Advocacy Team did some digging and pulled together the following comprehensive list of cybersecurity

    Sep 29,
  • Continuous Monitoring (CM) as the ability to maintain ongoing awareness of information security, vulnerabilities, and threats to facilitate risk-based decision making. The ultimate objective of CM is to determine if the security and privacy controls implemented by an organization continue to be effective over time considering the inevitable changes that occur in the environment in which the organization operates. Continuous Monitoring removes the limitations of manual or one-time assessments and facilitates real-time risk management through automating monitoring processes. CM benefits businesses in many ways by providing visibility into undiscovered system components, misconfigurations, vulnerabilities, and unauthorized changes, which can potentially expose organizations to increased risk if not addressed. Discover why continuous monitoring is important, the implementation considerations and the benefits in

    Sep 29,
  • Worldwide end-user spending on public cloud services is forecast to grow 23.1% in 2021 to total $332.3 billion, up from $270 billion in 2020, according to the latest forecast from Gartner. Spending on cloud management and security services, specifically, is expected to grow 12% in the next year, from approximately $16 billion in 2021 to about $18 billion in 2022. Demand for cybersecurity experts specializing in cloud security is skyrocketing worldwide. But with so many cloud certifications out there, how do you know which one is right for you? (ISC)² Certified Cloud Security Professional specifically focuses on cloud security, testing candidates’ skills and knowledge across six cloud security domains. It validates your ability to design, manage and secure data, applications,

    Sep 29,
  • Organizations worldwide are facing new security challenges presented by cloud computing, as most legacy security tools fail to meet the requirements of dynamic, distributed, virtual cloud environments. In fact, 81% of organizations say traditional security solutions don’t work at all in cloud environments or have only limited functionality, according to the 2021 Cloud Security Report by Cybersecurity Insiders. To fill those gaps, global opportunities for cybersecurity professionals specializing in cloud security are many. But with so many certifications out there, which option most effectively demonstrates the broad knowledge and skills required to secure any cloud environment? Let’s compare three leading certifications: (ISC)² Certified Cloud Security Professional (CCSP) vs. AWS Certified Security - Specialty. CCSP is a vendor-neutral certification that demonstrates

    Sep 28,
  • In cybersecurity, threat actors are relentless. To keep systems safe, we need a process of controls to oversee the entire chronology of a potential attack scenario – protection before an attack happens, effective mitigation and correction during an attack, and recovery afterwards. The tools of defense are vital, but not enough. Organizations need to decide how to deploy these tools, how much to spend, how to train people, and how to ensure they maintain compliance with industry standards and governance/risk (GRC) requirements. Security controls must be organized and described in a way that non-IT people – employees and executives alike – understand and embrace, even if they do not fully grasp all the technical terms, and this is where specialized

    Sep 27,
1 2 3 6