For cybersecurity professionals, baseline management is vital because any asset not properly configured can become a security vulnerability. Baselines are fundamental to managing projects of all types and this is especially important in cybersecurity, where everything is a race against time and against very guileful opponents. Although baseline management seems like time-consuming “record keeping,” it is in fact the only way to know where you are, how your assets are operating, what has changed, and what needs to be changed. Not only does this help ensure the safety and security of the assets under your watch, it also helps with compliance. Baseline Configuration Management requires automated tools to help avoid missteps and oversights. The depth and frequency of baselining becomes

Are Employer Demands Contributing to the Cybersecurity Skills Gap? You’ve seen the job posting. It starts, “Looking for a cybersecurity specialist. Must have a master’s degree, certifications and 10 years of experience,” followed by, “This is an entry-level position with non-compensated job shadowing requirements.” These unrealistic expectations are the obstacles many cybersecurity professionals face once they complete their studies and rigorous exams. It’s an unfair barrier to entry. Clearly, hiring a person to work in any department in any organization is a risk. It costs money to locate, attract, assess, interview, hire, onboard and train someone, and it’s many months before that person’s true personality and capabilities emerge. The challenges triple when it comes to hiring for cybersecurity positions. Not

The mounting cybersecurity challenges facing organizations worldwide show no sign of slowing. Not only the shortage of qualified cybersecurity staff but also the lack of security awareness and skills among employees remain the biggest concerns, according to the 2021 Cloud Security Report by Cybersecurity Insiders. Global need for cybersecurity experts specializing in cloud security is growing demand for certification. But with so many credentials out there, which most effectively demonstrates the broad knowledge and skills required to secure any cloud environment? Let’s compare three leading certifications: (ISC)² Certified Cloud Security Professional (CCSP) vs. Symantec Certified Specialist-Administration of Symantec Cloud Workload Protection-R1 and Symantec Certified Specialist-Administration of Symantec Cloud SOC-R2. CCSP is a vendor-neutral certification that demonstrates the broad knowledge to

(ISC)² Security Congress 2021 was a big success with more than 3,000 virtual attendees participating live and viewing 125+ educational breakout sessions on demand as well. During and after the show, we prioritized getting feedback on improving attendees’ conference experience year over year. We heard your feedback and are happy to share that we will host (ISC)² Security Congress 2022 in Las Vegas, NV, October 10-12, 2022, at Caesars Palace and virtually. What’s In the Works for 2022 Star keynotes with marquee value 100+ educational sessions on trending cyber topics CPE credit opportunities Exclusive (ISC)² networking Career guidance and resources And much more! Interested attendees that register before the end of 2021 will receive an additional $200 off the Early

Internet of Things (IoT) devices are now everywhere. Ever since the earliest devices started to appear on the market, in homes, and worse, in corporations, security professionals have sounded the alarm about how these devices were built with no security in mind. Now, the National Institute of Standards and Technology (NIST) has released new draft guidance documents on securing these devices, both before release, as well as acquisition, and integration. These new publications will serve both corporations and consumers in a positive way. However, like any technical directions, the ideas set forth are only effective in capable and qualified hands.  To learn more about this topic, read our latest article. Read the Article. Want to Learn More About CISSP? To