At (ISC)² we are committed to positively impacting the cybersecurity industry in a big way. The board of directors and (ISC)² leadership is pleased to announce that we will provide free entry-level cybersecurity certification exams and self-paced educational program courses to one million new professionals starting a career in cybersecurity. The One Million Certified in Cybersecurity pledge is our global commitment that expands on the (ISC)² ‘100K in the UK’ initiative, which promised 100,000 free exams and course enrollments for U.K. residents earlier this year.  (ISC)² CEO Clar Rosso attended the Cyber Workforce and Education Summit at the White House on July 19, 2022 advocating for the expansion of the cybersecurity workforce to close the gap of 2.7 million cybersecurity

When hiring managers onboard new cybersecurity staff, there is typically an expectation that some learning on the job will be necessary. This is certainly the case when new hires are entry- and junior-level practitioners. But when can you expect those less-experienced new hires to perform their tasks independently? Depending on experience levels, they can be ready to contribute on their own in as little as six months, according to new research by (ISC)². The findings, published in the (ISC)² Cybersecurity Hiring Managers Guide, reveal that more than a third of hiring managers (37%) believe entry- and junior-level hires are ready to handle assignments independently within six months or less on the job. 67% say it takes entry-level hires up to

Callback scams, ransomware, Windows attacks and phishing … here are the latest cybersecurity threats and advisories for the week of July 15, 2022. Threat Advisories and Alerts North Korea State-Sponsored Cybercriminals Target U.S. Healthcare Organizations North Korea state-sponsored cyber actors are infecting the systems of U.S. healthcare organizations with Maui ransomware. The malware encrypts the servers of healthcare services—which can freeze up their electronic health care records, diagnostic services, imaging services and other critical functions—disrupting their operations for prolonged periods. Why are healthcare organizations targets? They are more likely to pay ransoms. According to Sophos' State of Ransomware in Healthcare 2022 report, 61% of healthcare organizations agreed to pay, which is a rate 15% higher than the global average. Source:

By Joseph Montes, CISSP In 2021, I decided to pursue the CISSP. I was looking for a certification that would help me to stand out and prove to myself and my peers that I know my field. I had experience in Unix, Irix, Linux, Windows, Networks, Servers, storage, project management, virtualization, telecommunications, terrestrial and submarine networks. I had some certifications and a master’s degree in Cyber Security. CISSP seemed like the most sensible progression in my career. STARTING MY JOURNEY TO CISSP Things started simple enough. I researched what I needed to know. I started looking at Reddit, Discord and Twitter for any information on how to study for my CISSP. The results were consistent; this is not a certification

The CISSP (Certified Information Systems Security Professional) certification got a few thumbs-up in a recent Dice article about whether cybersecurity jobseekers need certifications to land a position. Several cybersecurity professionals quoted in the article named the CISSP as a valuable certification. “I always recommend the Certified Information Systems Security Professional Cert (CISSP). For years, this has been the dominating certification in the cybersecurity industry. It is still a top-tier certification, and I would recommend it to anyone serious about a career in cybersecurity,” said Steve Tcherchian, Chief Product Officer at XYPRO. Magda Chelly, a cybersecurity author and researcher, cited the CISSP as one of the industry’s most popular certifications. Certifications such as CISSP and hands-on training, she said, are outweighing requirements