IT service providers have recently become a common target of cyber attacks and 11 of them have been compromised since July 2018. Attackers target providers in attempts to gain access to their customers, according to a blog post by Symantec. What makes this especially ironic is that IT service providers often are the same companies that businesses hire to protect them against cyber threats. It’s not exactly a new tactic by cybercriminals, who in the past have even attacked security vendors. Perpetrators also have been known to target some companies purely to get to their business partners. This practice was the subject of investigation in a recent (ISC)² study titled, “Securing the Partner Ecosystem.” Symantec revealed that the group responsible

Earlier this week, S4 Inc. announced that it has been added to (ISC)²’s roster of Official Training Providers. Based in Colorado Springs, S4 is celebrating its 20th anniversary and has supported US Government, DoD and DHS agencies since 1999. S4 is now offering its first official (ISC)² Training Seminar for the CISSP certification beginning on September 30th, 2019. Other instructor-led training seminars will also be available later this year for the CCSP, CSSLP and CAP certifications. If you’re in the local area, you can register here. S4 will also host an open house this Friday, September 20, at its 8800 square foot Center for Excellence from 12:00pm to 4:00pm. The Center offers meeting and training services and features more than

The cybersecurity skills gap means companies are scrambling to fill security positions, and that presents an opportunity for you to find security work – even without direct experience. Faced with a critical shortage of qualified candidates, organizations are increasingly taking chances on nontraditional applicants and training them for security roles. One way to bridge a cybersecurity experience gap and get started? Make the case for your transferable skills. Success in security requires a mix of technical and soft skills. These can potentially come from ANY previous job. Analytical skills, enthusiasm for exploring technical questions and issues, and diagnostic experience will all serve you well in the security field. Business acumen and a background in project management also prove valuable in

by Dr. Chris Veltsos, CISSP, member of (ISC)² Advisory Council of North America Hardly a day goes by that I don’t hear or read about the benefits of mentoring. Can a good mentoring experience fix what ails organizations today? I’m not a mentoring guru so I can’t answer that particular question, but what dawned on me is how many people seem to think of mentoring as a narrowly defined relationship where the mentor gives — time and advice — and the mentee receives that information. While the relationship has value, in this article, I wanted to share other forms of mentoring, what I call other types of mentoring experiences, as they do also provide benefits to those outside the narrowly

Thank you for your feedback! We have concluded the process of receiving feedback as of October 4, 2019. (ISC)² regularly conducts Job Task Analysis (JTA) studies to review and update the content outline (or exam blueprint) of its credentialing examinations. A JTA is the methodical process used to determine tasks that are performed by credential holders and knowledge and skills required to perform those tasks successfully. Results of the JTA study link a candidate’s examination score directly to the domain knowledge being tested. The existing exam blueprint for CISSP will be reviewed in early 2020. In preparation for the upcoming review, we would like to hear from our CISSP members who are participating in this forum/community to comment on the