by Paul Lanois, SSCP, CIPP, CIPT, CIPM, Member of the (ISC)² Advisory Council of North America Privacy Working Group If you have spent any amount of time online recently, then it is extremely likely that you have already heard about the General Data Protection Regulation (the "GDPR"), the European regulation which came into effect on May 25, 2018 and which governs data protection or individuals which have their personal data processed or stored by an organization within the European Economic Area (EEA). Meanwhile, information management professionals are likely to remain very busy in the coming months with the upcoming California Consumer Privacy Act of 2018 (the "CCPA") which can be considered as the most far-reaching data privacy law in the

In the digital age, security can no longer be an afterthought. As organizations modernize their IT environments through digital transformation initiatives, it’s become more critical than ever to bake security into new applications from the start. Virtualization giant VMware recognizes this new reality, which explains why it has decided to acquire two companies that give the company a stronger foothold in digital transformation and cybersecurity. One of the companies, Pivotal Software, brings to VMware a platform for developing applications in the cloud. The other, Carbon Black, has a cloud-native endpoint protection platform that ensures this is done securely. Together, the acquisitions send a strong signal by VMware and its parent company, Dell EMC, that it is serious about the role

Two of the industry’s most highly regarded cloud security credentials are the CCSP from (ISC)² and the CCSK from Cloud Security Alliance (CSA). Both offer a comprehensive education on cloud security fundamentals, but there are important differences. Here’s a quick breakdown of each. CCSP (Certified Cloud Security Professional). The CCSP is for IT and information security leaders seeking to prove their understanding of cybersecurity and securing critical assets in the cloud. It shows you have the advanced technical skills and knowledge to design, manage and secure data, applications and infrastructure in the cloud. Roles that typically require a CCSP include Cloud Computing Analyst, Cloud Administrator, Cloud Architect, Cloud Engineer, Enterprise Architect, Security Administrator, Security Architect and Systems Engineer. To qualify

A cybersecurity skills shortage is expected to result in 3.5 million unfilled positions by 2021. Research from ESG finds 51% of organizations believe they have a “problematic shortage” of cybersecurity skills – an increase of 7% year-over-year. Clearly, the skills gap is a serious problem, impacting an organization’s ability to keep up with software vulnerabilities, harden devices, respond to security issues quickly and strategically manage security in an ever-evolving threat landscape. With the odds stacked against them, businesses must find new ways to recruit and retain skilled security employees and proactively address the lack of talent to fill critical roles. Here’s what IT and potential security professionals should know about tackling this major skills shortage – and strengthening career prospects. Organizations

(ISC)² is a member of The Collaborative Alliance for Cybersecurity, a consortium of organisations that represent a substantial part of the cybersecurity community in the UK. As part of the Alliance, we will be participating in the design and delivery of the new UK Cyber Security Council on behalf of the Department for Digital, Culture, Media & Sport (DCMS). The Alliance, with the Institution of Engineering and Technology (IET) nominated as lead organisation, was selected following a competitive grant competition by DCMS. The Collaborative Alliance for Cybersecurity brings stakeholders together in the interest of advancing a healthy cybersecurity workforce for the UK, from the development of professional recognition to the collaboration around acknowledged priorities to move this workforce forward. The