The success of our membership-driven organization is closely linked to the effort that each certification holder puts into the organization. At (ISC)², we are fortunate to have a highly engaged membership that actively contributes to our success through volunteer opportunities. Our volunteers take on myriad tasks, from helping to organize events to speaking at conferences to developing certification exams. Another important way that members volunteer their time is by contributing informative blogs on timely cybersecurity topics that expand our knowledge base and help peers gain new insights into the cybersecurity field. (ISC)² members contribute blogs in two ways. One is through member-written blogs, in which authors cover a topic of their choosing with relevance to the membership. The second is

The (ISC)² Annual Meeting was held today (December 14, 2022), and below are the key outcomes from the meeting: Bylaw Vote Results The (ISC)² Board of Directors submitted bylaw amendments to the membership. The amendments were put to a vote from October 19-November 19, 2022. Results of the vote were as follows: 6,545 members voted “AGAINST APPROVAL” 2,628 members voted “FOR APPROVAL” 292 members voted to “ABSTAIN” The proposed amendments have not passed. During the meeting, (ISC)² and the Board recognized the need to engage further with membership before proposing future amendments. We are committed to working with members, including chapter leaders, regional advisory councils and other stakeholders to determine our path forward. New Members of (ISC)² Board of Directors

As you know, cybersecurity is a constantly changing field. In order to maintain the accuracy, relevance and excellence of (ISC)² exams, we regularly conduct Job Task Analysis (JTA) studies to review and update exam outlines. JTAs are a methodical process used to determine tasks that are performed in the field by credential holders, as well as the knowledge and skills required to execute those tasks successfully. This review process is continual for all (ISC)² certifications, resulting in regular updates to exams and exam outlines. Coming up next month, the CISSP will be taking its next step in the certification lifecycle with a JTA Study Workshop tentatively scheduled for January 17-19, 2023. As we prepare for this workshop, we would like

As organizations, applications, and users alike continue their journey toward the cloud, the demand for cybersecurity professionals with experience in cloud security increases. The knowledge and skills gap are the biggest concerns for all cloud-first organizations. According to the 2022 Cloud Security Report, lack of qualified staff is ranked as the biggest operational security headache trying to protect cloud workloads, while lack of qualified staff and knowledge was also echoed as the most challenging aspect of cloud compliance. Vendor certifications offer technical expertise The tech giants like Amazon, Google, and Microsoft, have listened to these concerns and invested an enormous amount to develop and promote their vendor certification programs for a good reason – the shared responsibility model of cloud

Chinese actors attack North America, Cuba ransomware and vendors start their predictions for 2023…. Here are the latest threats and advisories for the week of December 9, 2022. Threat Advisories and Alerts CISA Sounds the Alarm on Cuba Ransomware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint advisory about Cuba ransomware. Although the ransomware references the Republic of Cuba, there is no indication that the threat actors have any connection to the country. Five critical U.S. infrastructure sectors continue to be the target of attacks: Healthcare and Public Health, Government Facilities, Financial Services, Critical Manufacturing and Information Technology. Thus far, Cuba ransomware actors have extorted $60 million in ransom