A new study from HP Wolf Security reveals that cybersecurity teams are meeting a lot of resistance as organizations adjust to a hybrid work model. The hybrid model blends work-from-home (WFH) with in-office policies, requiring cybersecurity teams to implement security measures for both. But their efforts aren’t always appreciated. Resistance to security measures is especially strong in the 18-24 age group, which appears to prioritize efficiency over security. Nearly half (48%) of respondents in the study, titled Rejections & Rebellions, said security policies are a hindrance and waste time. More than half (54%) are more worried about deadlines than potential exposure to security breaches, and 39% weren’t even sure what their companies’ security policies cover. The survey also found that

The U.S. House of Representatives is scheduled to vote on a $1 trillion bipartisan infrastructure bill on September 30, 2021. Back in August, the U.S. Senate passed the bill, which included $1.9 billion for cybersecurity initiatives. According to The Hill, the funds will go toward securing critical infrastructure against attacks, helping vulnerable organizations defend themselves and providing funding for a key federal cyber office, among other initiatives. The House is now set to vote on the bill, and if passed, it will go to the President for his signature. But what exactly are the cybersecurity provisions within the Infrastructure Investment and Jobs Act (H.R. 3684)? The (ISC)² Advocacy Team did some digging and pulled together the following comprehensive list of cybersecurity

Worldwide end-user spending on public cloud services is forecast to grow 23.1% in 2021 to total $332.3 billion, up from $270 billion in 2020, according to the latest forecast from Gartner. Spending on cloud management and security services, specifically, is expected to grow 12% in the next year, from approximately $16 billion in 2021 to about $18 billion in 2022. Demand for cybersecurity experts specializing in cloud security is skyrocketing worldwide. But with so many cloud certifications out there, how do you know which one is right for you? (ISC)² Certified Cloud Security Professional specifically focuses on cloud security, testing candidates’ skills and knowledge across six cloud security domains. It validates your ability to design, manage and secure data, applications,

Continuous Monitoring (CM) as the ability to maintain ongoing awareness of information security, vulnerabilities, and threats to facilitate risk-based decision making. The ultimate objective of CM is to determine if the security and privacy controls implemented by an organization continue to be effective over time considering the inevitable changes that occur in the environment in which the organization operates. Continuous Monitoring removes the limitations of manual or one-time assessments and facilitates real-time risk management through automating monitoring processes. CM benefits businesses in many ways by providing visibility into undiscovered system components, misconfigurations, vulnerabilities, and unauthorized changes, which can potentially expose organizations to increased risk if not addressed. Discover why continuous monitoring is important, the implementation considerations and the benefits in

Organizations worldwide are facing new security challenges presented by cloud computing, as most legacy security tools fail to meet the requirements of dynamic, distributed, virtual cloud environments. In fact, 81% of organizations say traditional security solutions don’t work at all in cloud environments or have only limited functionality, according to the 2021 Cloud Security Report by Cybersecurity Insiders. To fill those gaps, global opportunities for cybersecurity professionals specializing in cloud security are many. But with so many certifications out there, which option most effectively demonstrates the broad knowledge and skills required to secure any cloud environment? Let’s compare three leading certifications: (ISC)² Certified Cloud Security Professional (CCSP) vs. AWS Certified Security - Specialty. CCSP is a vendor-neutral certification that demonstrates