In cybersecurity, threat actors are relentless. To keep systems safe, we need a process of controls to oversee the entire chronology of a potential attack scenario – protection before an attack happens, effective mitigation and correction during an attack, and recovery afterwards. The tools of defense are vital, but not enough. Organizations need to decide how to deploy these tools, how much to spend, how to train people, and how to ensure they maintain compliance with industry standards and governance/risk (GRC) requirements. Security controls must be organized and described in a way that non-IT people – employees and executives alike – understand and embrace, even if they do not fully grasp all the technical terms, and this is where specialized

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP professional. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted. In this installment, we talk to AJ Yawn. AJ tells us about his motivation for setting it up his own business, his passion for mentoring and opening up pathways into cybersecurity, and why he thinks (ISC)² Chapters are a great place for networking and accelerating your career. What job do you do today? I am the co-founder and CEO at ByteChek, a cybersecurity Software as a Service (SaaS)

Your (ISC)² membership comes with more than being a leading industry expert. The “Exclusive Resources and Discounts” page located behind the member login gains you access to discounted event pricing, Member Perks and partner resources.  Discounts and deals are commonplace in large corporate settings, but today’s work climate has experienced a shift in traditional roles. InfoSecurity Magazine recently discussed this trend in “The Gig Economy: A New Battleground for Cybersecurity.” Stating that businesses’ increasing tendency to employ independent contractors and freelancers instead of full-time workers is making IT contracting an increasingly common gig economy role. Our 2020 Cybersecurity Workforce Study's findings supported this trend, with 31% of the respondents identify as consultants or contractors. Among our surveyed population, the largest group

Organizations are experiencing their fair share of ransomware attacks in the cloud. And the reality is, they aren’t always able to recover. Complexity in the cloud doesn’t just prolong recovery efforts. In some cases, it foils them completely. Companies must be able to recover from data destruction events to avoid potential business losses as well as civil penalties. The need for disaster recovery and business continuity has never been stronger. Here’s why and how you can bring cloud-based disaster recovery to the rescue. Read the full article. Want to learn more about CCSP? To learn more about how the CCSP credential can help you gain expertise and advance your career, download our white paper Cloud Security Skills Can Take Your

With businesses’ digital transformation initiatives accelerated during the pandemic, cyber risks are no longer an issue of the IT department. Cyber risks are business risks threatening the very existence of highly digitized and interconnected organizations. Companies are compelled to address those risks before they impact their operations. Risk management is the process of identifying, assessing and controlling risks to an organization’s business, assets, revenue, productivity and reliability. Risk management informs decision making on the investments, policies and practices to mitigate threats and minimize their adverse effects. A risk management approach benefits an organization in many ways as it strengthens their security posture and helps build trust with their customers. Read our article to find out more about the importance of