The Certified Authorization Professional (CAP) and Certified Information Systems Security Professional (CISSP) credentials. Both globally renowned certifications are held by experts deeply skilled and experienced in cybersecurity. What are the key distinctions you should consider if you’re weighing which one to pursue? CAP-certified security professionals have proven their skills in effectively advocating for risk management solutions to authorize systems that will support an organization’s mission within regulatory-mandated requirements. CISSP-certified professionals have been evaluated on their knowledge, skills, and ability to design, engineer, and manage an organization’s security posture. While a CISSP-credentialed professional has strong general knowledge of one regulatory requirement over another, the CAP professional has a more in-depth understanding of each and how to meet or exceed requirements for

Finding your first job in any field is often a challenge. But your first job in cybersecurity? With no previous experience? That may seem impossible, but it’s not. According to the (ISC)² Cybersecurity Workforce Study 2020, the cybersecurity workforce needs to grow by 89% to effectively defend organizations’ critical assets; however, that doesn’t mean jobs are easy to find for all eager applicants. Organizations can often set their expectations unrealistically high, making it hard to fill these roles. A cybersecurity hire doesn’t necessarily need to have previous experience to be the right fit for the position. There are many skills and personality traits that, when combined, create an excellent candidate for entry- or early career-level cybersecurity positions. Passion for learning,

To provide transparency with the association, (ISC)² provides a quarterly update for members and candidates where we report on the latest developments at (ISC)². Following our board meetings, our CEO, Clar Rosso, and (ISC)² Board of Directors Chairperson, Zachary Tudor, CISSP, recap the latest association developments. The 2021 Q3 update included membership milestones (including 10,000 CCSP members worldwide!), association accreditations and new executive leadership announcements focused on member benefits and advocacy. Zach and Clar also discuss what (ISC)² is doing to continue to address global diversity, equity and inclusion in cybersecurity, as well as the workforce gap.  You can view previous quarterly updates, as well as the latest Q3 update at https://www.isc2.org/Membership/ISC2-Insights.

As a cybersecurity professional, you probably spend most of your day honing your craft, refining your technical skills. While this is important, there are other focal points that should not be neglected. One of these is your responsibility to know all of the assets that are present in your organization.   Achieving full asset visibility is a difficult endeavor.  The inventory and classification process alone requires not only technical knowledge, but also the ability to discover those entities that are invisible to you.  This is a deeper subject than the specious tool-based promises of cataloging “Shadow IT”.  Asset visibility can be likened to the “fourth wall” of theater.  Want to learn more, and find out how the CISSP credential can

Container deployments are on the rise and expected to increase over the next 12 months. At the same time, container security incidents are rising exponentially. What types of security challenges are causing these events and, in turn, forcing organizations to delay application deployment?   Before answering, we need to understand why security challenges are currently emerging. Containers have been around since the early 2000s, yet developers didn’t begin using them until recently. Subsequently, organizations are only now beginning to realize their potential – and four areas that make container security uniquely tricky. Read the full article.