READY for What’s New at (ISC)² Security Congress in 2021? Cybersecurity professionals are facing some of the toughest challenges of their careers. The shift to remote work has been sudden and wide-ranging. Only about half (53%) of respondents to the 2020 (ISC)2 Cybersecurity Workforce Study say they were “very prepared” for remote work. It’s time to assess and reset. We are looking forward to our first-ever hybrid (ISC)² Security Congress on October 18-20. This year’s event will have something for everyone, whether you decide to attend virtually or in person at the Hyatt Regency Orlando. Based on your feedback, we strive to improve every conference to be better than the one before. In addition to hosting a hybrid event, there

Accelerating Your Security Career Requires More Than Just Paying Attention Many InfoSec professionals have seen so many breaches, whether through personal experience, or in the news, that it becomes apparent that a new approach is needed to combat the existing and emerging threats. Since the cloud is embraced by most organizations, the ability to protect the organization is also changing and becoming an increasingly important capability for the security professional. One way that companies are achieving better security is by creating a resilient security approach. This resilience, especially in the cloud, requires an upgrade to the skills of many security individuals. What better way is there to increase your cloud knowledge and accelerate and extend your career than by earning

When it comes to compliance in cybersecurity there are many regulations in play, GDPR, CCPA, HIPAA, to name but a few. Whilst you may have to take a key role in these regulations, you need the support and engagement of your organization. One nominated person is not enough. In the case of an InfoSec professional, culture is frequently the difference between a successful, and a failed endeavor. This is especially true when attempting to navigate the many regulations that impact an entity. Trying to find unity in the directives, and often disparate suggestions in many regulations can be a maddening exercise, and it needs everyone to be doing the right thing when no-one is looking. It needs a security mindset.

Organizations have expedited use of and reliance on public cloud services to run their businesses in ways that would have been hard to anticipate, even a few years ago. And for many smaller businesses without dedicated cybersecurity functions, skills or tools, public cloud services could offer a level of protection they may otherwise lack on-premises. But don’t assume basic cloud security services are a cure-all or dissuasion to bad actors. Today there is no safe haven from ransomware. In fact, attacks are targeting data and applications in the cloud nearly as often as they are directed at on-premises resources. Read the Full Article.

Cybersecurity professionals are far more likely to hold vendor-specific certificates than certifications from a vendor-neutral association or standards-based organization, according to the (ISC)² Cybersecurity Career Pursuers Study. But when asked which qualifications they would recommend to cybersecurity newcomers, professionals tend to prioritize vendor-neutral credentials. This preference suggests that even though current professionals followed a more traditional, vendor-specific path when gaining experience in the field (55% of current professionals entered cybersecurity from IT backgrounds), they see greater value in pursuing broader professional qualifications for people starting their careers now. This is a perspective that may be informed by their own lessons learned over the years. Cybersecurity professionals also emphasize the importance of cloud security in recommending certifications for pursuers. This is