Blog

As the cybersecurity skills shortage intensifies, cyber professionals have become the target of stiff competition among recruiters and employers. Compensation and benefits packages are becoming increasingly generous, essentially giving jobseekers the chance to write their own ticket. Compensation packages have exceeded $6 million at some large technology companies, according to a recent Bloomberg article. Such packages typically involve mostly stock but even so, they prove that it definitely pays to be in the cybersecurity field. Even the direct charges of top security officers are commanding salaries in the $1 million range, according to Bloomberg. The reasons for these bloated pay packages should come as no surprise to anyone in the cybersecurity field. As cyber attacks and extortion schemes continue to

Recruiting cybersecurity professionals is a major challenge because of the scarcity of qualified candidates, but at least employers don’t have to worry about them wanting to change professions. Most cybersecurity workers (64%) plan to finish out their careers in cybersecurity, according to (ISC)² research. Of course, this creates a new challenge for employers – how to retain their cybersecurity staff. With a worldwide shortage of nearly 3 million, there’s always a chance workers will leave for better pay or more attractive working conditions. To prevent this, employers must put serious effort into retention with measures such as robust training, professional development and open communication. The research shows that cybersecurity professionals want their opinions to be taken seriously when asked for

Already have a background in IT? Here are three tips for moving toward a more security-focused role. Take a cue from Goldilocks: Go after the industry certification that’s “just right.” This entails pursuing a credential that helps augment technical skills with security practices. Many choose the SSCP for its balance between the foundational and technical. SSCP allows you to prove a technical understanding without having to seek a more entry-level certification. Change your perspective to layer security into the work you’re already doing. Moving from IT to security is a natural evolution. Once you’ve gained the requisite knowledge and put it into practice, it’s just a matter of changing perspective. Whether you work on the networking team or the help

(ISC)²’s biggest and best Security Congress yet – with three days of more than 175 sessions and 200 speakers – kicks off in less than three months! Act now - Early Bird registration is still open and workshops and pre-conference trainings are filling up. This year’s conference will be held at the Walt Disney World Swan and Dolphin Resort and will feature workshops, career resources, awards, an escape room and so much more. Our Center for Cyber Safety and Education will once again host its annual volunteer orientation and other special programming.   Find out what Center Day at (ISC)² Security Congress has in store this year.

Part of (ISC)²’s role in the cybersecurity industry includes representing its members in legislative matters to ensure that we’re advocating for the profession and providing guidance to government leaders on new policies that may be championed. On Wednesday, August 14, (ISC)² Director of Cybersecurity Advocacy John McCumber will meet with The U.S. Senate Committee on Commerce, Science and Transportation to discuss the findings of the (ISC)² Cybersecurity Workforce Study and its implications on cybersecurity workforce advancement that the U.S. government might spearhead in collaboration with the private sector.  This type of input session will help to inform the committee during the August Congressional recess so that legislative decisions can be moved forward when Congressional leaders return to Capitol Hill in

You’re considering a cybersecurity certification and the SSCP and CISSP are both on your list. After comparing the material, you’re thinking there’s a good bit of overlap between the two. But is there, really? And if you sit for one exam would you be able to sit for the other without additional study or preparation? These are excellent questions. In fact, we hear them a lot. And the reality is, there ARE commonalities, which is true for most things in the field. However, these two certifications are wholly different and were developed from two distinct perspectives. In many ways, the CISSP certification holder would find the SSCP exam more difficult, as it’s focused on technical application. Although considered “entry level,”