Blog

With more than 14,000 new Certified in Cybersecurity members joining (ISC)² last year and an additional 180,000+ Candidates gearing up to earn their first certification, (ISC)² will be supporting these cyber newcomers every step of the way.   Recently, the Center for Cyber Safety and Education held its first Birds of a Feather: Newbies in Cyber webinar to promote an open dialogue and space for those leaning toward a career in cybersecurity, career changers and anyone interested in joining the field with questions. Within this conversation, we heard many of the questions and concerns that have been echoed across our social channels and in the (ISC)² Community as well. Please see below for some helpful guidance and resources for those

UK government potentially skimps on senior cyber role salary as the NCSC calls for more investment in people, Microsoft talks up the potential for ChatGPT and the US moves to ban spyware.  By Joe Fay  U.K. Treasury Tries to Drive Down Inflation with Paltry Cybersecurity Salary  The U.K.’s Treasury department is looking for an “experienced” Head of Cyber Security willing to work for £55,500. The successful candidate will be “working at the heart of Government in a time of momentous change and offering a level of exposure and challenge that is hard to find anywhere else”. Amongst other things, they will supervise specialist security processes and the provision of device security throughout the organization. Commentators have lambasted the proposed salary,

We all learn differently. And we all have different schedules and needs when it comes to certification training. In the past, finding the time to train has been limiting for some. Enter adaptive online training, a new and innovative way to prep for certification that uses artificial intelligence (AI) to tailor the learning journey to each individual’s needs. It provides a non-linear, personalized learning experience that works well for busy professionals who want to upskill without having to rely on traditional linear learning models, which can be restrictive about time and pace. How it works (ISC)² is leading the way in rolling out this flexible learning option for certification training. Official (ISC)² Online Training uses AI-led adaptive learning to provide

In the latest of several recent announcements, the U.S. body responsible for cybersecurity is making a clear shift towards pre-emptive over reactionary reporting, alerting and advice for organizations.  By John E. Dunn  A defining characteristic of ransomware attacks is the element of surprise. By the time the victim receives the ransom note, it is usually already too late to contain an incident. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced a new pilot project, the Pre-Ransomware Notification Initiative, which it hopes will be able to notify more victims before this happens.  The premise is that attackers often linger inside networks for some time before striking. This offers a window of opportunity, according to CISA:  “These early warnings can enable

By John Weiler  Microsoft patches the “aCropalypse” vulnerability, ChatGPT leaks users’ billing information and the Latitude Financial breach expands to 14 million records. Here are the latest threats and advisories for the week of March 31, 2023. Threat Advisories and Alerts  FBI Alerts U.S. Companies of Email Scam Targeting Commercial Goods  The U.S. Federal Bureau of Investigation (FBI) has warned companies of a new type of business email compromise (BEC) fraud. Threat actors are impersonating known and reputable U.S.-based companies by spoofing email domains and display names of employees to place large orders for material goods without paying upfront. When vendors try to collect payment, they find that the purchaser was an impersonator using fake credentials or credit references.   Windows

Looking to earn your (ISC)² CISSP certification? Make sure you follow these updated steps to register for your exam. Here is how you can register for the CISSP exam: Log in to your account at www.isc2.org and visit the Register for Your Certification Exam If you don’t have an (ISC)² account, you’ll need to create one before you register for your CISSP exam. We recommend signing up as an (ISC)² Candidate so you can take advantage of discounted CISSP training and other benefits. You’ll then visit https://my.isc2.org/s/ISC2-Pearson to fill out your Exam Account Information form. Once completed, review for accuracy to ensure it matches your required identification that you’ll provide at your test center. Submit the form and then you’ll