Blog

We held our first-ever (ISC)² SECURE Singapore event earlier this month. The in-person event saw leading cybersecurity experts from around the region engaging in discussions around cybersecurity amid profound changes and disruption around the world, and a global workforce gap.  David Koh, Commissioner of Cybersecurity and Chief Executive of the Cyber Security Agency of Singapore (CSA), started off the event with a keynote address. He argued that cybersecurity is akin to a team sport, where all organizations and individuals have a vital part to play in combating cyber crimes. Clar Rosso, CEO of (ISC)², and Zachary Tudor, CISSP, chair of the (ISC)² Board of Directors and Associate Laboratory Director of Idaho National Laboratory's National and Homeland Security Directorate, then joined

Carey Lohrenz, one of the first U.S. female fighter pilots, will provide “Lessons in Leadership” as a keynote at (ISC)² Security Congress 2022. As a pioneer in military aviation, Carey broke barriers as the first female F-14 Tomcat Fighter Pilot in the United States Navy and has flown missions worldwide. She knows what it takes to win in high-pressure moments while overcoming obstacles. She is the author of two best-selling books, “Fearless Leadership” and “Span of Control,” and as a consultant helps lead high-performing business teams to Prepare, Perform and Prevail Carey will share her experiences with the audience to empower attendees to take their careers, teams, and the cybersecurity industry to new heights. “Carey Lohrenz knows that working in

At (ISC)² we are committed to positively impacting the cybersecurity industry in a big way. The board of directors and (ISC)² leadership is pleased to announce that we will provide free entry-level cybersecurity certification exams and self-paced educational program courses to one million new professionals starting a career in cybersecurity. The One Million Certified in Cybersecurity pledge is our global commitment that expands on the (ISC)² ‘100K in the UK’ initiative, which promised 100,000 free exams and course enrollments for U.K. residents earlier this year.  (ISC)² CEO Clar Rosso attended the Cyber Workforce and Education Summit at the White House on July 19, 2022 advocating for the expansion of the cybersecurity workforce to close the gap of 2.7 million cybersecurity

When hiring managers onboard new cybersecurity staff, there is typically an expectation that some learning on the job will be necessary. This is certainly the case when new hires are entry- and junior-level practitioners. But when can you expect those less-experienced new hires to perform their tasks independently? Depending on experience levels, they can be ready to contribute on their own in as little as six months, according to new research by (ISC)². The findings, published in the (ISC)² Cybersecurity Hiring Managers Guide, reveal that more than a third of hiring managers (37%) believe entry- and junior-level hires are ready to handle assignments independently within six months or less on the job. 67% say it takes entry-level hires up to

Callback scams, ransomware, Windows attacks and phishing … here are the latest cybersecurity threats and advisories for the week of July 15, 2022. Threat Advisories and Alerts North Korea State-Sponsored Cybercriminals Target U.S. Healthcare Organizations North Korea state-sponsored cyber actors are infecting the systems of U.S. healthcare organizations with Maui ransomware. The malware encrypts the servers of healthcare services—which can freeze up their electronic health care records, diagnostic services, imaging services and other critical functions—disrupting their operations for prolonged periods. Why are healthcare organizations targets? They are more likely to pay ransoms. According to Sophos' State of Ransomware in Healthcare 2022 report, 61% of healthcare organizations agreed to pay, which is a rate 15% higher than the global average. Source:

By Joseph Montes, CISSP In 2021, I decided to pursue the CISSP. I was looking for a certification that would help me to stand out and prove to myself and my peers that I know my field. I had experience in Unix, Irix, Linux, Windows, Networks, Servers, storage, project management, virtualization, telecommunications, terrestrial and submarine networks. I had some certifications and a master’s degree in Cyber Security. CISSP seemed like the most sensible progression in my career. STARTING MY JOURNEY TO CISSP Things started simple enough. I researched what I needed to know. I started looking at Reddit, Discord and Twitter for any information on how to study for my CISSP. The results were consistent; this is not a certification