Blog

The CISSP (Certified Information Systems Security Professional) certification got a few thumbs-up in a recent Dice article about whether cybersecurity jobseekers need certifications to land a position. Several cybersecurity professionals quoted in the article named the CISSP as a valuable certification. “I always recommend the Certified Information Systems Security Professional Cert (CISSP). For years, this has been the dominating certification in the cybersecurity industry. It is still a top-tier certification, and I would recommend it to anyone serious about a career in cybersecurity,” said Steve Tcherchian, Chief Product Officer at XYPRO. Magda Chelly, a cybersecurity author and researcher, cited the CISSP as one of the industry’s most popular certifications. Certifications such as CISSP and hands-on training, she said, are outweighing requirements

Cybersecurity recruitment has long been a challenge, and companies often exacerbate the situation by setting unrealistic expectations, especially for entry- and junior-level roles. A common misstep is to require qualifications and years of experience that few junior jobseekers have. In an industry with a workforce gap of 2.7 million worldwide, cybersecurity teams remain understaffed, potentially putting their organizations at risk. So, it pays to have a more realistic view of what to expect when devising a strategy to attract candidates for all cybersecurity roles. Changing Expectations Hiring managers are starting to grasp the wisdom of moderating their expectations when seeking junior cybersecurity practitioners, according to the findings of a new (ISC)² study on entry- and junior-level cybersecurity hiring practices. The

Ian Bremmer will keynote (ISC)² Security Congress 2022 with the presentation “Why Political Risk and Cybersecurity Collide in Times of Crisis.” The accomplished author, speaker, commentator and political scientist will lead attendees on a journey through the intertwined world of politics, cybersecurity and global issues. Ian Bremmer is a political scientist who helps business leaders, policy makers and the general public make sense of the world around them. He is president and founder of Eurasia Group, the world's leading political risk research and consulting firm, and GZERO Media, a company dedicated to providing intelligent and engaging coverage of international affairs. Ian is an independent voice on critical issues around the globe, offering clearheaded insights through speeches, written commentary and even

In the latest (ISC)² Think Tank webinar “How to Hire and Develop Entry- and Junior-Level Cybersecurity Practitioners” three hiring managers tackled the question of how to fill the workforce gap by sharing their insights and firsthand experiences. Jon France, (ISC)² CISO, Becky Goza, Senior Manager of Information Security for Love’s Travel Stops and Saju Thomas Paul, Head of Threat Hunting Service for Atos were guided through an engaging conversation following the recent release of the (ISC)² Cybersecurity Hiring Managers Guide by moderator Brandon Dunlap.  Hiring from Within  In the first live poll, panelists were surprised to see attendees report that only 11% of the audience seeks cybersecurity recruits, or are actively “poaching,” from other departments within their organizations. Becky highly

By Diana-Lynn Contesti (Chief Architect, CISSP-ISSAP, ISSMP, CSSLP, SSCP), and Richard Nealon (Senior Security Consultant, CISSP-ISSMP, SSCP, SABSA SCF) Ever find yourself in a struggle to defend your security budget or to introduce a change? This guide is a baseline to help you present the risk your organization faces. We (CISOs) believe in notifying management regularly on the risk health of an organization and know the best time to approach management for funding is directly after a security breach. However, none of us want that to happen, so we find ourselves struggling to defend the current security budget when trying to implement a change. It is worthwhile looking at the other side of the coin here – not only do we focus

The (ISC)² Pittsburgh Chapter is seeing great success by providing study sessions for both the CISSP and CCSP exams. While participating in a study group does not guarantee passing the exam, it does; however, help to connect with others, put learning into practice and implement study tips. We asked the Pittsburgh Chapter about their recipe for success in hosting study groups and having a high pass rate. If other chapters would like to replicate their success, they need to: Have a passionate leader run the sessions. Invite many people to join, even outside of the local geography. Offer both in-person and online study sessions. Be open and inclusive; allowing people of all skillsets and career levels to be involved. The