Blog

By Ala' F. Wrikat, MSc, CISSP, CISM. Ala' is currently a specialist in policies and strategic studies at the Financial-sector's CERT of Jordan. Defense in depth strategy has proven its effectiveness in preventing cyber threats over the years. At the abstract level, most technical security controls are designed with two main components; 1) a knowledge base, and 2) a matching engine. Each security product has its own version of a growing knowledge base of feeds (whatever these feeds are). The content and how frequent these knowledge bases get updated are often the basis of competition between vendors. In this context, where these knowledge bases are complementary, defense in depth is meaningful. However, with the emergence of Artificial Intelligence (AI) and

Last year’s Celebrating International Women’s Day: Carving a Cybersecurity Career Path webinar featured a panel of accomplished women in cybersecurity for a discussion that captured the female perspective in the field. The group came together to discuss the data surrounding the demographics that make up the workforce and how they are shifting. They also shared their journeys in the profession that led them to the leadership positions they now hold, including the challenges encountered and strategies they employed to succeed. The conversation took a look ahead to the evolution of diverse cybersecurity teams and the principles that inform how they are assembled. Join us for this year’s webinar Tackling Gender Bias - The Young Women's Perspectives on Monday, March 7

The (ISC)² Scholarship Program is part of an effort to bridge the cybersecurity workforce gap—which stands at 2.72 million needed professionals—by providing future cybersecurity professionals across the globe with scholarships to prepare them for a rewarding career in this important field. At the same time, the industry urgently needs more diverse perspectives and fresh talent to tackle the challenges of today and tomorrow. With the scholarships, (ISC)² wants to create more opportunities for historically underrepresented individuals and inspire more young people to pursue a career in cybersecurity. In 2021, Weijia Yan was awarded an (ISC)² Undergraduate Scholarship which supported her as she finished her senior year at Texas A&M University. Weijia graduated Magna Cum Laude in December 2021, earning a bachelor’s degree in

The Need for Entry-level Cybersecurity Education Is Critical As any employer who has tried to fill a vacant cybersecurity position knows, finding qualified candidates is anything but easy. The cybersecurity workforce would have to expand by 65% to meet global demand, according to (ISC)²'s 2021 Cybersecurity Workforce Study. Employers, therefore, need to keep an open mind when filling those positions by considering candidates with less experience. Once on board, however, new hires can be brought up to speed through education and certification. Even with sparse experience, a cybersecurity professional should be able to demonstrate an acceptable level of proficiency in the field. This is especially important for service providers, such as MSSPs, whose technicians have interactions with end customers. A

By Cynthia Freeney, CSSLP currently holds the dual role of project manager and security officer. Cynthia's current focus in the security realm is ensuring organizational policies, procedures, processes and security controls are in compliance and will withstand an upcoming SOC 2 Type II audit. There is a consensus among many industry thought-leaders, leaders within small, mid, and major-sized organizations, security researchers, and others regarding the importance of delivering secure solutions and products. An organization's ability to consistently and effectively provide secure products and solutions is predicated on its level of risk awareness, commitment to adopting and auditing processes that promote secure software development and allocated budget and resources. A secure software development lifecycle is essential to developing secure products and

Kaleb Worku’s record of academic distinction and relevant experience earned him the 2020 KnowBe4 Black Americans in Cybersecurity scholarship and the following year the CyberCorps® Scholarship for Service. Today, he is a junior in the School of Computer and Cyber Sciences at Augusta University pursuing a Bachelor of Science degree in cybersecurity. He is an undergraduate research assistant investigating medical device cybersecurity under the supervision of Dr. Michael Nowatkowski, CISSP and the captain of his school’s computing programming division of the Association for Computing Machinery. We caught up with Kaleb to discuss how earning this scholarship has impacted his journey and the ways in which he is working to make an impact on the future of cybersecurity. What prompted your