Blog

Virtual Shadowing Not Only Works – It’s the Way of the Future When cloud security specialists are onboarded, a period of adjustment and learning is required, regardless of their level of education and certification. No one knows the intricacies of their new employer until they’ve been there a while. But what happens when their new workplace has adopted a virtual or hybrid model, where shadowing entirely in person is impossible? The (ISC)² white paper, Cloud Adoption and the Skills Shortage, looks specifically at why a shortage of qualified specialists is proving to be one of the largest impediments to cloud adoption. One contributor to the gap in expertise on staff cited in the research is a lack of mentoring. Certified Cloud

If you were called into one of your executive’s offices and asked to explain the difference between Diffie-Hellman key exchange and RSA in non-technical terms, could you do it?  As a security professional, that is probably not a problem. Even without too much effort, or math, you could easily help a non-technical person so that they would have a reasonable understanding of why these mathematical functions create the ability to securely conduct business on the internet. Now, if that same executive asked you to describe which one is recommended in the General Data Protection Regulation (GDPR), or the California Consumer Privacy Act (CCPA), would you recognize that it is a trick question, as neither of those prescribe a specific type

The data protection and privacy landscape is evolving and almost every country has now a privacy law or regulation that dictates how businesses should safeguard sensitive, personal data. Although these laws share many similarities with the EU GDPR, businesses migrating their employee or customers data to the cloud should consider the specific requirements of these laws before collecting, storing, and processing electronic data in the cloud. In addition to the privacy and security requirements, businesses should understand that although cloud security and privacy are distinct concepts, data privacy complements and strengthens existing data security in the cloud. With data locality and sovereignty and privacy-by-design being top concerns, as the Schrems II rule indicates, Certified Cloud Security Professionals (CCSP) should leverage

With an exam as prestigious at the CISSP, it is important to be well prepared. To ensure your path is on track CISSP books are your best assets to gain exam item knowledge and a complete understanding of the CBK and the eight domains covered in the CISSP exam. To help you select the best texts, we asked CISSPs what books helped them prepare for the exam. Top CISSP Books to Prepare for Exam Day The Official (ISC)² CISSP CBK Reference, 6th Edition by Arthur Deane and Aaron Kraus This is the authoritative common body of knowledge (CBK) from (ISC)2for information security professionals charged with designing, engineering, implementing and managing the overall information security program to protect organizations from increasingly

Adoption and usage of the cloud is evolving to combine with technologies like artificial intelligence, the Internet of Things, 5G and more, according to Sid Nag, Research Vice President at Gartner. “In other words,” he says, “cloud will serve as the glue between many other technologies that CIOs want to use more of, allowing them to leapfrog into the next century as they address more complex and emerging use cases.” With cloud roles expanding and so many certifications out there, which option offers cybersecurity experts the flexibility to grow with the coming waves of opportunity? Let’s compare two popular options, (ISC)² Certified Cloud Security Professional (CCSP) vs. Microsoft Certified: Azure Security Engineer Associate. CCSP is a vendor-neutral certification that demonstrates

In order to become fully certified as a CISSP, you must not only pass a rigorous experiential exam, but meet the CISSP work experience requirements. CISSP candidates are required to have a minimum of five years of cumulative work experience in two or more of the eight domains of the CISSP CBK. There are a few paths to accumulate this time: Education You can satisfy one year of work experience with either a college degree or an approved certification. You can apply either of the below to meet one year of the requirement: A four-year college degree or regional equivalent or an advanced degree in information security from the U.S. National Center of Academic Excellence in Information Assurance Education (CAE/IAE).