The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP professional. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted. In this installment, we talk to influential trailblazer Dr. Christine Izuakor. Christine shares with us her incredible story as the youngest student and first African-American woman to achieve a P.hD in Security Engineering, how she planned her journey to achieve her dream job and how her passion for cybersecurity had fueled her every step of the way. What job do you do today? I am the founder

Application programming interfaces (APIs) allow applications to communicate with each other, simplifying software development. Developers add functionality from other existing solutions or build applications using services by third-party providers. APIs have become the drivers for businesses digital transformation initiatives opening up their apps and data to partners, suppliers and customers. Besides their increased applicability and benefits, APIs are often the source of security concerns and threats because businesses fail to secure them. Surveys have identified that authentication, vulnerabilities and visibility are the key pain points, enabling malicious actors to exploit insecure APIs and turn them into attack vectors. Despite the increased threats coming from unprotected APIs, organizations fail to approach their security in a comprehensive and robust manner, lacking security

In cybersecurity, threat actors are relentless. To keep systems safe, we need a process of controls to oversee the entire chronology of a potential attack scenario – protection before an attack happens, effective mitigation and correction during an attack, and recovery afterwards. The tools of defense are vital, but not enough. Organizations need to decide how to deploy these tools, how much to spend, how to train people, and how to ensure they maintain compliance with industry standards and governance/risk (GRC) requirements. Security controls must be organized and described in a way that non-IT people – employees and executives alike – understand and embrace, even if they do not fully grasp all the technical terms, and this is where specialized

In an effort to introduce more talent into the cybersecurity workforce, make cybersecurity a more accessible, inclusive and diverse profession, and close the cybersecurity skills gap, (ISC)² will pilot a new entry-level cybersecurity certification exam as part of its portfolio of industry qualifications. The entry-level certification will provide students, new entrants and career changers with clear and attainable professional development and career pathways from day one. In addition, it will give employers the confidence that new entrants into the sector have a solid grasp of the right technical, ethical and operational practices on which to build and learn. As a foundational certification, it will play a role in helping employers, educators, and governments close the cybersecurity workforce shortage by narrowing

When asked how CISOs could better address the impact of the cybersecurity skills shortage, the most popular suggestion was to increase the overall commitment to training, according to The Life and Times of Cybersecurity Professionals report from Enterprise Strategy Group and the Information Systems Security Association. In fact, security professionals must continue developing their professional skills or put their organizations at a competitive disadvantage, according to 91 percent of respondents. But with so many training and certification options out there, which most effectively demonstrates the broad knowledge and skills required to secure cloud environments? Let’s compare three leading cybersecurity certifications: (ISC)² Certified Cloud Security Professional (CCSP) vs. Cisco Certified Network Associate (CCNA) and Cisco Certified Network Professional (CCNP) Data Center.