The First Thing We Do, Let's Kill All the Lawyers The phrase “let’s kill all the lawyers” comes from William Shakespeare’s play, King Henry VI, Part 2. This is one of the most misinterpreted lines in all of Shakespeare’s works, and it is often used inaccurately, expressing a dislike for attorneys. This is not the way that Shakespeare intended it.  Shakespeare was not one to suggest the slaying of lawyers as a way to cure society’s problems. As an information security professional, have you often found yourself frustrated by the growing collection of cyber-based rules, guidance, regulations, and contemplations that our lawmakers can conjure up? As if the job of securing network systems isn’t hard enough, now we need the

The cybersecurity team can be a challenging one for organizations to keep engaged and happy. Talent is scarce, turnover and burnout rates are high. That’s why employers have to keep existing teams engaged in their profession, and current on the latest threats and defenses. To accomplish this, every organization needs a formal, standards-based cybersecurity training and education program for the employees responsible for securing their critical assets. What are the key components of a training program? Whatever an organization’s unique circumstances, three major tenets must guide any training effort: Security is an obligation, not an option. Evolving technology and constantly changing threat landscapes require a long-term, agile commitment to security. Skills development should be measured for effectiveness. Who should conduct

A Day in the Life Cybersecurity remains one of the most exciting technology jobs and one of the top sought-after positions by many technology professionals. It is also one of the most difficult positions for an employer to fill. Why is this the case? When you think about cybersecurity, the mind often drifts towards the good versus evil of technology. Cybercriminals are seemingly everywhere, seeking to make a digital dollar off of the vulnerabilities of unsuspecting individuals and organizations. The security practitioner, on the other hand, is the sleuth who hunts down and neutralizes the threats, remediating the vulnerabilities. All of this, both the good and the bad, are accomplished from the safe confines of a room with a computer.

The fast and innovative nature of modern business requires enterprises to become competitive and disrupt their markets. The best way to do that is to incorporate agile methodologies into operational processes. Software development is a business function transformed by agile methodologies. Agile Software Development Benefits Businesses Agile software development is the method of developing high-quality software solutions, web applications and mobile applications, where the requirements and implementations evolve through the collaborative effort of cross-functional teams and their customers. Agile software development focuses on continuous software delivery and requires change even in late development stages. Businesses benefit from agile software development methodologies in various ways: Faster development and time to market High-quality products Enhanced project management Reduction of risks Increased customer

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP professional. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted. In support of this, (ISC)2 has launched a series of interviews to explore where CISSP certification has led security professionals. Last time we heard from Melissa Parsons. This installment features Chris Clinton. He is CTO and co-founder of Naq Cyber, he is an advocate of helping small business owners protect themselves against digital threats. What job do you do today? I am the co-founder of a start-up