When it comes to cloud security, it’s the Chief Information Security Officer’s (CISO) responsibility to understand the risks of a cloud architecture and develop a strategy for protecting against existing and emerging threats. And Luis Gonsalves, Head of Security for Banco de Portugal, Portugal’s central bank, arguably has a bigger picture view than most. Not only is he a CISO, but he founded the Portugal Chapter of the Cloud Security Alliance. Gonsalves is also a professor at the Instituto Universitario de Lisboa, and the Portuguese Banking Training Institute and serves as a consultant for other companies. From this multifaceted vantage point, Gonsalves has observed the evolution of cloud security over the last nine years and how the Certified Cloud Security

By Dr. Lyron Andrews, CISSP, SSCP and CCSP The vast majority of organizations today have migrated to the cloud to take advantage of rapid deployment, scalability and user empowerment. Eighty nine percent of respondents to a 2019 survey by DivvyCloud have adopted the public cloud. But many don’t know how the cloud works, the best use cases, potential risks, or the tools available to help optimize their security posture. And even as organizations struggle to understand cloud basics, new industry concepts and technologies, such as zero trust, micro segmentation, containerization and microservices, continue to emerge. By pursuing Certified Cloud Security Professional (CCSP) certification, cybersecurity experts within the organizations can gain a holistic understanding of cloud architecture, infrastructure, deployment models, emerging

By Tony Vizza, CISSP, CCSP, Director for Cyber Security Advocacy - APAC at (ISC)² “Tony, why did you get into cyber security?,” I am often asked. Truth be told, I had an interest in IT from a very young age. In second grade, my classroom had an early model Apple which the teacher did not know how to use and which I taught her. In high school, I took computer studies as a subject. Following this, I enrolled and completed an undergraduate degree in computer science. My first job after graduation was as a programmer and network administrator within a large multinational travel agency. Later on, I worked in IT infrastructure design and architecture and even did a stint in

The cloud today has become what Forrester calls “a turbocharged engine powering digital transformation around the world.” Digital transformation is propelling  worldwide cloud service market projected growth from $182.4B in 2018 to $331.2B in 2022. Yet the cybersecurity skills shortage threatens safe cloud adoption and cloud security is the number one technology area most impacted by the shortfall. Because of this, many cybersecurity experts are finding themselves pushed by their employers to expand their expertise to the cloud. That was certainly the case for Nanditha Rao, Information Security Senior Advisor and Olayinka “Olay” Ladeji, Senior Principal Program Manager, Cloud Operations. Demand for cloud security expertise drove both to achieve the Certified Cloud Security Professional (CCSP) certification, Rao in 2017 and

Earlier in the year, we announced an upcoming update to the CISSP-ISSAP certification exam. Coming in November, the CISSP-ISSEP exam will also be updated. The CISSP-ISSEP is a concentration certification exam for those who already hold the CISSP. The concentration recognizes certification for those who have the keen ability to practically apply systems engineering principles and processes to develop secure systems. Those who hold it have the knowledge and skills to incorporate security into projects, applications, business processes and information systems. When the updated exam blueprint takes effect starting on November 13, 2020, the CISSP-ISSEP exam will be reduced from 150 to 125 questions, though the test time of three hours will remain the same. This aligns the exam with