It’s time again for another (ISC)² Job Task Analysis (JTA) study, this time for the CAP certification. We frequently review and update our content outlines (aka exam blueprints) of our credentialing examinations. If you’re not familiar, the JTA is a methodical process used to determine tasks that are performed by credential holders and knowledge and skills required to perform those tasks successfully. As we prepare for a review of the CAP exam, we would like to hear from our CAP members! We would like you to comment on the new and emerging cybersecurity issues that should be addressed, but are not currently covered in the current CAP exam outline. This is your opportunity to shape the content of the CAP

Cloud security today is touted as better than ever. So how do we explain the ever-increasing number of data breaches? According to the new white paper, Cloud Security Risks & How to Mitigate Them, the disconnect arises from a shared security model. Cloud Service Providers protect the datacenter, but customers are responsible for safeguarding their own data, and focus is shifting from the provider to the customer. To reduce risks, cloud customers must take charge of data security. This is no small feat as many are in a period of transition and facing a wide range of threats… Insufficient access management and account hijacking System misconfiguration Hyperconverged environments Insecure interfaces and APIs Emerging technologies like AI and machine learning Clearly,

(ISC)²’s Certified Information Systems Security Professional (CISSP) is currently the sixth highest paying IT certification, according to newly published research. CISSP-certified cybersecurity professionals earn salaries averaging more than $140,000. The CISSP is one of just six IT certifications commanding salaries above $140,000, which places them on the 15 Top-Paying IT Certifications for 2020 compiled by training company Global Knowledge. The list contains salaries ranging from an average of $117,000 for Citrix Certified Professional – Virtualization to nearly $176,000 for Google Certified Professional Cloud Architect. The list’s top four certifications are either in cloud computing or cybersecurity, confirming that demand in these two areas continues to soar. In cybersecurity, (ISC)²research has revealed an acute shortage of cybersecurity skills, currently estimated at 4

The number of U.S. data breaches bumped up 17% in 2019 but despite the increase, the volume of sensitive consumer records that were exposed declined substantially by 65%, according to a newly published report. These statistics are a complete reversal of what happened in 2018, when the number of exposed consumer records soared by 126% and breaches declined by 23%, according to the Identity Theft Resource Center’s (ITRC) End-of-Year Data Breach Report for 2019  Data breaches tracked in 2019 in the United States jumped to 1,473, from 1,257 in the previous year, the report revealed. Meanwhile, 164,683,455 sensitive records were exposed, compared to 471,225,862 in 2018. The ITRC notes, however, that the 2018 Marriott data alone exposed 383 million records,

In yet another sign that (ISC)2 is working to increase its international efforts and alliances, today we’re excited to announce a new strategic partnership with the Australian Information Security Association to work jointly toward a safer and more secure cyber world. As the press release outlines: “. . . the Strategic Partnership Agreement . . . recognises (ISC)2 certifications as the global standard for cybersecurity certifications that AISA members can aspire to and achieve. AISA will run quarterly certification sessions to its membership for (ISC)2 certifications including the CISSP, CCSP and SSCP, among others. AISA will promote to its members (ISC)2’s award-winning webinar series and its research studies, and offer discounts on (ISC)2 Professional Development Institute (PDI) courses.” In order