Alert fatigue, password change resistance, and poor cyberhygiene are just a few of the challenges that security specialists face. Human beings do not like being forced into habits, even when it is for their own well-being or that of the organization they work for. It’s a quirk of human nature that we have a hard time contemplating abstract notions of danger, especially when it’s introduced to us by others. Humans are guided in part by instinct and reflex. So if we cannot perceive danger through our physical senses, then we cannot process it accurately. When it comes to cyberhygiene activities, the threat we seek to avert seems invisible or inconsequential... Here’s a look inside the psychology behind it. Read the

The Catch-22 that has affected the cybersecurity profession since its inception remains a serious problem, according to a newly released report. To get a job in cybersecurity, many organizations require hands-on experience, but gaining that experience requires having a previous cybersecurity position in the first place. This conundrum is a challenge cybersecurity talent is fighting to overcome. The report is based on a study of 327 cybersecurity professionals in late 2019 and early 2020 by the Enterprise Strategy Group (ESG) for the Information Systems Security Association (ISSA). The findings underscore the need for more training and certification, and more creative approaches by hiring managers to find talent in unexpected places. “There is a continuous lack of training, career development, and

In a world that is constantly changing, the immediate future of emerging technologies looks exciting and promising. Rapid advances over the next five years may help humanity solve some of the biggest challenges like the climate crisis, our ability to cure illnesses, understanding the universe and our microcosmos, and improving productivity through business automation. Despite the obvious benefits technology brings, it has also created many cybersecurity and privacy challenges. The overall business risk has increased because of the changing and expanding threat landscape. Cyber criminals are also leveraging these technologies to launch their malicious actions, which are more sophisticated than ever and harder to detect. The World Economic Forum, in their annual Global Risks report, have ranked cyber related risks

If you’re looking for ways to fulfill your CPE requirements, it doesn’t get much more convenient than the Professional Development Institute (PDI), a portfolio of timely and relevant continuing education courses that are provided to (ISC)2 members as part of their membership benefits. The latest addition – available now – to the on-demand library of 36 courses is a Lab course titled “Security Analysis with SPARTA,” which is aimed at security practitioners and anyone looking to implement the penetration testing execution standard (PTES) and the tools and processes found within SPARTA and security assessment tools. SPARTA’s design automates many common vulnerability assessment tasks and is regularly used for network infrastructure penetration and security testing. This tool is primarily focused on

As COVID-19 continues to surge across the globe and corporate travel restrictions put in place, (ISC)² has announced its decision to make its Security Congress for 2020 a virtual conference. The renowned three-day conference, focused on industry discussion and continuing education for security professionals of all levels, will be held online from November 16-18. This decision is in recognition of the fact that many training budgets have been reallocated due to the economic impact of COVID-19. As such, (ISC)² Security Congress 2020 is offering a heavily discounted Early Bird pricing to (ISC)² members and associates of just $295 for an All-Access pass and $395 for non-members. Registration details will be announced when open, as well as more information on the full