You asked – we listened! We are excited to announce new Online Self-Paced Training for the CISSP-ISSAP and CISSP-ISSEP concentrations. These courses are available in the recently updated (ISC)² Learning Management System. Both self-paced courses include online access for 134 days, as well as flash cards, a post-course assessment, case studies, quizzes, videos and other learning activities. The ISSAP concentration is ideal for a CISSP who specializes in designing security solutions and providing management with risk-based guidance to meet organizational goals. The Official (ISC)² ISSAP Self-Paced Training covers the six domains of the CISSP-ISSAP CBK®: Identity and Access Management Architecture Security Operations Architecture Infrastructure Security Architect for Goverance, Compliance, and Risk Management Security Architecture Modeling Architect for Application Security The

Patrick Strijkers is a 43-year-old information risk security officer at a pension funds firm in the Netherlands. He works in the IT security department in security incident management. Patrick’s employer runs a job rotation program, allowing him to gain experience in a variety of roles, with his next position coming invulnerability management this September. He holds the following security certifications: CompTIA Security+ CompTIA Network+ EC-Council Certified Ethical Hacker v8 EC-Council Certified Security Analyst v8 EC-Council Computer Hacking Forensics Investigator v8 Rapid7 Nexpose Rapid7 Metasploit Pro Patrick’s goal last year was to earn his CISSP certification. He attended a five-day boot camp course and studied for two and a half months before sitting for his exam on August 11 of 2017.

Security Congress is less than three months away! This year’s biggest and best cybersecurity conference will be held in New Orleans, Louisiana from October 8-10. Attending this year’s event can earn you as many as 46 CPEs for the year. To make sure you get the most out of #ISC2Congress, here are five things to do before you get to NOLA: Register for workshops Reserved seating workshops are new to Security Congress this year. We will have five workshops available throughout the conference that require a registration. If you’ve already signed up for Security Congress, great! You can login to your registration and add them to your schedule. If not, hurry! Only 60 seats will be available in each workshop

(ISC)²’s ThinkTank webinar channel has just been named the 2018 Highest Growth Channel in IT by BrightTALK, an online webinar platform aimed at providing professionals with business and professional growth.  ThinkTank is a free cybersecurity webinar channel that features 60-minute roundtable discussions with influential security experts. These discussions cover a range of thought-provoking topics that are among the most pressing cybersecurity challenges. BrightTALK awarded 10 organizations for accomplishments in the IT category. Those winners included Palo Alto Networks, Symantec, and more with (ISC)² being the only certifying body to be recognized.  So far this year, ThinkTank webinars have been viewed more than 60,000 times in North America alone, with the top-rated session being The Future of Authentication in a Hyper Connected

By Ravindra Krishna, CISSP In a recent Operational Technology (OT) cyberattack, Monero Crypto-currency mining malware was discovered in the ICS network of a water utility company located in Europe. The company found the malware during a routine monitoring check of their OT network and confirmed that the malware infected five servers including the Human machine interface (HMI), which is used to control and manage physical components of OT networks. This attack provides further evidence that OT networks are not simply vulnerable, but actually easy targets. The Post-Stuxnet OT Cyberattack Era I believe that we can divide OT attacks into two eras: before Stuxnet and post-Stuxnet. The infamous worm was a fully loaded weapon completely made of code. The first source