The Professional Development Institute (PDI) is expanding with three new express learning courses: Risk Fundamentals, Forensic Data Acquisitions and Securing the Remote Work Force. These new offerings are self-paced courses separated into two modules that qualify for two CPE credits. The PDI catalog now features 40on-demand courses free for (ISC)² members and associates and available for purchase as individual courses or bundled course access to anyone who is not an (ISC)² member. Let’s take a look at the new offerings:  Risk Fundamentals covers the basics of ever-present risks in business and the field of cybersecurity and prepares you to proactively manage risk. While each organization determines its unique risks, there are commonalities among the terms, concepts, and skills needed to measure and manage

On February 28, 2021, (ISC)² concluded a pilot test that assessed the feasibility of online proctoring for exams that are an essential part of our nine certification programs. Online examinations for the CAP, CCSP, CSSLP, HCISPP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP and SSCP certifications were administered February 15, 2021 – February 21, 2021. Online CISSP examinations were administered February 22, 2021 – February 28, 2021. For quality control purposes and anticipated candidate support concerns, we elected to offer all exams via online proctor only to candidates physically present within the United States. Since the conclusion of the pilot test, we have been collaborating with our development, delivery and security partners to assess and validate the results of the pilot program. While some

The Language of Profit and Loss Security professionals spend a lot of time honing their area of expertise. Your strength could be in packet analysis, or programming…maybe you are at your best in the realm of security engineering, or pentesting. Or, you may have the best technical skills, but when it comes to obtaining a budget for a project or a new security tool, you need to understand and explain the difference between likelihood, and probability. Why is this important? This is important because the language of business is based on profits and loss, and that component is key to your progress. How can you describe the need for a new security initiative that makes the point to the people

With data breach rates rising and criminal attack methods becoming more sophisticated each day, it is essential for every organization to take security seriously. That means cybersecurity training and education so that key stakeholders understand the risks that businesses are facing, and which strategies are most effective for protection. Who should receive cybersecurity training in your organization? While your immediate reaction might be to think training should stay with the cybersecurity team, there are actually many roles that would benefit from security knowledge and education. Cybersecurity is a shared responsibility and since many companies do not have a formal security team in place, managing risk can be a responsibility for many other roles within the organization. Watch the (ISC)² webinar Protecting the

With cyber attacks against financial and banking institutions now a daily occurrence, cyber threats have become the biggest risk to the global financial system, according to Federal Reserve Chairman Jerome Powell. During an interview on CBS News’ 60 Minutes, Powell said cyber risks surpass even the types of lending and liquidity risks that led to the Great Recession in 2008. The chances of a financial collapse akin to 2008 are “very low,” he said. “But the world changes, the world evolves, and the risks change as well. The risk we keep our eyes on the most is cyber risk.” If hackers succeeded in shutting down a major payment processor, which would seriously disrupt the flow of money between financial institutions,