Why Does This Have to Be So Hard? As a security practitioner, how often have you heard the refrain from your colleagues that one of the security protocols that were so carefully thought-out and expertly implemented are just too difficult to deal with? Perhaps you have sighed when you had to adhere to your own security protocol? As a security evangelist, you understand the necessity of adhering to a set of security requirements, but as a normal staff member, you can understand the frustration of your non-security coworkers. Is there ever such a thing as being a “normal” staff member after you have crossed into the elite world of information security? It seems that once one becomes aware of all

The modern software developer faces an enormous amount of challenges. From continuously creating innovative apps to ensuring high quality and meeting tight deadlines, developers need to cope with many responsibilities. As a result, security is still one of the last priorities on many developers’ minds during the software development lifecycle. Vulnerable Apps Increase Cyber Threats Despite that the 2020 Verizon Data Breach Investigations Report indicates that most data breaches happen through vulnerable web applications, many developers are still hesitant to adopt a security mindset. Even though the news headlines are filled with the names of companies being compromised every day, they make the mistake of thinking it could not happen to them. Many software developers do not typically worry about

Is There Ever Too Much Data? As a security practitioner, you know that businesses are fuelled not only by people but by data. Years ago, the phrase “Big Data” was a new, innovative way to gain a business advantage. Now, big data is the norm. When we think of all the data that has been gathered, we must stop and wonder about what is contained in that data. Many important, and often private details are stored about the clients of a particular business. Over time, it became clear that this data, if obtained by criminals, could be damaging to an individual. Personally Identifiable Information (PII), Protected Health Information (PHI), private financial records, and a selection of other sensitive data hold

The cybersecurity team can be a challenging one for organizations to keep engaged and happy. Talent is scarce, turnover and burnout rates are high. That’s why employers have to keep existing teams engaged in their profession, and current on the latest threats and defenses. To accomplish this, every organization needs a formal, standards-based cybersecurity training and education program for the employees responsible for securing their critical assets. What are the key components of a training program? Whatever an organization’s unique circumstances, three major tenets must guide any training effort: Security is an obligation, not an option. Evolving technology and constantly changing threat landscapes require a long-term, agile commitment to security. Skills development should be measured for effectiveness. Who should conduct

Organizations in all industries and sectors are becoming less confident in their cloud security posture because of the complexity involved with multiple cloud environments and the expanded threat landscape. As a result, they seek accredited cloud security professionals to address these challenges. The (ISC)2 2020 Cybersecurity Workforce Study indicates 40% of industry professionals plan to pursue cloud security training within the next 2 years. Are you among them? Explore how cloud security training and certification can give your career a buzz – and arm you for an intergalactic emergency. Read the Blog