The cybersecurity workforce gap of 3.1 million cannot be filled overnight; however, working with schools and encouraging younger generations to join the field will help in improving this number. (ISC)² is proud to support efforts that encourage the growth of the industry, including the U.S. Department of Energy’s CyberForce CompetitionTM. Students participating in 2019 CyberForce Competition. The CyberForce Competition is a realistic cyber defense competition providing a hands-on approach to understanding threats, vulnerabilities and consequences. Participants use interactive, scenario-based events where they solve problems using methods, practices, strategies, policies and ethics. Through the CyberForce Competition, the DOE has worked to increase hands-on cyber education to college students and professionals, awareness into the critical infrastructure and cybersecurity nexus, and basic understanding of cybersecurity within a real-world scenario.

By Diana-Lynn Contesti, CISSP-ISSAP, ISSMP, CSSLP, SSCP, John Martin, CISSP-ISSAP, and Richard Nealon, CISSP-ISSMP, CISSP, SSCP, SCF, CISM, CISA 2020 was a year of change. It changed the way that folks work and how they interact with each other. Wondering what 2021 might look like for information security professionals? This is the first in a series of posts where we will discuss what we believe 2021 may have in store for information security professionals. Some of the issues faced by security professionals in 2021/2022 will include (but are not limited to) the evolving landscape of privacy, and the ongoing necessity for remote access. The advent of 5G and AI, and the question of whether we will continue to be plagued

The gig economy has grown rapidly in recent years and now includes more than one third of U.S. workers who describe themselves as consultants, freelancers or self-employed. It isn’t surprising then that 31% of organizations say that consultants and contractors are the top source they tap into for cybersecurity talent, according to the (ISC)² 2020 Cybersecurity Workforce Study. In fact, this group is the second-most popular talent source overall, just after new university graduates. The largest number of consultants (40%) work with small and mid-sized businesses (SMB), which could include small sole-proprietary businesses (think a self-employed CISSP starting his or her own business), as well as those advising multiple clients while working for a small solution provider organization. 23% work

Have you ever baked something, only to see it fail due to the lack of a key ingredient? For instance, a cake will not rise if you add baking powder after you realize it was forgotten in the original ingredient list. The same is true for many failed endeavors. The addition of a critical component after the project is completed does little to improve the original plan. In many cases, it introduces unintended complexity that sets off a cascading series of problems. As a security professional, you probably can name a list of software that was released too early, requiring so many revisions to correct the problems that the original intent was dwarfed by the patches. According to one source,

In a year that presented so many challenges – a global pandemic, social unrest and an economic downturn – one success is worth noting: When cybersecurity professionals were called upon to secure remote environments in a hurry, they stepped up. As many companies were forced to shift to a work-from-home model because of COVID-19 for most or all employees, cybersecurity teams went to work on securing both these newly created remote environments and existing corporate networks. Data from (ISC)²’s 2020 Cybersecurity Workforce Study shows respondents believe those efforts were largely successful. Even though 30% of cybersecurity professionals had a deadline of one day or less to transition staff to remote work and secure their environments, 92% of study respondents say