In a year that presented so many challenges – a global pandemic, social unrest and an economic downturn – one success is worth noting: When cybersecurity professionals were called upon to secure remote environments in a hurry, they stepped up. As many companies were forced to shift to a work-from-home model because of COVID-19 for most or all employees, cybersecurity teams went to work on securing both these newly created remote environments and existing corporate networks. Data from (ISC)²’s 2020 Cybersecurity Workforce Study shows respondents believe those efforts were largely successful. Even though 30% of cybersecurity professionals had a deadline of one day or less to transition staff to remote work and secure their environments, 92% of study respondents say

During her (ISC)2 Security Congress 2020 keynote speech, Juliette Kayyem used three words that tidily sum up the can-do spirit of the cybersecurity community: “We got this.” Kayyem, a former assistant secretary at the Department of Homeland Security, was speaking within the context of society’s ability to adapt, learn and build resilience during the COVID-19 crisis. Still, her remarks reflect the general ethos of the cybersecurity profession. Cybersecurity professionals recognize that if they can’t say, “we got this,” the alternative is too alarming to fathom. Cybersecurity workers have to adapt – all the time. Just like what society at large is experiencing during the pandemic, cybersecurity workers do in a continuum – protect, respond and adjust constantly. Achieving resilience is

If there is one thing adversity can teach you, it’s how to avoid bad situations in the future. Or so you would think. But when it comes to incident response, most organizations fail to conduct a post-incident review (PIR) or when they do, it tends to be ineffective, according to Faranak Firozan, who works in Incident Response for NVIDIA. As part of the (ISC)2 Security Congress 2020, Faranak delivered a presentation on PIR components and goals. She stressed the importance of PIRs in determining the causes of a security incident, its effects and the lessons an organization can learn to strengthen its security posture. The PIR fulfills three primary objectives – identification, improvement and future protection. Lessons learned about what

For anyone hoping the COVD-19 crisis will come to a quick end, former Homeland Security Assistant Secretary Juliette Kayyem offered some sobering words today: The virus will be with us for the foreseeable future. “I have to be blunt and tell you this period is going to exist until further notice. We are going to have to learn to live with the virus. Once you get your head around that, then the solution becomes clear,” Kayyem said. She delivered her remarks virtually as the third and final keynote speaker at (ISC)2 Security Congress 2020. Kayyem focused her talk on what cybersecurity teams need to do through the pandemic to ensure safe operations of their teams and the employees they support.

The COVID-19 pandemic delivered a serious blow to the global economy, but plenty of job opportunities remain in the cybersecurity field, according to Kris Rides, CEO of cybersecurity staffing company Tiro Security. There were cybersecurity layoffs, Rides said, but in much smaller numbers than in industries such as travel and entertainment, which have taken the brunt of the pandemic’s economic impact. Cybersecurity “is one area where companies couldn’t really afford to lay off people,” Rides said, during a virtual presentation as part of the (ISC)2 2020 Security Congress taking place this week. Kris Rides, CEO of Tiro Security The pandemic’s impact on cybersecurity jobs appears to have been temporary, according to Rides. “There were less jobs available, but that was