How has the COVID-19 pandemic affected enterprise IT security organizations around the world? And how are they rethinking their priorities and investments as a result? Find answers and insights inside CyberEdge Group’s Impact of COVID-19 on Enterprise IT Security Teams Report, sponsored by (ISC)². This comprehensive survey of 600 cybersecurity professionals representing 7 countries and 19 industries reveals an in-depth study of how COVID-19 has altered enterprises and how they are responding. The research shows: A 114% increase in remote workers during the pandemic 67% of responding organizations are experiencing IT security staffing challenges 75% claim COVID-19 has increased their preference for cloud-based security solutions 66% now have a BYOD policy in place, up from 41.5% pre-pandemic Clearly, networks and

The Many Advisory Roles of a CISSP A Long and Prosperous Career Throughout your cybersecurity career, you will spend a lot of time in the world of identify, protect, detect, respond, and recover. Sometimes, the skills required for the job can range from the mundane, such as running a phishing campaign, to some nail-biting, all-nighters of remediation (after someone ignored your carefully crafted phishing campaign and clicked on a malicious link). Your skills were not easily acquired. Perhaps you derived these skills from tinkering with machinery, dumpster-diving, and everything in between. Information security research has transitioned to more sophisticated tools and methods. The entire security profession has been elevated to new levels that require more than just technical know-how. In

The evolution of the cyber threat landscape highlights the emerging need for organizations to strengthen their ability to identify, analyze, and evaluate cyber risks before they evolve into security incidents. Although the terms “patch management” and “vulnerability management” are used as if they are interchangeable, this is not the case. Most are confused because applying patches is one of the many ways available in our arsenal to mitigate cyber risks. What is Patch Management? Patch management is a strategy for managing patches or upgrades for software applications and technologies and involves the acquisition, testing, and installation of multiple patches to an administered computer system in order to fix known vulnerabilities. Patch management significantly shapes the security of your business, network

The Internal and External Struggles of Ethics and the CISSP Credential As Old As Mythology All students of information security have heard of the Caesar cipher and the Spartan Scytale. These early encryption methods demonstrate the craftiness of the human mind. Encryption has evolved and become more sophisticated.  Encryption has been instrumental in the advancement of society. Can you think of another ancient mental construct of humanity that has remained static, yet is no less important to the functioning of society?  Let’s consider the topic of ethics. The concept of ethics has existed since ancient times, and the subject is still applicable today, in all areas of life, and is codified as a requirement in many professions, such as the

A corporate security policy is the cornerstone document of a company’s risk management. Does your business have the appropriate security controls in place to implement the policy, or is the policy a forgotten document in a dusty drawer? Although most companies have established security policies at the strategic level these are not always enforced, because they lack foundational support at the tactical level. The key to solving this is knowledgeable and skilled security practitioners who can take the lead and implement security controls aligned to the policy’s goals. Many security incidents may have been avoided if the proper security controls had been in place. As a result, affected businesses are running the operational risks of huge penalties by not being