As the war in Ukraine rages on, (ISC)² leaders took the opportunity to remind cybersecurity practitioners in the most recent Inside (ISC)²  webinar of a simple but essential message: Be vigilant.

As the hostilities continue, it is possible the war will spill over into the cyber realm, said Jon France, who joined (ISC)² in January as the organization’s first CISO. Cyber is the “fourth plain after land, sea and air” in the Ukraine war, he said.

France joined CEO Clar Rosso and Board of Directors Chairperson Zachary Tudor for the quarterly webinar, during which they provided updates on the organization’s ongoing activities, including the introduction of an entry-level cybersecurity certification that is now in pilot phase. Among other topics, the discussion also covered the state of the cyber threat landscape and the potential effect of Russia’s invasion of Ukraine on cyber risks.

Cyber threat activity related to the war so far has been limited, France said, and some of it is directed at Russia. He advised cybersecurity professionals to “be very vigilant” about the conflict and its potential spillover to cyberspace.

Government officials and regulators in various countries, including the U.K., U.S., Australia and Germany have issued advisories encouraging organizations to remain on alert and educate users on the situation. Organizations are reminded to implement best practices such as password rotation, patch management and monitoring business operations, France said.

He urged cybersecurity practitioners to help each other. “Share indicators of compromise and indicators of threat with each other as and when you can if you see them,” he said. “One person’s detection is another person’s defense.”

Tudor, who sent good wishes to everyone affected by the Eastern European conflict, noted that (ISC)² has suspended all exam facilitation throughout Russia and its ally Belarus. And, because of sanctions imposed by the U.S. and NATO allies, activity also has been suspended in the Russia-occupied Ukrainian regions of Donetsk and Luhansk. (ISC)² members impacted by the suspension will receive an email notification when exam activity resumes.

(ISC)², in accordance with its hardship rules, has paused all fees from members in the affected regions, Tudor said. “These members should not have any concerns about their membership status, with much bigger priorities in mind,” he said.

Entry-level Exam Validation

Another topic highlighted in the webinar was the entry-level cybersecurity certification pilot exam. Rosso said (ISC)² is testing the validity and reliability of the certification exam and planning an official launch for the fall.

Twice as many people as needed to take the exam have enrolled in the validation phase, said Rosso. She explained the validation is needed to ensure the exam addresses the requirements of its target audience – cybersecurity newcomers.

The certification is part of (ISC)²’s efforts to help close the cybersecurity skills gap, currently estimated at 2.7 million worldwide. Rosso noted that recent (ISC)² research, soon to be published, indicates that it takes a long time to get entry-level cybersecurity professionals up to speed, an area the organization also is trying to address.

The entry-level certification exam activities, she said, have helped ignite DEI (diversity, equity and inclusion) efforts – another are of focus for the organization. A recent webcast on gender bias in the workplace drew more than 500 registrants, she added.

In other (ISC)² news, Rosso reported:

• The organization has completed a second online proctoring pilot; recommendations about the results will be considered during a Board of Directors meeting in April.

• Regional, in-person live events are back, and SECURE London is scheduled for April 7.

• Security Congress, scheduled for October in Las Vegas, also will be in-person. An online option will be available for those who cannot physically attend the event. Registration is now open , and members are invited to submit proposals to speak at the event.

• (ISC)² is continuing its advocacy efforts on behalf of members in the U.S., U.K., EU, Singapore and Australia. “We are working with governmental bodies to ensure your concerns are heard,” Rosso said, adding members are welcome to share suggestions for these activities.

 To watch the webinar in full, click here .