Month: September 2019

Cybersecurity Audits Are Now Standard Practice in M&A

Cybersecurity threats are a major concern for businesses of all sizes, and that challenge can have repercussions when a company puts itself on the selling block. One of the things buyers will want to know is whether the company has had a breach and, if so, how it was handled. If the business can show it addressed the breach in a satisfactory way and learned from the experience by fixing its security vulnerabilities, its sale value increases, according to 88% of respondents in a new (ISC)² study titled Cybersecurity Assessments in Mergers and Acquisitions. The study reveals that cybersecurity audits…

Attackers Are Targeting IT Service Providers

IT service providers have recently become a common target of cyber attacks and 11 of them have been compromised since July 2018. Attackers target providers in attempts to gain access to their customers, according to a blog post by Symantec. What makes this especially ironic is that IT service providers often are the same companies that businesses hire to protect them against cyber threats. It’s not exactly a new tactic by cybercriminals, who in the past have even attacked security vendors. Perpetrators also have been known to target some companies purely to get to their business partners. This practice was…

Update: New (ISC)² Official Training Provider S4 Inc.

Earlier this week, S4 Inc. announced that it has been added to (ISC)²’s roster of Official Training Providers. Based in Colorado Springs, S4 is celebrating its 20th anniversary and has supported US Government, DoD and DHS agencies since 1999. S4 is now offering its first official (ISC)² Training Seminar for the CISSP certification beginning on September 30th, 2019. Other instructor-led training seminars will also be available later this year for the CCSP, CSSLP and CAP certifications. If you’re in the local area, you can register here. S4 will also host an open house this Friday, September 20, at its 8800…

Looking to Break into Cybersecurity Without Direct Experience? Find Out How

The cybersecurity skills gap means companies are scrambling to fill security positions, and that presents an opportunity for you to find security work – even without direct experience. Faced with a critical shortage of qualified candidates, organizations are increasingly taking chances on nontraditional applicants and training them for security roles. One way to bridge a cybersecurity experience gap and get started? Make the case for your transferable skills. Success in security requires a mix of technical and soft skills. These can potentially come from ANY previous job. Analytical skills, enthusiasm for exploring technical questions and issues, and diagnostic experience will…

The Many Facets of the Mentoring Experience

by Dr. Chris Veltsos, CISSP, member of (ISC)² Advisory Council of North America Hardly a day goes by that I don’t hear or read about the benefits of mentoring. Can a good mentoring experience fix what ails organizations today? I’m not a mentoring guru so I can’t answer that particular question, but what dawned on me is how many people seem to think of mentoring as a narrowly defined relationship where the mentor gives — time and advice — and the mentee receives that information. While the relationship has value, in this article, I wanted to share other forms of…

CISSPs: We Need Your Insight

(ISC)² regularly conducts Job Task Analysis (JTA) studies to review and update the content outline (or exam blueprint) of its credentialing examinations. A JTA is the methodical process used to determine tasks that are performed by credential holders and knowledge and skills required to perform those tasks successfully. Results of the JTA study link a candidate’s examination score directly to the domain knowledge being tested. The existing exam blueprint for CISSP will be reviewed in early 2020. In preparation for the upcoming review, we would like to hear from our CISSP members who are participating in this forum/community to comment…

CISSPs: We Need Your Insight

(ISC)² regularly conducts Job Task Analysis (JTA) studies to review and update the content outline (or exam blueprint) of its credentialing examinations. A JTA is the methodical process used to determine tasks that are performed by credential holders and knowledge and skills required to perform those tasks successfully. Results of the JTA study link a candidate’s examination score directly to the domain knowledge being tested. The existing exam blueprint for CISSP will be reviewed in early 2020. In preparation for the upcoming review, we would like to hear from our CISSP members who are participating in this forum/community to comment…