Cybersecurity Training

How gamification can improve employee cybersecurity compliance

As published in the July/August edition of InfoSecurity Professional Magazine By Crystal Bedell As a former cyber analyst for the government, Masha Sedova has seen firsthand what a Russian state-sponsored attacker is capable of. So, when she was charged with building a security culture at Salesforce in 2012, she knew an employee newsletter and animated videos wouldn’t prepare end users in the event of a targeted corporate attack. “I thought, ‘There’s no way this will work. It’s a waste of time,’” says Sedova, co-founder of Elevate Security in Berkeley, Calif. “In order for an organization to withstand an attack like…

Update: New (ISC)² Official Training Provider S4 Inc.

Earlier this week, S4 Inc. announced that it has been added to (ISC)²’s roster of Official Training Providers. Based in Colorado Springs, S4 is celebrating its 20th anniversary and has supported US Government, DoD and DHS agencies since 1999. S4 is now offering its first official (ISC)² Training Seminar for the CISSP certification beginning on September 30th, 2019. Other instructor-led training seminars will also be available later this year for the CCSP, CSSLP and CAP certifications. If you’re in the local area, you can register here. S4 will also host an open house this Friday, September 20, at its 8800…

Looking to Break into Cybersecurity Without Direct Experience? Find Out How

The cybersecurity skills gap means companies are scrambling to fill security positions, and that presents an opportunity for you to find security work – even without direct experience. Faced with a critical shortage of qualified candidates, organizations are increasingly taking chances on nontraditional applicants and training them for security roles. One way to bridge a cybersecurity experience gap and get started? Make the case for your transferable skills. Success in security requires a mix of technical and soft skills. These can potentially come from ANY previous job. Analytical skills, enthusiasm for exploring technical questions and issues, and diagnostic experience will…

VMware Acquisitions Highlight the Importance of DevSecOps

In the digital age, security can no longer be an afterthought. As organizations modernize their IT environments through digital transformation initiatives, it’s become more critical than ever to bake security into new applications from the start. Virtualization giant VMware recognizes this new reality, which explains why it has decided to acquire two companies that give the virtualization giant a stronger foothold in digital transformation and cybersecurity. One of the companies, Pivotal Software, brings to VMware a platform for developing applications in the cloud. The other, Carbon Black, has a cloud-native endpoint protection platform that ensures this is done securely. Together,…

Most Cyber Workers Plan to See Out Their Careers in the Field

Recruiting cybersecurity professionals is a major challenge because of the scarcity of qualified candidates, but at least employers don’t have to worry about them wanting to change professions. Most cybersecurity workers (64%) plan to finish out their careers in cybersecurity, according to (ISC)² research. Of course, this creates a new challenge for employers – how to retain their cybersecurity staff. With a worldwide shortage of nearly 3 million, there’s always a chance workers will leave for better pay or more attractive working conditions. To prevent this, employers must put serious effort into retention with measures such as robust training, professional…

3 Pro Tips for Moving from IT to Security

Already have a background in IT? Here are three tips for moving toward a more security-focused role. Take a cue from Goldilocks: Go after the industry certification that’s “just right.” This entails pursuing a credential that helps augment technical skills with security practices. Many choose the SSCP for its balance between the foundational and technical. SSCP allows you to prove a technical understanding without having to seek a more entry-level certification. Change your perspective to layer security into the work you’re already doing. Moving from IT to security is a natural evolution. Once you’ve gained the requisite knowledge and put…

SSCP vs. CISSP Exams: How are they different?

You’re considering a cybersecurity certification and the SSCP and CISSP are both on your list. After comparing the material, you’re thinking there’s a good bit of overlap between the two. But is there, really? And if you sit for one exam would you be able to sit for the other without additional study or preparation? These are excellent questions. In fact, we hear them a lot. And the reality is, there ARE commonalities, which is true for most things in the field. However, these two certifications are wholly different and were developed from two distinct perspectives. In many ways, the…

Commit. Plan. Succeed.

With half the year already in the rearview, it’s a great time to reflect on your goals. Is achieving the CISSP, CCSP, SSCP or another elite (ISC)² certification part of your plans? If so, do you have a winning strategy in place? Here are three tips to help you get – and stay – on track as you pursue next steps. Set an exam date. Registering now can keep you motivated and focused on your certification goals. And the sooner you pass the exam, the sooner you’ll prove your cybersecurity expertise to employers and peers! Develop a study plan. Work…

The Challenges of Raising User Security Awareness

One of the toughest challenges of cybersecurity is to raise awareness among users. Technology solutions are instrumental in achieving a solid security posture, but they only get you so far. There’s always the risk a user will make a split-second bad decision and open the door to attack. User awareness was the topic of a recent (ISC)² webcast, Delivering Security Awareness that Works. Participants shared their experiences in modifying user behavior and the challenges they face on a daily basis to save users from their own potentially harmful actions. User Risks One theme quickly emerged: Cybersecurity teams must be on…

2019 Security Congress – The Agenda is Live!

You’ve been curious. You’ve waited patiently. And now you’ll know exactly which sessions you can look forward to at our ninth annual Security Congress in Orlando! The full agenda for this conference is now online for you to browse and you won’t want to miss this year’s event. Security Congress will advance a global perspective and vision as our premier conference for thousands of cybersecurity professionals from all over the world. With more than 4,000 attendees expected, 18 tracks, 175 sessions and more than 200 speakers, this will be the biggest program ever. Featured sessions include: A panel discussion on…