Cybersecurity Workforce

(ISC)² Provides Insight to Congressional Subcommittee on Diversification in the Cybersecurity Workforce

On May 21, (ISC)² COO Wesley Simpson was invited to join a panel of experts for testimony in front of the U.S. House of Representatives Committee on Homeland Security. The hearing, titled “Growing and Diversifying the Cyber Talent Pipeline” was a forum for committee members to ask witnesses for their observations and input on methods for growing the U.S. cybersecurity workforce and also for encouraging more minorities to join the profession. Mr. Simpson was joined on the panel by three other witnesses representing Grambling State University, The National Cybersecurity Institute at Excelsior College and McAfee. (ISC)² was approached by the…

Investing in the Next Generation of Cybersecurity Leaders

by Dr. Mansur Hasib, CISSP, PMP, CPHIMS Program Chair, Cybersecurity Technology, The Graduate School, University of Maryland University College In order for any discipline to advance and grow, each generation of established thought leaders must mentor and invest in the next generation. The new generation can infuse new ideas, varied approaches, and innovative new ways to explain and present material. This is exactly what happened in a dramatic way at the 2019 Secure Summit DC hosted by (ISC)² . John McCumber and Susan Lausch of (ISC)² invited me to organize a contingent of 30 graduate cybersecurity students and recent graduates…

U.S. Presidential Order Aims to Bolster Federal Cybersecurity

An Executive Order signed by United States President Donald Trump aims to grow the government’s cybersecurity capability, improve integration of the cybersecurity workforce between federal departments, and strengthen the skills of individual cybersecurity practitioners. The order, titled Executive Order on America’s Cybersecurity Workforce and signed by the president on May 2, creates measures to help federal agencies retrain workers interested in cybersecurity and requires agencies to adopt the National Initiative for Cybersecurity Education (NICE) Framework in government contracts. It includes an incentive component, creating an annual competition with cash rewards of at least $25,000 “to identify, challenge, and reward the…

Female Cybersecurity Workers Are Younger and Looking to Lead

The cybersecurity profession remains primarily a man’s world. But for how long? (ISC)² research reveals women are making fast gains in the industry, and as a group, they are setting their sights on leadership roles. Overall, female representation in the cybersecurity workforce has increased to about one quarter (24%), more than double the 11% estimate from 2016, according to (ISC)2’s Women in Cybersecurity report. The report is based on findings in the (ISC)² Cybersecurity Workforce Study 2018, and it uses different research methodology from the earlier study. For instance, it includes women who spend at least 25% of their work…

New Cybersecurity Reports Point to Increased Need for Retraining and Vulnerability Management

By now you’re well aware of the widely-reported (ISC)² research that shows there is a global cybersecurity shortage of 2.93 million professionals. Identifying, recruiting and training skilled talent to adequately secure organizational data assets obviously remains a top priority in our industry. Well, over the past few weeks, both Tripwire and IBM have published reports that focus on different layers of the problem and add to the conversation. In its Cybersecurity Skills Gap Survey 2019, Tripwire found that 80% of IT security professionals believe it’s becoming more difficult to find skilled cybersecurity professionals. Not a surprising figure. The interesting wrinkle…

Forget the Next Big Thing; What You Need Is A Skilled Staff

One of the most prestigious voices in the IT industry recently made an interesting proclamation: “The next big thing is dead.” So starts CompTIA’s IT Outlook 2019, which finds the next big thing is no longer about some new jaw-dropping technology advancement but rather a combination of various technologies, people and processes. If you’re expecting to be bowled over by a new technology trend any time soon, think again. Producing the desired business outcomes now means getting your human resources to expertly fuse together already-available technology building blocks and tools. And that’s what will fuel IT market growth of about…

CISSP Is Hot, Hot, Hot, Says CNBC

If you already have or are pursuing your CISSP from (ISC)², make sure you have your oven mitts at the ready. That’s because, as reported by CNBC, the new Upwork Skills Index includes the Certified Information Systems Security Professional as one of the 20 hottest job “skills” in the entire U.S. labor market. You read that right. Not just in security. Not just in IT. The entire labor market. Upwork is a platform for freelancers, so they keep a close eye on the types of skills employers are looking for and update their list quarterly to provide real-time validation of…

Cybersecurity Pros Are Not Feeling the Love… Again

Stop us if you heard this one before: Cybersecurity professionals are responsible for protecting their organization’s users and data from the dangers of cyber threats, but they feel underappreciated. Two-thirds (67%) believe “IT security is viewed either as merely reactive to business needs or a cost rather than an asset to the organization,” says a survey of cybersecurity professionals and CISOs by Thycotic, a privileged access management (PAM) vendor. The survey found that a majority of cybersecurity professionals in the United Kingdom and Germany say executives and co-workers see them as more of a burden than a business benefit –…

What Does Our Partnership with CyberUSA Mean?

By John McCumber, Director of Cybersecurity Advocacy, (ISC)² After a lot of planning and coordination, we were excited to announce our new partnership with CyberUSA earlier this week. What is CyberUSA, you may ask? Governed by its members, the nonprofit was established to enhance information sharing between states and improve cyber resilience at all levels of participation: local, regional, and national. It is focused on the common mission of enabling innovation, education, workforce development, enhanced cyber readiness and resilience within our state and local communities, and connects them at the national level. What does all that mean? The key takeaway…