In 2021, the supply of cybersecurity professionals increased across the globe, with the exception of the Asia-Pacific region and some parts of Europe, says (ISC)² CEO Clar Rosso. She discusses factors behind the workforce gap and how a diverse team can improve resolution of cybersecurity problems.
Microsoft launched a four-year campaign on Thursday with community colleges in the U.S. aimed at recruiting hundreds of thousands of people into the field of cybersecurity. The goal is to fill an expected shortfall of 250,000 workers in cybersecurity, which Microsoft says means rising risk.
For today’s business, security is a teamwide effort and should involve everyone at your organization, not just IT. All it takes is one slightly out-of-date computer or a reused password for a cybercriminal to gain access to your company's most sensitive data.
Is your security risk management handled only by IT?...
Of all the areas under his direction - business continuity, GRC, data governance - third-party risk is the most challenging, says Peter Gregory, senior director of cyber GRC at GCI General Communications Inc. "Their breach is my breach," he says, offering mitigation advice.
Accreditation organization CREST has concluded an investigation into whether NCC Group employees cheated on its penetration-testing exams, finding that the cybersecurity business's training materials violated its rules. It says NCC Group has agreed to overhaul its processes and demonstrate compliance.
Because of the shortage of cybersecurity workers, the federal government and the private sector need to consider accepting high school graduates as entry-level employees as well as finding new staff through certificate programs and apprenticeships, cyber education experts told a House subcommittee last week.
DevOps and the continuous integration/continuous deployment (CI/CD) pipeline are revolutionizing application development, test, and cloud delivery, enabling developers to write the application code and define the cloud infrastructure. But where is cloud security?
Shifting left allows cloud security to scale...
Today, security is everyone’s business—and it’s the foundation of everything you do in the cloud. AWS Cloud security training helps you build your skills quickly and effectively—with the flexibility to learn on your own terms.
Improving your security expertise can give you the confidence to innovate more...
As an international bank, Barclays needed to invest more in its information security training in order to minimize risk and ensure business continuity. The goal was learn and teach the modern way to minimize a security breach posed by the latest advanced threats.
Cyber sieges immerse teams in real-world cyberattack...
The cybersecurity sector has made strides in growing its workforce and improving diversity. But significant hurdles remain, and Clar Rosso, CEO of (ISC)², says the keys to clearing them include training and refining current hiring practices.
A recent study showed that even though 82% of cybersecurity professionals are familiar with the MITRE ATT&CK framework, only 8% said they used it regularly. This led to development of the new MITRE ATT&CK Defender training and certification. Rick Gordon of MITRE Engenuity explains.
CIO. Consulting CISO. Mentor. Activist on behalf of recruiting more women for cybersecurity and leadership. Jo Stewart-Rattray has filled many roles, and she has great insights to share with those who are starting or changing careers.