Security Experts:

long dotted


Senators have recently introduced and reintroduced bills whose goal is to help the U.S. government address the shortage of cybersecurity expertise. [Read More]
(ISC)² has increased the annual fee for its CISSP certification for security professionals by 47%, but members who hold will multiple certifications will benefit. [Read More]
Alphabet’s Jigsaw unit has published a quiz that tests users’ ability to identify phishing attacks and teaches them what signs to look for to determine if a message is legitimate or not. [Read More]
PCI Security Standards Council (PCI SSC) publishes new security standards for the design and development of payment software. [Read More]
The 2018 (ISC)2 Cybersecurity Workforce Study shows the workforce gap now stands at more than 2.9 million workers globally -- with 2.14 million cybersecurity staff required in the Asia-Pacific region, and almost half a million required in North America. [Read More]
Security awareness training firm KnowBe4 has added a Virtual Risk Officer (VRO), a Virtual Risk Score (VRS), and Advanced Reporting (AR) features to its security awareness training and simulated phishing platform. [Read More]
Democrat Congresswoman Jacky Rosen introduces Cyber Ready Workforce Act, a new bill that aims to address the cybersecurity workforce shortage [Read More]
The idea of a professional body to raise and maintain cybersecurity standards is good – but there are many concerns over how it may be implemented. [Read More]
U.S. Justice Department’s Cyber-Digital Task Force publishes first report, covering the threat to elections, cybercrime schemes, FBI’s role in incident response, and cyber personnel recruitment [Read More]
"Our society has not yet embraced cybersecurity as a civilization-defining competency, yet it is exactly central to our capacity to function in this massively technological age," ProtectWise CTO Gene Stevens told SecurityWeek. [Read More]

FEATURES, INSIGHTS // Training & Certification

rss icon

Chris Hinkley's picture
Without the internal and external safeguards working in conjunction, your vulnerability will spike and your performance will suffer as a by-product -- two things you can’t afford to have happen.
Matthew Stern's picture
Successful conduct of military operations requires a unit’s clear understanding of the battle space it controls and its “area of operations”. This includes not only the terrain of the battlefield but also the capabilities, motives, and determination of the enemy they face.
Jon-Louis Heimerl's picture
In a perfect world, we would not stress this awareness for one month only. Awareness should be a constant, ongoing effort.
Chris Poulin's picture
Security should be a fascinating, dynamic, and creative pursuit. I say have fun, be creative, be criminal in your thoughts, but not your actions. The black hats who have you in their targets are having a blast.
Jon-Louis Heimerl's picture
External attacks are not our only worry. Most security nuts have been saying for years that our biggest threat is not external, but rather the "Internal Threat." I will take that a step further and say that one of the biggest threats that we face is the "oops".
Oliver Rochford's picture
Oliver makes the case for why the way that security awareness training is often approached is flawed. But if done in the right way, Security Awareness Training can provide a lot of value and benefit the security posture greatly.
Oliver Rochford's picture
In addition to being a renowned theoretical physicist, Einstein was also a wizard at writing security procedures and processes. Here is a short selection of quotes from Albert Einstein, and why they are worthwhile when thinking about security.
Vincent Liu's picture
In developing a Secure Development Lifecycle, you always start by performing an assessment of your current situation in order to establish a baseline of where you stand. Generally, there are two different types of application assessment tools on the market - static analysis and dynamic analysis tools. But what about the human element?
Idan Aharoni's picture
There are many security companies, individual researchers and certain circles in academia that hold a wealth of information on cybercrime activities that could be the difference between a bust and a cybercrime investigation that leads to a dead end. It’s not just about collaboration with other law enforcement agencies, but also about collaboration with the security industry.
Rod Rasmussen's picture
The dangers for a university or college network can lurk everywhere from e-mail to the Internet infrastructure itself. When a student’s computer on a college network is compromised, it’s not just the student who pays the price—legally, so does the institution.