CYBER SECURITY NEWS

Get Required (ISC)² study material

Send me my free ebook!!!

CYBER SECURITY NEWS

Cyber Security News Sources We're Following

CISSP Tips and Topics

CISSP Pass Rate 2023

What Types of Jobs Require a Security+ Certification?

Why Security+ Certification is Important
to Your Career

The Benefits of Online vs In-Person CISSP Training
You Need to Know About
So You Can Pass Your CISSP Certification Exam

The Top 10 Training Courses Online to Become a Certified Information Systems Professional So You Can Pass Your CISSP Certification Exam

The Eight Domains You Need to Know About and Master So You Can Pass
Your CISSP Certification Exam

Statistics You Should Know
About CISSP Certification

How CISSP Books and Study Guides Help You Prepare for Your Exam

Beginners Guide: How to become a Certified Information Systems Security Professional (CISSP)

What are the Benefits of CISSP Certification?

CISSP Certification: Experience Counts (What Experience Do You Need to Have Before You Take the CISSP Certification Exam?)

Why CISSP Certification is Important to Your Career

CISSP Requirements Guide: Requirements, Trainings, and Cost

Prerequisite Guide: How Should You Prepare to Take the CISSP Certification Exam?

Recent Cybersecurity News Highlights:

Solomon, M. (2023, December 7). "Burn and Churn: CISOs and the Role of Cybersecurity Automation: Organizations need to listen to their CISOs and start turning to cybersecurity automation for the qualitative benefits of employee satisfaction and well-being.Security Week. https://www.securityweek.com/burn-and-churn-cisos-and-the-role-of-cybersecurity-automation/
Carless, J. (2023, November 30). "How to maintain a solid cybersecurity posture during a natural disaster: Fire, flood, eathquake, hurricane, tornado: natural disasters are becoming more prevalent and they’re a threat to cybersecurity that isn’t always on a company’s radar. Here are some ways to prepare for the worst." CSO. https://www.csoonline.com/article/1249508/how-to-maintain-a-solid-cybersecurity-posture-during-a-natural-disaster.html
Beek, K. (2023, November 22). "Idaho National Nuclear Lab Targeted in Major Data Breach
The laboratory operates a major test reactor, tests advanced nuclear energy concepts, and conducts research involving hydrogen production and bioenergy." Dark Reading. https://www.darkreading.com/ics-ot/idaho-national-nuclear-lab-targeted-in-major-data-breach
Bradley S. (2023, November 22). "Batten down the hatches: it’s time to harden every facet of your Windows network: Gone are the days when a protected OS kept the bad guys out. Hardening authentication, the help desk, and log files in place is now needed to beat the bad guys." CSO. https://www.csoonline.com/article/1248963/batten-down-the-hatches-its-time-to-harden-every-facet-of-your-windows-network.html
Edge Editors. (2023, November 16). "IT Pros Worry That Generative AI Will Be a Major Driver of Cybersecurity Threats" Organizations are concerned about generative AI technologies as being a major driver of cybersecurity threats in 2024." Dark Reading. https://www.darkreading.com/edge-threat-monitor/it-pros-worry-generative-ai-will-be-a-major-driver-of-cybersecurity-threats
ISC2. (2023, November 10.) "Resources for Military Service Members and Veterans Transitioning to the Private-Sector Cybersecurity Workforce." ISC2 Insights. https://www.isc2.org/Insights/2023/11/Resources-for-Military-Veterans-Transitioning-Private-Sector-Cybersecurity-Workforce?queryID=64bd802dec1c47b90fc5246436b1f76e
Arghire, I. (2023, November 10). "US Government Issues Guidance on SBOM Consumption; CISA, NSA, and ODNI issue new guidance on managing open source software and SBOMs to maintain awareness on software security." Security Week. https://www.securityweek.com/us-government-issues-guidance-on-sbom-consumption/
Bradley, S. (2023, November 9). "Forget the spam filter: How unique phishing attempts undermine Microsoft email security." CSO. https://www.csoonline.com/article/1240792/forget-the-spam-filter-how-unique-phishing-attempts-undermine-microsoft-email-security.html
Edge Editors. (2023, November 6). "Steps to Follow to Comply With the SEC Cybersecurity Disclosure Rule: Mandiant/Google Cloud's Jill C. Tyson offers up timelines, checklists, and other guidance around enterprisewide readiness to ensure compliance with the new rule." Dark Reading. https://www.darkreading.com/edge/steps-to-follow-to-comply-with-the-sec-cybersecurity-disclosure-rule
ICS2. (2023, November 3rd). "ISC2 Cybersecurity Workforce Study: Looking Deeper into the Workforce Gap." ICS2 Insights. https://www.isc2.org/Insights/2023/11/ISC2-Cybersecurity-Workforce-Study-Looking-Deeper-into-the-Workforce-Gap?queryID=84e82de8a0067f92ddfdb29ec0dbbd47
Kovacs, E. (2023, November 2). "Boeing Confirms Distribution Business Hit by Cyberattack: Boeing has confirmed that parts of its distribution business were hit by a cyberattack after a ransomware group claimed to have breached the company’s systems." Security Week. https://www.securityweek.com/boeing-confirms-distribution-business-hit-by-cyberattack/
Bradley, S. (2023, October 26). "Copilot is ready for takeoff: Microsoft rolls out artificial intelligence for Windows." CSO. https://www.csoonline.com/article/657083/copilot-is-ready-for-takeoff-microsoft-rolls-out-artificial-intelligence-for-windows.html
NIST.gov. (Updated 2023). "Updating the NIST Cybersecurity Framework – Journey To CSF 2.0." https://www.nist.gov/cyberframework/updating-nist-cybersecurity-framework-journey-csf-20
From the site: "NIST initially produced the Framework in 2014 and updated it in April 2018 with CSF 1.1. Based on stakeholder feedback, in order to reflect the ever-evolving cybersecurity landscape and to help organizations more easily and effectively manage cybersecurity risk, NIST is working on a new, more significant update to the Framework: CSF 2.0.
Schuman, E. (2023, July 26). "Companies Must Have Corporate Cybersecurity Experts, SEC Says
Enterprises must now describe their management's expertise in cybersecurity. But what exactly does that entail?." DarkReading. https://www.darkreading.com/edge-articles/companies-must-have-corporate-cybersecurity-experts-sec-says
Brumfield, C. (2023, July 18). "House-passed US 2024 defense bill contains $13.5 billion for cyberspace activities." CSO. https://www.csoonline.com/article/646597/house-passed-us-2024-defense-bill-contains-13-5-billion-for-cyberspace-activities.html From the FY 2024 Defense Budget Overview: "The FY 2024 cyberspace activities budget resources the development of new capabilities and technologies to support the advancement of the Department’s cybersecurity and cyberspace operations programs (FY 2024, $0.5 billion). These activities will accelerate multiple innovative lines of effort across the Department to support the 2023 DoD Cyber Strategy and facilitate Information Advantage throughout the spectrum of competition, crisis, and conflict." Ref: Overview – FY 2024 Defense Budget https://comptroller.defense.gov/Portals/45/Documents/defbudget/FY2024/FY2024_Budget_Request_Overview_Book.pdf
Pratt, M.K. (2023, March 16). "When and how to report a breach to the SEC: Publicly traded companies will have to make decisions and prepare for the reporting of cybersecurity breaches to the Securities and Exchange Commission when new requirements are enacted." CSO Online. https://www.csoonline.com/article/3690732/when-and-how-to-report-a-breach-to-the-sec.html
Thinking about sharpening your INFOSEC tech skills and certifications? Good move! From The Bureau of Labor Statistics Occupational Outlook. "Employment of information security analysts is projected to grow 35 percent from 2021 to 2031, much faster than the average for all occupations." https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm

About Certified Information Systems Security Professional (CISSP) Certification:

ISC2. (2023, November 30). "CISSP+CCSP: The Power of Duo Cybersecurity Certifications: Organizations worldwide put a premium on the strength CISSP + CCSP together bring to their defense. CISSPs save 20% on training now." ISC2
Learn more: https://www.isc2.org/landing/powerduo/cissptoccsp
ISC2. (2023, November 15). "Changes to the CISSP Exam Weighting – What You Need to Know: Effective from April 15, 2024, ISC2 will refresh the CISSP credential exam. ISC2 regularly updates the exams and domain weighting for its certifications."
ISC2 Insights. https://www.isc2.org/Insights/2023/11/Changes-to-CISSP-Exam-Weighting?queryID=f10ca4e454bd734ac66d02e365af9aca
Call to Action: Review the current outline for CISSP-ISSEP concentration exam and reply to questions.
Link to: (ISC)2 Management. (2023, July 12). "Calling All CISSP-ISSEPs! Help Shape Future CISSP-ISSEP Exams!" (ISC)2 Blog. https://blog.isc2.org/isc2_blog/2023/07/calling-all-cissp-isseps-help-shape-future-cissp-issep-exams.html
(ISC)2 Management. (2023, March 30). "NEW CISSP EXAM REGISTRATION PROCESS FOR 2023: Looking to earn your (ISC)² CISSP certification? Make sure you follow these updated steps to register for your exam." (ISC)2 Blog. https://blog.isc2.org/isc2_blog/2023/03/new-cissp-exam-registration-process-for-2023.html
(ISC)2 Blog. (2022, December 13). "CALLING ALL CISSPS! HELP SHAPE THE CISSP EXAM." From the blog post: "Coming up next month, the CISSP will be taking its next step in the certification lifecycle with a JTA Study Workshop tentatively scheduled for January 17-19, 2023." Read more: https://blog.isc2.org/isc2_blog/2022/12/calling-all-cissps-help-shape-the-cissp-exam.html
"Changes to the CISSP Exam Length Coming Soon. Beginning June 1, 2022, additional pretest items and time will be added to the CISSP exam for the Computerized Adaptive Testing (CAT) format." (ISC)2 blog (March 10, 2022). Read further: https://blog.isc2.org/isc2_blog/2022/03/changes-to-the-cissp-exam-length-coming-soon.html
How is the CISSP-ISSMP Exam Changing? - (ISC)² Blog (isc2.org) (March 17, 2022)
"A Cybersecurity Role Has Topped List of Best Jobs" ... by (ISC)2 Management, (ISC)2 Blog (January 14, 2022)
Survey Says: CISSP and CCSP Among the Most In Demand IT Certifications of 2021 - (ISC)² Blog (isc2.org) (26 February 2021)
(ISC)² Updates CISSP Cybersecurity Certification Exam Based on Expert-Led Domain Revision ... (ISC)2 news release (01 February 2021)
"SURVEY: CISSP IS THE MOST VALUABLE SECURITY CERTIFICATION FOR 2021" ... (ISC)2 blog site (January 21, 2021)
"STUDY: CERTIFICATIONS BOOST SALARIES SUBSTANTIALLY" ... (ISC)2 blog site (November 2020)

News Sites of Interest to the Certified Information Systems Security Professional (CISSP):

(ISC)² insights: https://www.isc2.org/Insights
Krebs on Security: https://krebsonsecurity.com/
Schneier on Security: https://www.schneier.com/
Dark Reading: https://www.darkreading.com/
The Hacker News: https://thehackernews.com/
Daniel Miessler Blog: https://danielmiessler.com/blog/
CSO Online: https://www.csoonline.com/news/
Security Week: https://www.securityweek.com/
Wired: https://wired.com
Threatpost: https://threatpost.com

News Feeds

Thinking about taking the CISSP certification exam?

What are the benefits of CISSP certification?
What are the requirements for CISSP certification?
What experience do you need to have before you take the CISSP certification exam?
How should you prepare to take the CISSP certification exam?

Get Required (ISC)² study material

Send me my free ebook!!!

CISSP - Certified Information Systems Security Professional - About the CISSP NOW! method:

The CISSP NOW! method, documented in the CISSP NOW! ebook, references official (ISC)² study material, which may be purchased from Amazon: https://www.amazon.com/Certified-Information-Security-Professional-Official/dp/1119787637
If you do not have access to the official (ISC)² study material, you will not be able to follow the CISSP NOW! method.
The CISSP NOW! method is built around continuous self-assessment and quantitative feedback.