With the rise of cybercrime to a near exponential level, you may ask, “what is the front line in this battle with cybercrime?” The closest thing to a front line is the day-to-day security operations (aside from end points) of an organization. Be it a security operations center (SOC), logging and monitoring, insertable media management and maintaining preventive measures, or even security training and awareness— security operations can be considered one of the first lines of defense against the constant threat of cybercrime. The 7th domain of the CISSP certification exam covers security operati ..read more

The CISSP certification exam was last updated in May 2021. Domain 4 of this certification exam covers Communications and network security, and there have been some changes since the last exam update. This article will help you get a handle on the material domain 4 covers as a whole and what has changed. When demonstrating mastery, a full understanding of the fundamentals is paramount. Securing information systems, communications, and network security are fundamental elements of this corner of Information Security. Whether it be micro-segmentation, Wi-Fi networks or even a user’s voice, communi ..read more

The Certified Information Systems Security Professional, or CISSP, is a cybersecurity management certification. It is intended for experienced information security professionals and verifies that the cert holder has cybersecurity program design, implementation, and management knowledge. The knowledge that it certifies puts you on the footing of cybersecurity and IT management and may help open doors to those higher-level job roles. CISSP is known for helping certification holders bring home a respectable average salary. With that said, you may be wondering what this average salary is. This art ..read more

Risk is a crucial element in all our lives. In every action we plan to take in our personal and professional lives, we need to analyze the risks associated with it. From a cybersecurity perspective, industries such as energy, healthcare, banking, insurance and retail involve a lot of risks that impede the adoption of technology and need to be effectively managed. The associated risks which need to be addressed evolve quickly and must be handled in a short period of time. Both simple and advanced devices are now part of our everyday lives, ranging from road signs to intelligent vending mac ..read more

Securing information systems and having a tight handle on your organization’s identity and access management go hand in hand. Imagine how hard complying with the requirements of Confidentiality, Integrity, and Availability would be if you had no control over who was accessing your information system and resources! It would figuratively bring information security back to the stone age. Domain 5 of the CISSP certification exam focuses on Identity and Access Management, or IAM.  IAM is made up of business process, technology, and information that help organizations use and manage digital ide ..read more

An organization’s overall information system security strategy would be on poor footing without security assessments, testing and audits. They give an organization the ability to assess their security controls, test pre-release versions of applications, and audit their security processes. Properly implementing these measures requires the design, validation, security process data collection, and the ability to analyze test output and report the results to organization management. Security assessment and testing is covered by the 6th domain of the CISSP certification exam, which makes up 12% of ..read more

Imagine the implications of releasing software or an application riddled with vulnerabilities, with security thought of only after the fact. The 8th and final domain of the CISSP certification covers software development security, an essential consideration in an organization’s overall security approach for cybersecurity. This article will provide an overview of the domain and explain what’s new in the latest 2021 update. Below are the subdomains and objectives covered by domain 8 of the CISSP certification exam. This domain accounts for 11% of the average weight of material covered in the exa ..read more

Suppose your goal is to work as a government cybersecurity professional working with Information Assurance (IA), In that case, you will be required to earn a certification approved by the U.S. Department of Defense (DoD) Directive 8570.1. This directive applies to information security professionals that identify, tag, track, and manage cyber security/IA in the government workforce. DoD 8750 establishes three policies that strengthen cybersecurity readiness: Privileged users and IA managers shall be fully qualified, trained and certified to DoD baseline requirements to perform their IA duties ..read more

Certified Information Systems Security Professional (CISSP) holders are highly sought after in the cybersecurity space. This is because they have exhibited proficiency in all of the eight CISSP exam domains and also have around five years of hands-on, security-related experience. Job interviews, in general, can be stressful, and interview preparation is never an exact science; each company has its own specific job requirements based on its environment. It is a good idea to do as much research as possible about the company that is interviewing you, so you can brush up on technologies you think ..read more

Interested in earning your CISSP certification from (ISC)²? It’s the gold standard when it comes to information security professionals and can open the door to many positions within companies, organizations and government agencies around the world. In order to earn your certification, you’ll need to study and then pass an exhaustive CISSP certification exam. However, there’s more to it than just paying your fee and passing the test. (ISC)² is committed to ensuring that all members of the organization behave in an ethical manner. According to (ISC)², “They are expected to make difficult ethical ..read more