According to a Security magazine poll, the Certified Protection Professional (CPP) certification from ASIS International is at the top of 30% of security leaders’ lists of what certifications they plan to obtain this year. The CPP was closely followed by the CISSP (Certified Information Systems Security Professional, from (ISC)2).
Cybersecurity is not a low-skill field. It requires general IT knowledge, specialist cybersecurity certifications, and, sometimes, knowledge about particular industry sectors such as finance and health. We need talented, skilled professionals to meet the demand. And we don’t need them in a few years – we need them now. How do we get enough people in the pipeline to meet the growing need?
Today’s center of gravity in cybersecurity is shifting, pulling the skills and experience of cyber defenders in new directions. In most companies, this situation has led to a convergence of responsibilities between physical security, information security and cybersecurity teams, and an increased commitment to “staffing-up” of dedicated “cyber defenders.”
There have been volumes written about the role of the CSO and how to gain a seat at the table in the C-suite. A relatively small number of CSOs have been able to convince their management that the CISO should be under their purview, citing the inherent mission conflicts that exist when the CISO reports to the CIO.
Analyzing the background of security leaders across the corporate security and risk management landscape, it is not surprising to see that a significant percentage of them have come from the public sector.
A lack of skilled staff remains the top security concern for organizations, according to the State of Security Operations Report. One way organizations can mitigate this challenge is to hire security consultants. These professionals work closely with their clients to help solve issues, implement best practices, and provide guidance.
Edward Snowden may have the reputation as the most infamous insider threat in recent history, but he’s not the only one who used his job and company resources to commit a crime. Learn why insider threat programs are necessary to allow the organization to prevent, detect, respond to and deter insider threats. Also in this issue: how security professionals can prevent workplace bullying, how mass notification is becoming part of the essential infrastructure of enterprises, and much more!