Top
Image Alt

Author: Jennifer Hanly

  /  Articles posted by Jennifer Hanly (Page 9)

Learn about Secure Software Development from CCSLPs around the world Software security requires a creative and disciplined approach and a vision to develop secure strategy, tactics and execution. Excelling in the discipline demands thinking through the entire software lifecycle and enforcing security as a first-thought process. The (ISC)² Certified Secure Software Lifecycle Professional (CSSLP) is a comprehensive certification that addresses the spectrum of software lifecycle security. This eBook -  developed by (ISC)² - will enable you learn from CSSLPs around the globe about how the CSSLP has helped them succeed in their endeavors

SSCP Domain Refresh FAQ Why are changes being made to the SSCP exam? (ISC)² has an obligation to its membership to maintain the relevancy of its credentials and follows a rigorous, methodical process to routinely update its credential exams. This SSCP Domain Refresh FAQ details the updates. These ensure that the examinations and subsequent continuing professional education requirements encompass the topic areas relevant to the roles and responsibilities of today's practicing information security practitioner. How is the SSCP exam changing? The content of the SSCP has been refreshed to reflect the most pertinent issues

Why are small businesses reluctant to tackle the security question?  Why do they continuously avoid all discussions about risk and security? I believe that it’s not because they’re irresponsible, or that they don’t care about their business. I’m of the firm opinion that it’s mainly due to the Information/Cyber Security industry itself. Fear, Uncertainty and Doubt (FUD) have been used by many security professionals during conversations with their clients (and prospective clients) about risk. They’ve told their clients that their businesses are going to crash and fail; their sensitive data is going to

  A Cybersecurity program is universally essential, and employers need to continue to invest in their teams to ensure they develop the skills they need to support the business. Training should be structured but should also be tailored to the requirements of the organisation. Download this guide to learn more about the fundamentals of a training and education program and how they can be successfully applied across organisations and industries. Click on the image or HERE to view the The Enterprise Guide to Establishing a Cybersecurity Program

On three separate occasions this week I was given pause to consider the development of cybersecurity skills and the associated education and training we need to acquire them. To start with, on Saturday I read an excellent piece in the Irish Times by Fintan O’Toole called “No one is safe when half of us are digitally illiterate” (behind paywall). On the Monday of the following week I met a long-time security friend at a funeral. We discussed the abundance of training on offer, much of it being promoted by very well recognised

Cycubix is delighted to welcome Richard Nealon as a Senior Information Security Consultant. With extensive experience in Information Security and Risk Management, Richard’s expertise in the implementation of security frameworks and standards will help support our client's journey to compliance and enhanced security. About Richard Richard Nealon, CISSP-ISSMP, SSCP, SCF, CISM, CISA Richard is a seasoned Information Security and Risk Management professional with over 35 years experience.  He was one of the first certified information security professionals in Ireland and has worked for most of his career in the information technology area (Security,

I’ve been thinking (following three published cybersecurity breaches in Ireland – HSE, Ardagh Group , MyHome.ie in the past week), about what makes an organisation vulnerable to a breach and what an organisation can do to prevent it, or at the very least, remediate against it.  As we’ve seen this week, critical data is the lifeblood of all organisations. Immediate and prolonged loss of access to that data causes untold disruption and anguish. An “ostrich” strategy (keeping our head down and pretending that it won’t happen to us) is not a viable

As organizations grapple with a cybersecurity workforce gap estimated at 3.1 million worldwide, The 2021 Cybersecurity Career Pursuers Study from (ISC)² offers important insights on how to successfully build and retain a balanced and diverse team with a broad range of skills. The results are based on a survey of more than 2,000 cybersecurity professionals and jobseekers across the United States and Canada. The report advocates a reboot in the way organisations hire, train and retain talent in cybersecurity. For a long-term investment in their security personnel organisations must focus on

How to Reap the Benefits of DevSecOps  DevSecOps looks to merge “speed of delivery” and “secure code” to address security during the development process and not after an attack. Insecure DevOps creates risks for business. By detecting and fixing security issues during the development phases teams can create secure software and processes.  This paper was developed by (ISC)². Download the white paper to reap the benefits of DevSecOps in your organization. (ISC)² CSSLP certification demonstrates that IT professionals have the skills and knowledge to better incorporate security practices into each phase of the software

Use the CSSLP Mind Map to help you prepare for the CSSLP Exam We have developed a Mind Map based on the latest CSSLP Exam Outline from September 2020, to help students when studying for the (ISC)² Official Certified Secure Software Lifecycle Professional (CSSLP) exam.  Use this visual guide when reviewing the CSSLP domains. The Certified Secure Software Lifecycle Professional (CSSLP) validates that software professionals have the expertise to incorporate security practices into each phase of the software development lifecycle (SDLC). If you are interested in becoming CSSLP certified find out more about how