Top

On April 15, 2024, ISC2 will refresh the CISSP credential exam. These updates are the result of the Job Task Analysis (JTA), which is an analysis of the current content of the credential evaluated by ISC2 members on a triennial cycle. Q: Why are changes being made to the CISSP exam? A: ISC2 has an obligation to its membership to maintain the relevancy of its credentials. These enhancements are the result of a rigorous, methodical process that ISC2 follows to routinely update its credential exams. This process ensures that the examinations and

It is Cybersecurity Awareness Month and as organisations look to safeguard confidential data and support the growth of their business, we focus on the importance of engaging all employees to play their part in bolstering the security and resilience of the organisation - and the connection between Cybersecurity Awareness and Certification. Do you wish to Minimise the chances of a cyberattack being successful? Empower your employees with the latest cybersecurity knowledge? Demonstrate to clients your commitment to protecting their information? Cybersecurity awareness and certification can help you achieve these goals. New technologies

On September 15, 2023, the CSSLP credential exam will see some updates and changes as was previously announced on January 18, 2023. As with all ISC2 certifications, this exam update is based on a Job Task Analysis (JTA) process which ensures the exam accurately reflects the industry.   Effective September 15, 2023 An exam that is up to date ensures that those who hold the CSSLP, such as software development and security professionals, are applying best practices during each phase of the Software Development Life Cycle (SDLC)– from software design and implementation to testing and deployment. Q: Why

Discover the critical changes, what is involved in updating to ISO 27001:2022 and act NOW to adopt the latest standards. Position your organisation as a proactive leader, boosting stakeholder confidence and increasing trust in your operations. By Richard Nealon What Has Changed with ISO 27001:2202? The 27001 Standard was so well written (along with its accompanying set of 27002 controls) in its last two iterations (2005 & 2013), that it almost remained the same up until 2022.  In February 2022 a new version of 27002 was launched and in October 2022 a new version

On August 17th 2023 the organization formerly known as (ISC)² announced a rebranding to reflect its growing global membership and expanded role in strengthening the influence, diversity and vitality of cybersecurity professionals around the world. The rebrand includes the name change from (ISC)² to ISC2 to improve global accessibility and ease translation across all languages. Originally founded to develop a program and common body of knowledge for the certification of cybersecurity professionals, ISC2 has expanded its range of offerings to meet the needs of its diverse and global community. Since 2020,

This Introduction to GDPR training on the European Union General Data Protection Regulation (GDPR) provides a comprehensive overview of the GDPR's key concepts and requirements, its implications across industries, and practical steps to achieve compliance.   Watch the Introduction to GDPR video to learn: What GDPR is and how it strengthens the privacy rights of data subjects Who are considered data subjects under GDPR Why is GDPR important and what are the benefits to data subjects and organizations What are the obligations and requirements for Data controllers and Data processors when handling

According to IBM's latest report, the average cost of a data breach in 2023 has surged to $4.45 million. This represents a 2.3% increase compared to the previous year and a 15.3% rise from the figures recorded in 2020.     The report highlights the key factors influencing data breach costs. These include: involving law enforcement when handling ransomware incidents the industry in which the breach occurs, with healthcare and financial sectors facing the most significant costs, and the scope of the breach, especially if it affects multiple environments. One of the other insights

  In our digitally connected era, information security is paramount for organisations. Published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), ISO 27001:2022 is an international standard that details the requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). In this series of articles we’ll explore its benefits, limitations, and the latest updates. By Richard Nealon About ISO 27001 I’ve always been a fan of 27001, even before it was born. Back in the early 1990s there were only two publicly available computer security

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment. The PCI Security Standards Council (PCI SSC) released the latest version 4.0 of the PCI Data Security Standard (PCI DSS) on 31st of March 2022. This article aims to provide an overview of the changes introduced in PCI DSS 4.0 and offer recommendations for organisations to remain compliant. Why is the Transition Important? Revisions introduced by PCI DSS

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. PCI DSS v4.0 Requirement 6.2.2 focuses on software security training for development personnel working on bespoke and custom applications.   Overview The PCI DSS v4.0 Requirement 6.2.2 mandates that software development personnel must receive training at least once every 12 months. The training should cover the following crucial areas: Software Security Relevant to Their Job Function and Development Languages: Developers