Of all the areas under his direction - business continuity, GRC, data governance - third-party risk is the most challenging, says Peter Gregory, senior director of cyber GRC at GCI General Communications Inc. "Their breach is my breach," he says, offering mitigation advice.
Accreditation organization CREST has concluded an investigation into whether NCC Group employees cheated on its penetration-testing exams, finding that the cybersecurity business's training materials violated its rules. It says NCC Group has agreed to overhaul its processes and demonstrate compliance.
Today, security is everyone’s business—and it’s the foundation of everything you do in the cloud. AWS Cloud security training helps you build your skills quickly and effectively—with the flexibility to learn on your own terms.
Improving your security expertise can give you the confidence to innovate more...
As an international bank, Barclays needed to invest more in its information security training in order to minimize risk and ensure business continuity. The goal was learn and teach the modern way to minimize a security breach posed by the latest advanced threats.
Cyber sieges immerse teams in real-world cyberattack...
The cybersecurity sector has made strides in growing its workforce and improving diversity. But significant hurdles remain, and Clar Rosso, CEO of (ISC)², says the keys to clearing them include training and refining current hiring practices.
A recent study showed that even though 82% of cybersecurity professionals are familiar with the MITRE ATT&CK framework, only 8% said they used it regularly. This led to development of the new MITRE ATT&CK Defender training and certification. Rick Gordon of MITRE Engenuity explains.
CIO. Consulting CISO. Mentor. Activist on behalf of recruiting more women for cybersecurity and leadership. Jo Stewart-Rattray has filled many roles, and she has great insights to share with those who are starting or changing careers.
The latest edition of the ISMG Security Report describes new details emerging from the SolarWinds supply chain hack investigation. Also featured: A discussion of why security education is so crucial in 2021 and tips on how to retain security and operations center analysts.
The shortage of trained cybersecurity workers has substantially declined this year as many more individuals entered the field, says Clar Rosso, CEO of (ISC)², the U.S.-based nonprofit association that offers training to cybersecurity professionals.
Linda Gray Martin and Britta Glade, organizers of the three-day RSA APJ Conference that starts July 15, describe their efforts to create a virtual event to replace the usual gathering and provide an overview of educational content.
Students are increasingly turning to online universities as part of their educational experience. To keep students engaged, these platforms must provide positive user experiences, be consistently available, and remain secure. Cloudflare provides a scalable, easy-to-use, unified product stack to deliver security,...
Udacity is an online education company focused on making entry-level tech jobs more accessible through "Nanodegree" educational programs. Students from hundreds of different countries have gone through Udacity's programs, and some have been hired by top tech companies including Google, Amazon, and Facebook....
Many corporate boards of directors in India have made progress in recognizing cybersecurity as a priority. But clearly, they still have a lot of work to do. Panelists at a recent ISMG summit in Bengaluru offer insights.
From the days of Rosie the Riveter, women have been closing the ranks in the disparity in gender in the workplace. Why, then, do women in the tech sector lag woefully behind?
Ann Sung Ruckstahl, senior vice president and chief marketing officer for Unisys, recently discussed the challenges "We're still in the middle...