Recent problems experienced with Ransomware are evident from infections, which have occurred in 99 countries including China and Russia. The organization that was worst hit by the attack was the National Health Service in England. It was reported that there was a WannaCry programme that demanded...

(ISC)2 Finds IT Professionals are an Underutilized Cybersecurity Resource

Underutilized Cybersecurity Resource

Largest association of certified cybersecurity professionals enables IT pros to more quickly attain SSCP® certification and bolster their organization’s security posture

CLEARWATER, Fla., Sept. 13, 2017 /PRNewswire-USNewswire/ — (ISC)² today announced findings of its study IT Professionals are a Critically Underutilized Resource for Cybersecurity. The report underscores how many organizations are not fully maximizing the opportunity to empower and equip their IT staff – the very individuals most often tasked with implementing security policy and technologies – with the education and authority they need to effectively bolster their cybersecurity. The research is based on responses from more than 3,300 IT professionals worldwide who participated in the 2017 Global Information Security Workforce Study.

The report can be downloaded here.

Our findings suggest too many organizations overlook a tremendous pool of cybersecurity talent already on staff and intimately familiar with their infrastructure and processes,” said (ISC)² CEO David Shearer, CISSP. “The quickest way for many organizations to bolster their cyber defense is through continuous security education and empowerment of their IT team. Security is a shared responsibility across any enterprise or government agency. Unless IT is adequately trained and enabled to apply best practices across all systems, even the best security plan is vulnerable to failure.”

Key findings from surveyed IT professionals include:

  • 43% said their organization doesn’t provide adequate resources for security training
  • Only 35% agreed their security suggestions are acted upon
  • 55% said their organization doesn’t require IT staff to earn a security certification
  • 63% said their organization has too few security workers
  • 51% said their systems are less able to defend against a cyberattack compared to a year ago
  • Hiring managers rank communication skills (62%) and analytical skills (52%) as their top desired skills for new candidates, while IT pros cite cloud computing and security (64%), and risk assessment and management (40%) as top skills they believe are needed

IT Security Education and Certification

To help organizations bolster their cybersecurity expertise within IT, (ISC)² today also announced a new prerequisite pathway for its Systems Security Certified Practitioner (SSCP) certification. IT professionals and others who have earned a cybersecurity or computer science degree from an accredited college or university can attain certification without completing one year of paid, full-time work experience previously required in addition to passing the SSCP exam and completing the (ISC)² endorsement process. This creates a more streamlined path to SSCP cybersecurity certification for qualified IT professionals.

SSCP is an ideal cybersecurity certification for IT professionals responsible for the hands-on operations of securing their organizations. Those who earn the SSCP demonstrate their technical skill to implement, monitor and administer IT infrastructure using defined security policies and procedures, as well as the ability to protect the confidentiality, integrity and availability of data. The SSCP encompasses security operations and administration; risk identification, monitoring and analysis; incident response and recovery; network and communications security; system and application security; and cryptography.

Organizations can leverage (ISC)² Enterprise Solutions to educate and prepare their IT teams to pass the SSCP exam and start contributing to a stronger cyber defense immediately.

Learn more about the SSCP certification and (ISC)² cybersecurity education opportunities at www.isc2.org/SSCP.

Download the study IT Professionals are a Critically Underutilized Resource for Cybersecurity here.

About (ISC)²®

(ISC)² is an international nonprofit membership association best known for its award-winning Certified Information Systems Security Professional (CISSP®) certification, with additional certification and education programs that holistically address security. Our membership, 125,000 strong internationally, is made up of sought-after cyber, information, software and infrastructure security professionals who are making a difference and helping to advance this new industry. Our vision to inspire a safe and secure cyber world reaches the general public through a commitment to social responsibility via our charitable foundation – The Center for Cyber Safety and EducationTM. For more information on (ISC)², visit http://www.isc2.org, follow us on Twitter or connect with us on Facebook.

About CloudBuzz

Daily tech news snapshots and insights from around the world...


Hack of U.S. securities regulator rattles investors, stirs doubts

By CloudBuzz | September 21, 2017

WASHINGTON/NEW YORK (Reuters) – Wall Street’s top regulator faced questions on Thursday about its defenses against cyber criminals after admitting hackers breached its electronic database of corporate announcements and may have used it for insider trading. The incursion at the…

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

By CloudBuzz | September 21, 2017

Servers Expose Over 1 Billion Records As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making…

Thales Joins the Microsoft Enterprise Cloud Alliance

By CloudBuzz | September 21, 2017

SAN JOSE, Calif., Sept. 21, 2017 /PRNewswire/ — Thales, a leader in critical information systems, cybersecurity and data security, is now a member of the Microsoft Enterprise Cloud Alliance (ECA). Designed to foster innovation and promote awareness of partner solutions, the ECA membership…

Addressing the UK NCSC’s Cloud Security Principles

By CloudBuzz | September 20, 2017

As your organization adopts more cloud services, it’s essential to get a clear picture of how sensitive data will be protected. Many authorities, from government regulators, to industry standards bodies and consortia, have provided guidance on how to evaluate cloud…

RiskVision Named 2017 Cybersecurity Breakthrough Awards Winner

By CloudBuzz | September 20, 2017

RiskVision Named 2017 Cybersecurity Breakthrough Awards Winner for Enterprise Risk Management (ERM) Software of the Year SUNNYVALE, CA–(Marketwired – Sep 20, 2017) – RiskVision, the enterprise risk intelligence company formerly known as Agiliance, today announced that the RiskVision platform has…

Amazon working on ‘smart glasses’ as its first wearable device: FT

By CloudBuzz | September 20, 2017

(Reuters) – Amazon.com Inc is working on its first wearable device – a pair of ‘smart glasses’, the Financial Times reported on Wednesday. The device, designed like a regular pair of spectacles, will allow Amazon’s digital assistant Alexa to be…