Home - ISC2 Community

Home - ISC2 Community
Help
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Show
only
Search instead for
Did you mean:
(ISC)²
Community
Community
Discussions
Welcome
Tech Talk
Industry News
Governance, Risk, Compliance
Threats
Cloud Security
Members
Member Support
Member Talk
CPE Opportunities
Chapters
ISC2 Security Congress
Certification
Exams
Exam Preparation
Become A Member
Groups
Certification Groups
Study Groups
Special Interest Groups
Chapters
Asia Pacific Chapter Groups
Europe, Middle East, Africa Chapter Groups
Latin America Chapter Groups
North America Chapter Groups
Career
Cybersecurity Job Openings
Career Discussions
Blog
ISC2 Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Show
only
Search instead for
Did you mean:
MEMBERS
78.4K
USERS ONLINE
909
POSTS
45.2K
Latest Posts
Subject
Author
Posted
Re: HELP with Risk ALE calculation question in Tra...
CISSP Study Group
Guitarpy
yesterday
Re: WhatsApp active study group
CC Study Group
hassannittof
yesterday
Re: group reading
CC Study Group
miracle
yesterday
Re: group reading
CC Study Group
miracle
yesterday
group reading
CC Study Group
miracle
yesterday
View All
Latest Topics
group reading
CC Study Group
by
miracle
yesterday
Latest post
yesterday
by
miracle
Replies
41
Views
CC Exam updated Questions
Tech Talk
by
cecefeg
Wednesday
Latest post
Wednesday
by
nkeaton
Reply
118
Views
CC Exam Questions
Tech Talk
by
cecefeg
Wednesday
Replies
54
Views
2026 Volunteer Appreciation email
Welcome
by
LarryR
Tuesday
Latest post
Wednesday
by
isc2jade
Reply
86
Views
LOOKING FOR ISC2 CHAPTER - ZAMBIA
Chapters
by
KatChis05
Tuesday
Latest post
Wednesday
by
KatChis05
Replies
95
Views
View All
Featured Discussions
Share Your Knowledge and Expertise!
by
mariatirado
in
Welcome
‎04-22-2025
11:04 AM
5 Kudos
Our members’ voices are a valued asset in helping us build strong cybersecurity knowledge. To the volunteers who participate in surveys and focus groups and contribute to our blog, thank you!

...
View more
Our members’ voices are a valued asset in helping us build strong cybersecurity knowledge. To the volunteers who participate in surveys and focus groups and contribute to our blog, thank you!

If you would like to contribute to these efforts or participate in other volunteer opportunities, visit: https://www.isc2.org/Volunteer/Volunteer-Opportunities
ALL THINGS CrowdStrike - July 2024 Incident
by
Kaity
in
Industry News
‎07-22-2024
11:24 AM
5 Kudos
Hi all! There are so many great discussions about CrowdStrike going on in this Community, but we want to bring them together in one place, so that folks can share and discuss efficiently!
A reminder on Community behavior
by
Kaity
in
Welcome
‎06-07-2023
04:16 PM
ISC2 is run for the benefit and advancement of its members, and always aims to create an inclusive organization which operates in accordance with the highest ethical standards. We will not tolerate d...
View more
ISC2 is run for the benefit and advancement of its members, and always aims to create an inclusive organization which operates in accordance with the highest ethical standards. We will not tolerate discrimination, disrespectful behavior, unfounded accusations, harassment or other unethical behavior directed towards other members, ISC2 staff or Board members under any circumstance. If members see any example of unethical behavior, they have an obligation to report it to the Ethics Committee with supporting evidence for investigation. Details of how to do so can be found here: https://www.isc2.org/Ethics
CISA mandates federal Civilian agencies to report software vulnerabilities
by
Caute_cautim
in
Governance, Risk, Compliance
‎10-03-2022
04:50 PM
12 Kudos
Hi All   The Improving Asset Visibility and Vulnerability Detection on Federal Networks, or BOD 23-01, directive is designed to improve “asset visibility and vulnerability detection on federal netw...
View more
Hi All   The Improving Asset Visibility and Vulnerability Detection on Federal Networks, or BOD 23-01, directive is designed to improve “asset visibility and vulnerability detection on federal networks,” Easterly told reporters during a CISA round-table discussion on Monday. Federal civilian agencies now will be expected to report detailed data about vulnerabilities to CISA at timed intervals using automated tools, she said.   https://www.cyberscoop.com/cisa-mandate-federal-agencies-cybersecurity/   Regards   Caute_Cautim
Reshaping the Threat Landscape: Deepfake Cyberattacks Are Here
by
Caute_cautim
in
Threats
‎10-03-2022
04:43 PM
10 Kudos
Hi All   Deep-fakes are here are part of the landscape, so how do we deal with them, once they are entrenched in other attack vectors?   It's time to dispel notions of deep-fakes as an emergent t...
View more
Hi All   Deep-fakes are here are part of the landscape, so how do we deal with them, once they are entrenched in other attack vectors?   It's time to dispel notions of deep-fakes as an emergent threat. All the pieces for widespread attacks are in place and readily available to cyber-criminals, even unsophisticated ones.   https://www.darkreading.com/threat-intelligence/threat-landscape-deepfake-cyberattacks-are-here   Regards   Caute_Cautim
What IT Security Certifications Are Growing As Desired By Employers
by
jbacon83
in
Industry News
‎09-30-2022
05:02 PM
28 Kudos
According to the Cyber Edge group's 2022 Cyber Threat Defense Report, employers interviewed indicated that certifications in cloud security and software security as shown below are in top demand.  Th...
View more
According to the Cyber Edge group's 2022 Cyber Threat Defense Report, employers interviewed indicated that certifications in cloud security and software security as shown below are in top demand.  These certifications would include the Certified Cloud Security Professional (CCSP) and Certified Software Security Lifecycle Professionals (CSSLP).    According to the trends I've been tracking on Indeed from employer job postings it appears however, the certification trends posted in employer job openings have the CISSP followed by ISACAs Certified Information Systems Auditor (CISA) as the top certifications. CCSP and CSSLP are among the lower ranked advertised certifications for employer job openings.  Maybe the new trend hasn't caught on yet with employer job advertisements?
Are C-suite Executives our greatest risk?
by
Caute_cautim
in
Governance, Risk, Compliance
‎09-05-2022
05:35 PM
Hi All   According to a PWC report, the C-Suite Executives are the greatest risk?  What do you think?   Do you concur or do you have another perspective?    https://securityboulevard.com/2022/0...
View more
Hi All   According to a PWC report, the C-Suite Executives are the greatest risk?  What do you think?   Do you concur or do you have another perspective?    https://securityboulevard.com/2022/08/pwc-survey-finds-c-level-execs-view-cybersecurity-as-biggest-risk/   Regards   Caute_Cautim
New! Join us as an (ISC)² Candidate – no exam, experience or fees required!
by
AndreaMoore
in
Become A Member
‎08-31-2022
10:01 AM
35 Kudos
We’re excited to announce that today we are launching a new program and now anyone can join (ISC)² as an (ISC)² Candidate! There is no experience requirement needed to join. You don’t have to pass ...
View more
We’re excited to announce that today we are launching a new program and now anyone can join (ISC)² as an (ISC)² Candidate! There is no experience requirement needed to join. You don’t have to pass an exam first. And, there are no fees to join. (Dues will be U.S. $50 annually to continue status after the first year). (ISC)² Candidates are eligible for the One Million Certified in Cybersecurity program and will be provided with free registration for the exam, as well as access to the online self-paced course.

If you’re not a member, but you’re interested in working in cybersecurity or you’re working in cybersecurity and interested in getting certified, (ISC)² Candidate is the program for you!

When you join, you’ll get access to discounted prices on education from (ISC)² as well as books and study guides, special event rates, webinars and more.

Questions? Visit https://www.isc2.org/candidate for more information! If you need to know more, post here or email candidate@isc2.org.

We hope you’ll join us as (ISC)² Candidates!
Is there such a thing as responsible Lawful Offense?
by
Caute_cautim
in
Governance, Risk, Compliance
‎08-25-2021
07:33 PM
1 Kudo
All   Is there such an acceptable for taking responsibility for lawful offense, given the current cybersecurity landscape and potential issues which have been going on for years, silently in the ba...
View more
All   Is there such an acceptable for taking responsibility for lawful offense, given the current cybersecurity landscape and potential issues which have been going on for years, silently in the background?   Do we need to have a set of ethics as to what is acceptable vs non acceptance?   What are your thoughts?   https://www.lawfareblog.com/responsible-cyber-offense   Regards   Caute_Cautim   Caute_Cautim
Best FREE CPE Oppurtunities? Is there a ISC2 Archive for Previous Webinars?
by
BestSelf
in
CPE Opportunities
‎08-04-2021
03:21 PM
24 Kudos
All,   I need to get 80 more CPE's by August 2022 to renew my CISSP. I normally go to numerous security conferences per year however did not do many in 2019 due to family issues. Then 2020-2021 was...
View more
All,   I need to get 80 more CPE's by August 2022 to renew my CISSP. I normally go to numerous security conferences per year however did not do many in 2019 due to family issues. Then 2020-2021 was COVID and all of my family was out of work so my focus was surviving/extra shifts at work over thinking about CPEs. The other problem is my current job is not that open about me taking off for security conferences, basically I have to use my personal PTO but used most of the PTO due to when I had COVID earlier in the year. I have signed up for Defcon and plan to maximize this weekend.   What are some other good FREE ways to get CPEs? I know SANS has their webcast (https://www.sans.org/webcasts/) that generate certificate of completion after fully watching each video. However, I would also like to use other sources outside of SANS. I know there is a ISC2 newsletter that reports CPE opportunities but I noticed many require paying for the events. Does ISC2 have an free on demand/archive for previous free webcasts that would generate CPEs after completion?   Also, I know there is the 2 CPEs for the InfoSecurity Professional magazine, can I go back to the previous months to get CPEs or does it have to be only for current and future editions?   Appreciate any help as I really want to spend much of this Fall and Winter catching up on CPEs. I am getting tons of anxiety over this as do not want my CISSP to lapse.   Thank You.
Questions from New Aspirant for Certification
by
CraginS
in
Become A Member
‎07-02-2021
11:58 AM
8 Kudos
I recently received in in-system private mail asking several questions about preparing for the CISSP exam. The questions themselves are likely to come to mind to many others, and there is no personal...
View more
I recently received in in-system private mail asking several questions about preparing for the CISSP exam. The questions themselves are likely to come to mind to many others, and there is no personal information in them. Thus, I am providing those questions and my answers here, to help others who may be concerned about the costs and steps to become certified.   =-=-== 1 - one of the pre-requisites that I read on ISC2 website is about proven past experience. So, when do I submit this proof? - before registering for exam or after? DCS: You do not need to verify your cybersecurity experience until after you have passed the exam. Once (ISC)2 notifies you that you have passed (not the provisional passing score at the testing center), you must either have an existing g(ISC)2 member (fully certified) endorse you for certification, having reviewed and verified your experience history as you provide to his satisfaction, OR you must send your experience history statement ot the (ISC)2 office adn ask them to endorse you. DO the latter only if you do not have a member who knows you personally and can endorse you.   2 - As a proof - My manager is willing to give me letter with details - would that be suffice with my employment and salary letters? DCS: you do not need to provide any salary information. However, a statement from your manager describing your information security experience, number of years performing the tasks, and organized according to the eight domains, can be used to either a local endorser or to the (ISC)2 staff.     3 - Can I appear for exam without the proof letter? or it is mandatory. DCS: You can take the exam with absolutely on infosec experience. You should not do so; but you can. If you do pass the test with no experience, you have wasted your time and money, because you have only two years to get endorsed with 4 or 5 years of domain-specific infosec experience. Therefore, you should not take the exam until you have at least three years of experience.     4 - Finally, the cost of course - it’s about 7500 USD! - Do I really need that? or I can prepare on my own with official books and prepare for exam. DCS: You are not required to take any preparation course. The only mandatory fee is for he exam itself. There are several ways to prepare, including online course, cooperative study groups. self-study, and the high cost intensive week-long classes. The 7500USD cost you refer is clearly for one of the official (ISC)2 or independent boot camp classes. You need not take that unless you really want to. Personally, I discourage such a class, unless you need it to focus your attention in one week. The reason for my recommendation is that such cram courses do not result in long term memory. Either multi-week cooperative study groups or even self study accordion to your own study plan will result in much better understanding and knowledge retention.   5 - if I avoid the course fee - I still need to arrange for 745 USD - for the CISSP exam. Is that correct understanding? DCS: Yes, you will have to pay the fee for the exam, itself, and take the exam at a testing center. =-=-=-=   Good luck, all!   Craig
Discover the ISC2 Community - Introduction Video
by
AndreaMoore
in
Welcome
‎09-22-2020
10:42 AM
20 Kudos
The ISC2 Community has been updated during the last few months. Take a look at this quick (2 minute) video to learn more about new features and where to find discussions in the Community. You can fin...
View more
The ISC2 Community has been updated during the last few months. Take a look at this quick (2 minute) video to learn more about new features and where to find discussions in the Community. You can find it on the Community homepage or click here to view.

DevSecOps certification
by
iluom
in
Tech Talk
‎09-23-2019
07:46 AM
3 Kudos
Hi all,     Can anyone suggest well recognized certification body for DevSecOps?   Thanks
Welcome
Discover the ISC2 Community
Questions about the ISC2 Community?
View our Community Usage Policies and Guidelines
Contact Community Administrator
Top Contributors
User
Count
nkeaton
27
Tite
11
EncryptedNorway
Early_Adopter
View All
Users online (947)