Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

“This is the golden era of application security,” says Founder of Manicode Security and secure coding trainer Jim Manico on episode 26 of The Secure Developer podcast. Ten years ago, Manico says, security training was “a quirky thing to do — something to do on the side.” Now, assessment tools are mature, good literature on assessment makes knowledge more accessible, and a wide range of intelligent people are building secure applications.

Every security framework recommends that an organization has a cybersecurity training program for all employees, but few give much guidance about what the program should contain. What do you train them on? What actually works? Other than checking a box on the compliance forms, are these programs useful?

One of the main questions I get asked from people looking to get started in Cybersecurity is, “What certification(s) do I need?”. Who you ask and the number of people you ask will determine the number of different answers you will get back on this question. A few short years ago, there was no such thing as a cybersecurity professional. At first, people working in system administration or development were asked to take on the additional role of handling security for an organization.

We all know how hard it is for companies to fill open cybersecurity positions. But is the situation improving? What are the root causes of the problem? And most importantly—what can be done about it?

Calico Open Source is an industry standard for container security and networking that offers high-performance cloud-native scalability and supports Kubernetes workloads, non-Kubernetes workloads, and legacy workloads. Created and maintained by Tigera, Calico Open Source offers a wide range of support for your choice of data plane whether it’s Windows, eBPF, Linux, or VPP. We’re excited to announce our new certification course for Azure, Certified Calico Operator: Azure Expert!

Netskope Academy is pleased to introduce the Netskope Cloud Security Certification program. This new program provides an opportunity for customers, partners, and employees to validate their skills and be recognized for their knowledge of the Netskope Security Cloud platform, as well as general cloud security technologies. The program is launching with two levels of high-stakes, third-party proctored certifications, with more to follow.

We all know how important security awareness training is for an organization. Moreover, we try to enhance our efforts by weaving security into the “culture” of the organization. Yet, from the employee’s perspective, it all gets very stale. It seems like it is always the same message, but if that is the case, why hasn’t this knowledge been adopted into the corporate consciousness? Perhaps it is our approach.

A critical part of improving a business’ cyber resilience is ensuring staff, including the executives and the board of directors, are all champions of promoting and driving awareness when it comes to cybersecurity. Many company do have this understanding, and one way to measure the importance organizations are placing on cybersecurity is by expenditures.

On May 1, 2021, ISC² implemented a refreshed set of objectives for the CISSP certification exam for security professionals in order to keep it relevant to the latest technologies and cybersecurity standards, requirements and processes. New information security concepts, terms and acronyms have been added and others are better covered.