State of the Industry - (ISC)2's Global Workforce Study

The EU's General Data Protection Regulation (GDPR) was adopted on April 14, 2016 and threw infosecurity and privacy teams into chaos. While teams were trying to get their arms around the new regulations and rules, the UK voted to leave the EU, throwing another big wrinkle into the mix. What does all of this mean to you and your compliance and regulation efforts? What does the Brexit vote mean for the GDPR and for the UK's infosecurity and privacy rules? Imperva sponsors an (ISC)2 From the Trenches webinar discussion on this and answers questions from the audience on July 28, 2016 at 1:00PM Eastern.

Detecting and investigating malicious or unintentional activity is a time consuming effort and an inefficient use of our limited resources. All too frequently, we discover something is amiss and realize that problem has existed for a long time, yet it's just come to your attention. How can an organization increase the speed of detection of malicious activity? Can detection and investigation processes benefit from "hitting the afterburners"? Join RSA Security and (ISC)2 on June 30, 2016 at 1:00PM Eastern for a discussion on detection and investigation visibility and what to leverage to make threat detection effective.

New challenges demand new approaches: IANS lights the path to CISO leadership with in-depth research and innovative models based on how top-performing CISOs earn a seat at the table. Join (ISC)2 and IANS on May 12, 2016 at 1:00PM Eastern as IANS presents research findings from the '7 Factors of CISO Impact' to life and illustrate how advanced CISOs and teams have progressed from Foundational, to Transitional, to Executive status with their programs and teams.

In today's multi-device, mobile world, securing corporate data is of the utmost concern for the enterprise. But restricting data flow and access is simply not aligned to the business requirements of the workforce. So how can the enterprise protect its data from external (and internal) threats without prohibiting productivity for its knowledge workers? Join Code42 and (ISC)2 on World Backup Day, March 31, 2016 at 1:00PM EST for a discussion on how to leverage endpoint backup as a core component of your data security strategy and achieve additional security benefits.

Last month, we talked about cloud providers and agreements with them and how users can go rogue and establish their own agreements for services. While this is an issue for organizations, contracts with 3rd parties and other suppliers are a necessary evil and cause headaches and heartburn for infosecurity departments. Being risk adverse by nature, security practitioners want to make sure that contracts and Service Level Agreements are comprehensive and address all their concerns. Enter the legal department. To navigate through all of this, security practitioners and their legal teams need to work hand-in-hand to get the best terms and coverage they feel they need. What's the best way to do this? Join (ISC)2 on January 14, 2016 at 1:00PM Eastern for our first From the Trenches webcast of 2016 where we talk about contracts, SLAs, indemnification and working with legal departments to get the agreements you need.

In last month's webcast, we took a look at Leveraging the Cloud for Healthcare Security (https://www.brighttalk.com/channel/13161). This month, we'll continue the conversation as we get more in-depth about preventing breaches, the use of encryption, HIPAA compliance and Electronic Healthcare Records (EHRs). Join (ISC)2 for our next "From the Trenches" webcast December 15, 2015 at 1:00PM sponsored by Sophos as we delve further into important healthcare security issues.

While compliance frameworks and corporate edicts are well and good, many companies are seeing their intellectual property and other sensitive information being placed in the cloud....all without the knowledge of the security team. Well meaning employees buy cloud services from their credit cards and create shadow IT infrastructures then access and store corporate data there. What can a company do to mitigate this practice, but also focus on the discovery and identification of what data is already in the cloud, as well as maintaining visibility and control of that data moving forward. Join Symantec and (ISC)2 on November 24, 2015 at 1:00PM Eastern for a discussion on Cloud, Compliance and end users who do the wrong thing (for the right reasons).

More and more healthcare providers are adopting a cloud strategy to store information and take advantage of the technology. But there's much to be concerned about. From HIPAA concerns to mobile device management to securing new cloud applications, security practitioners in the healthcare space have a great deal to concern themselves with. Join Symantec and (ISC)2 on October 29, 2015 at 1:00PM for our next "From the Trenches" webcast focusing on these issues and more.

(ISC)² and CSA recently developed the Certified Cloud Security Professional (CCSP) credential to meet a critical market need to ensure that cloud security professionals have the required knowledge, skills and abilities to audit, assess and secure cloud infrastructures. Join Jim Reavis, CEO of Cloud Security Alliance and David Shearer, CEO, (ISC)² on August 20, 2015 at 1:00PM Eastern to learn more about the CCSP, the qualifications for it and the future of cloud security.

The biggest challenge in security is no longer technology. We need to rise from recognition as security experts and experts within security teams to leaders protecting information from a world of risk and vulnerabilities.

Michael Santarcangelo cracked the code on the pathway to becoming an exceptional security leader. On July 30, 2015 at 1:00PM Eastern Michael will share the Exceptional IT Leadership Framework, including the 5 foundational elements, 9 competencies, and 5 essential habits. The webcast will explore the benefits of a framework-based, competency-driven approach to developing your leadership and how to assess where you really are in your leadership journey.

As an (ISC)2 member or a practitioner considering certification or membership, wouldn't you like to have the ability to interact with an (ISC)2 Board Member, Director or Manager to ask questions or discover what's being worked on within the organization that will benefit the members or the industry in general? Our new webinar series, Inside (ISC)2 will feature various key personnel within the organization interacting with and answering questions from members and non-members alike in a moderated webcast setting. This is chance to find out, first hand, what's going at (ISC)2 and ask your questions of the key people making decisions at the organization. First up, join us on May 28, 2015 at 1:00PM as David Shearer, Executive Director, stops by to answer your questions.

Electronic Healthcare Records (EHRs) and the information they contain have become the top target of cybercriminals around the world. Several high profile healthcare-related data breaches have made the headlines in recent months and more are sure to come. What is it about the information contained in EHRs that is so enticing and how can it be better secured? Join (ISC)2 and Sophos on May 21, 2015 at 1:00PM Eastern for a discussion of the security of healthcare data and approaches on how to better protect this type of information.

Every two years, (ISC)2 surveys infosecurity practitioners from around the world about the profile of the global information security workforce. This year, over 12,000 professionals from 135+ countries responded to the survey to provide invaluable insight about their careers, positions and organizations. Join Julie Peeler, (ISC)2 Foundation Director and other industry experts on April 30, 2015 at 1:00pm Eastern for an examination and discussion of the survey results, gain insight into what hiring managers and looking for in job candidates, the areas of expertise in demand and the challenges facing infosec pros around the world.

Osterman Research and (ISC)2 recently conducted a survey of individuals in mid-sized and large organizations on how they choose off-the-shelf applications, how they develop custom applications, and how they select third-party application developers. Join (ISC)², Michael Osterman and a panel of experts for a discussion about the findings from the survey and the state of software development quality on Tuesday, April 7th at 1:00pm Eastern. Attendees will also have the opportunity to download the entire survey report.

What’s in your mobile or BYOD policy? Do you "wipe” lost or compromised devices? Is that even legal in your jurisdiction?

As the perimeter has moved from the data center to our pocket, responding to and managing security incidents have become much more complex. With the introduction of BYOD strategies, forensics and e-discovery processes have had to adapt, leaving many organizations ill prepared if their response tactics haven’t kept pace with the rate of change.

Join (ISC)2 on September 4, 2014 at 1:00PM Eastern for our new "From The Trenches" series where we gather three industry practitioners to discuss their experiences with the collision point between mobility solutions and incident response. ​​

Join this unique roundtable chat with three InfoSec Professionals who have recently climbed the BYOD mountain and come back down to share their stories. We’ll discuss the industry and regulatory differences, managing user expectations of privacy, legal implications and technical pitfalls in this 60 minute Security Leadership Series webinar, brought to you on April 10, 2014 at 1PM Eastern in partnership with Capella University.