The Certified Information Security Manager (CISM) certification is for IT security professionals seeking to validate their security skill set. One exam is required to earn a CISM, and it is only available twice a year, on fixed dates in June and December.
We currently do not have any CISM related titles. Please check back later.
This article gives an overview of the CISM exam, covers “pain points," and offers practical tips on preparation you can use today to pass this difficult exam.
CISA and CISM target different professionals and offer different promises for people on different career paths. This article clarifies the differences between the two certifications and why you would choose one over the other.
This article describes provides some basics on attacks including denial of service (DoS), distributed DoS (DDoS) attacks, SYN flood, ping flood, port scan, sniffing attacks, and social engineering attacks.
This article provides an overview of common means to protect against loss of confidentiality, integrity, and availability.
When LinkedIn bought online training company Lynda.com in April 2015, a lot of people wondered what was really going on behind the scenes. A recent post from Steve Weiss, Content Manager for Business and Data Science at Linked (formerly at Lynda.com), helps put such speculation to rest: in a self-referential bow toward data mining/Big Data/Data Science, LinkedIn has been mining the heck out of its 400-million-plus user base and watching hiring decisions made under its purview to help the company target hot education topics. What's at the top of the list for 2016?
As that inimitable and always sly soothsayer, Yogi Berra, once said: "It's like deja vu, all over again," when it comes to chart-topping IT skills and technical areas for 2016. There are some recurring themes here to be sure, but also some newer technologies that promise to take up residence on the short list of what's hot for next year.
In August 2015, representatives of the United States Department of Defense (aka DoD, pronounced "Dee-oh-Dee") signed the 8140 directive. It replaces the now-outmoded (but not forgotten, for reasons I'll explain soon) 8570 directive. Both 8570 and 8140 require DoD personnel and contractors to obtain certifications in their work area specializations, particulary for IT-related job roles. This means that active duty military and DoD civilians who work in and around IT must obtain a variety of security credentials based on NIST's definition for the National Initiative for Cybersecurity Education (aka NICE). The devil, as always, is in the details, so let's look at some of them more closely.
In my line of work, I get asked to listen to countless product pitches and watch oodles of demonstrations. It can be informative and sometimes even mildly interesting, but I seldom find myself saying "I've got to see more of this stuff, and use it myself." A rare exception to this general trend hit me over the head earlier this week when I finally got together with members of the Spanish-based company Panda (a name many readers will recognize thanks to their long-standing and highly regarded anti-malware product offerings) to walk through the company's Adaptive Defense product instead.