Cyber Defense eMagazine June 2020 Edition
Cyber Defense eMagazine June Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine June Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
The second group of organizations successfully adopt applicable standards and guidelines and make<br />
valiant efforts to abide by them. The problem resides in the interpretation of those resources. These<br />
valuable resources are written by industry experts charged with providing detailed explanations of<br />
cybersecurity practices at a very concrete level. The organization is left to make their own<br />
interpretation that sometimes can lead them into a direction that will be more costly, compared to if<br />
they were not to have adopted the standard and guideline in the first place. Thankfully, recent books<br />
have been published that provide greater understanding into such cybersecurity areas as:<br />
understanding and applying the National Institute of Standards and Technologies (NIST)<br />
<strong>Cyber</strong>security Framework, standardized approaches for implementation of cybersecurity controls,<br />
understanding cybersecurity risk management and the implementation of risk practices using the<br />
NIST Risk Management Framework, implementing guidelines that support cybersecurity<br />
management throughout the entire supply chain, and how to make an organization truly cyberresilient.<br />
Similarly, educational Institutions have struggled to find the right fit for how to prepare students for<br />
careers in cybersecurity. Since the turn of the century many Information Technology programs saw<br />
cybersecurity as solely the need to implement technology aimed at protecting information; hence the<br />
reason for the old way of referring to the field as “Information Security”. Programs taking on that<br />
understanding of the field prepare students with a narrow scope of simply presenting the technologies<br />
that protect information. And in many cases those presentations are done through simulated<br />
approaches.<br />
However, as the field of cybersecurity has evolved, educators cannot take as narrow of an approach<br />
to preparing students. Realistically, the field has become much more than just securing information.<br />
Rather it is becoming a discipline in and of itself, which encompasses a complete body of knowledge<br />
that requires standardized approaches (with well-defined outcomes) to introducing the expanded<br />
areas that make up the entire field of cybersecurity. No longer can someone be prepared for work<br />
within the field simply by understanding the difference between a router, switch, and firewall.<br />
<strong>Cyber</strong>security has expanded to the extent that data security, software security, component security,<br />
connection security, system security, human security, organizational security, and societal security<br />
should all necessarily be included (from an interdisciplinary approach) within cybersecurity curriculum<br />
in order to adequately prepare individuals for work within the field. And to that extent, organizations<br />
should endeavor to understand the interdisciplinary knowledge of the individuals that they hire.<br />
To support the growing need for standardized and interdisciplinary approaches of educating future<br />
professionals in the entire cybersecurity body of knowledge, two standards have been developed to<br />
assist educational institutions in the development of their cybersecurity curriculum. NIST published<br />
the second version of the “National Initiative for <strong>Cyber</strong>security Education (NICE) <strong>Cyber</strong>security<br />
Workforce Framework” in 2017. NICE breaks the field of cybersecurity down into specialty areas and<br />
specifies what each areas of the workforce should be doing to ensure that security functions of<br />
identification, protection, defense, response, or recovery are being carried out properly.<br />
Similarly, later that same year, the Joint Task Force on <strong>Cyber</strong>security Education in association with the<br />
Association for Computing Machinery (ACM), IEEE Computer Society (IEEE-CS), Association for<br />
Information Systems Special Interest Group on Information, Security and Privacy (AIS SIGSEC), and<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> –<strong>June</strong> <strong>2020</strong> <strong>Edition</strong> 30<br />
Copyright © <strong>2020</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.