Friendster, Facebook, Youtube, and MySpace: These are just a few of the Web 2.0 sites that we are seeing sprouting everyday on the Net. If you happen to own or manage a Web 2.0 asset, you need to be aware of the latest wave of cybercrime threatening the very existence of your site. With knowledge [...]

The Gramm Leach Bliley Act, signed into law by President Clinton on November 12, 1999, established regulatory authority for multiple agencies to “establish appropriate standards for the financial institutions subject to their respective jurisdictions relating to the administrative, technical, and physical safeguards for customer records and information.” The GLBA document, available for download in the Resources [...]

I have found that most of my customers are trying to assign metrics to things that are still dynamic and moving. I see metrics thrown all over the place that end up being useless and adds more to the confusion when trying to understand the true health of a company’s security position. In my opinion, [...]

Another piece that contributes to the thinking that you have to learn security incorrectly for the exam is the INSTRUCTORS. I cannot tell you how livid I have become over the years where I hear instructors tell students that they just need to memorize the CISSP type of answers, even though that is not really [...]

The other common statement is just as crucial to understand, which is that you have to learn security how (ISC)2 sees security. I have heard this a million times when teaching CISSP courses and from e-mails to me, CISSP forums, etc. Again, I do not like and cannot fully support the way the CISSP exam [...]

So to get back to the crux of this message, I still hear people complain about having to learn things that they don’t have to know for their jobs and that they have to learn topics the way that (ISC)2 defines them. When I am teaching a class, I cover these complaints in-depth because students [...]

When I took my CISSP exam, I was like most people who take it – I knew just enough to pass the exam, but I had to memorize things because I did not fully understand them. This made me very disappointed. My goal has never been to get as many certifications following my name as [...]

For years I have heard people complain about having to learn things for the CISSP exam that they would never use in their life. When I was studying for this exam several years ago, I said the same types of things. I also hear people saying that they have to learn security through (ISC)2’s view [...]

By Shon Harris http://www.LogicalSecurity.com I have been in the "CISSP world" for over 10 years now. I have taught it for 8 years around the world for corporate and government agencies. I have written books on it, developed products, webinars, study materials, etc. Over the years I have noticed that the students who are attempting to achieve their [...]

Evolving technologies, security, software updates, and regulatory compliance continue to drive training services, but Harris has witnessed a distinctive shift during the past three years from a brick-and-mortar model to online learning. "Everyone agrees that doing an online class just isn’t the same as in person; that’s where we’ve gone because it’s easier, and we [...]