(ISC)2 Report: Glaring Disparity in Diversity for ...

Network Computing Dark Reading

Advertise

About Us

Oldest First | Newest First | Threaded View

[close this box]

100%

[email protected],
User Rank: Moderator
3/19/2018 | 1:36:39 PM

ISC2 Rpt - Response

I'm not commenting on the diversity issue as much as I am the inability to get into the field. Last year I embarked on a quest to transition from the Help Desk into CyberSecurity. I completed the Sec+ certification the CISA course. After nine months of no responses I decided the $600 for the CISA exam on top of $1200 for the course were no longer worth the hassle.

Prospective Employer: So I see you don't have a lot of experience in CyberSecurity.

Response: Correct, which is why I'm willing to start out at associate level to work my way up and to prove I can do it.

Prospective Employer: Okay, thanks we'll let you our decision.

After nine months of those type responses, out of pockets expenses for Sec+ course, cert exam, CISA course and ISACA membership, I decided enough was enough.

Maybe if employers were willing hire people with demonstrated abilities and the motivation to do the job some of those vacancies could be filled. Just a thought.

Reply | Post Message | Messages List | Start a Board

50%

Araedon,
User Rank: Apprentice
3/20/2018 | 7:44:36 PM

Re: ISC2 Rpt - Response

I fully agree with you that the industry is difficult to get into in most cases. Especially if you go from helpdesk straight to cybersecurity. What most are looking for is a transition from helpdesk to system administration and then to cybersecurity. If you aren't performing security-related activities, it's hard to progress. Some see helpdesk as a phone representative answering calls. In some organizations helpdesk is actually system or network administration. To earn the full CISSP certification you have to have five years of work in at least two security-related domains. The only place where I've seen relatively easy transition is government positions. There really is no cybersecurity internship or entry-level positions. You're either middle or upper management.

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

How to Better Secure Your Microsoft 365 Environment

Kelly Sheridan, Staff Editor, Dark Reading, 1/25/2021

Many Cybersecurity Job Candidates Are Subpar, While On-the-Job Training Falls Short

Robert Lemos, Contributing Writer, 1/27/2021

Attackers Leave Stolen Credentials Searchable on Google

Kelly Sheridan, Staff Editor, Dark Reading, 1/21/2021

Webinars

Securing and Monitoring Networks in the 'New Normal'

What We Can Learn from Sports Analytics

How Elite Analyst Teams are Transforming Security with Cyber Reconnaissance

Webinar Archives

White Papers

A Technical Deep Dive on Software Exploits

Centralized Security Policy Management Across Hybrid Cloud Environments Should be an Obvious Strategy

5 Steps to Zero Trust in the Data Center

The Value of Threat Intelligence with DomainTools: Identify Threats 82% Faster

The Essential Guide to Securing Remote Access

More White Papers

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

2020: The Year in Security

Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Assessing Cybersecurity Risk in Today's Enterprises

COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.

Download Now!

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

Building an Effective Cybersecurity Incident Response Team

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2021-3142
PUBLISHED: 2021-01-28

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-35128. Reason: This candidate is a reservation duplicate of CVE-2020-35128. Notes: All CVE users should reference CVE-2020-35128 instead of this candidate. All references and descriptions in this candidate have been removed to preve...

CVE-2020-35124
PUBLISHED: 2021-01-28

A cross-site scripting (XSS) vulnerability in the assets component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript through the Referer header of asset downloads.

CVE-2020-25782
PUBLISHED: 2021-01-28

An issue was discovered on Accfly Wireless Security IR Camera 720P System with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CNetClientManage::ServerIP_Proto_Set during incoming message handling.

CVE-2020-25783
PUBLISHED: 2021-01-28

An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated heap-based buffer overflow in the function CNetClientTalk::OprMsg during incoming message handling.

CVE-2020-25784
PUBLISHED: 2021-01-28

An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CNetClientGuard::SubOprMsg during incoming message handling.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]