Latest news with #ISC2
Forbes
05-08-2025
- Business
- Forbes
Agentic Security Takes The Stage At Black Hat 2025
The cybersecurity community has descended once again on Mandalay Bay in Las Vegas for Black Hat USA 2025—and the mood feels different this year. It's not just hype about AI anymore. It's execution. Vendors and experts aren't just talking about artificial intelligence—they're showing how they're using it to solve real problems: shrinking response times, reducing alert fatigue and helping defenders reclaim control. Whether it's in the SOC, across the hybrid cloud, or embedded in application security, agentic AI is front and center. And that's not just a guess—it's coming straight from the folks driving the agenda. 'At Black Hat USA this year, I expect agentic AI to take center stage—particularly how autonomous systems can act as intelligent partners within the SOC,' said John Peterson, chief development officer at Sophos. 'The conversation will shift from AI as a tool to AI as a teammate.' That shift—from tool to teammate—is a theme echoed across the board. From Concept to Capability For years, AI was the shiny object at cybersecurity conferences. Now, we're seeing signs of real maturity. "AI is no longer treated as a trend," said Jon France, CISO at ISC2. "It is becoming a core part of how security teams operate." According to ISC2's 2025 AI survey, 44% of cybersecurity professionals say their organizations are actively rethinking roles and skills to keep up. That shift is visible in the agenda. Nearly 30 sessions are focused on AI, machine learning, or data science—including a full-day AI Summit aimed at helping practitioners integrate these technologies responsibly. Black Hat has also become a launchpad for the operationalization of GenAI in detection, response and risk management. 'This feels like a defining moment,' said Anurag Gurtu, CEO of Airrived AI. 'Agent-based automation is starting to reshape how teams approach everything from threat hunting to GRC.' The Threat Landscape Evolves—So Do Defenders Of course, it's not just defenders who are evolving. Attackers are adapting fast—and Black Hat 2025 will spotlight the growing threat of AI-generated phishing, LLM prompt injection and social engineering powered by generative models. That's what excites Nic Adams, CEO of 0rcus. 'Events delving into the university model for scaling novel attacks on LLMs and the subsequent development of countermeasures has piqued my interest,' Adams said. 'Conversations will be centered around the real-world impact of AI's incorporation into the systems on which we all depend.' Michael Mumcuoglu, CEO of CardinalOps, sees AI as a catalyst for proactive defense. 'Agentic AI workflows can autonomously analyze attack surfaces, understand adversarial behaviors and carry out remediation in real-time,' he said. 'It's a shift from reactive defense to anticipatory strengthening.' Hardware Identity, Supply Chains and 'Phantomization' AI isn't the only story this week. Mike Malone, CEO of Smallstep, is looking at the growing importance of hardware-bound identity in Zero Trust models. 'Verifying trusted hardware is increasingly essential,' he said, especially with AI systems initiating their own actions. Meanwhile, Michael Montoya, COO at BlueVoyant, is tracking new threat vectors through supply chain vulnerabilities. 'Third parties have become a new perimeter,' he warned. 'Our data shows 81% of C-level executives were negatively impacted by a third-party breach.' He's also expecting increased calls for tool consolidation, or what some are calling 'phantomization'—a strategy to unify disconnected security tools in a hybrid and multi-cloud world. That hybrid complexity is front of mind for others, too. 'AI is starting to be considered more and more as a risk, and as an opportunity,' said Gil Geron, CEO and co-founder of Orca Security. 'Using it for protecting environments is becoming essential to meet the challenges presented by internal usage of AI in terms of scale and privacy.' Geron points to the need for runtime and static protections that span public cloud, private cloud and on-prem infrastructure—especially as AI adoption accelerates. From AppSec to the Security Graph Software supply chain security and application security remain hot topics too. 'AI is transforming cybersecurity faster than any tech since the internet itself,' said Jonathan Rende, chief product officer at Checkmarx. 'We're focused on autonomous prevention by empowering developers and securing software throughout the supply chain.' And then there's the growing interest in graph-based security models. 'Black Hat 2025 will be a proving ground for cyber resilience,' said Raghu Nandakumara, senior director of industry strategy at Illumio. 'I'm especially interested in how vendors are leveraging the security graph to deliver deeper visibility and context.' What's Real and What's Marketing? As always, there's a fine line between innovation and buzzword overload. Joe Levy, CEO of Sophos, offered a helpful lens: 'The next wave in cybersecurity isn't just about AI—it's about convergence. Cybersecurity is becoming scalable, integrated and within reach for organizations of all sizes and means.' And Ira Winkler, CISO at CYE, had a pointed reminder: 'AI is really just math.' He also noted a growing trend—Black Hat is increasingly less about the formal event and more about the gravity it creates. 'You can fill your time entirely at side events. Black Hat has become more of a watering hole than a destination.' That may be true. But for now, the gravity remains strong. And if this week's conversations are any indication, the field of cybersecurity may be on the verge of its most significant transformation yet.
Cision Canada
16-07-2025
- Business
- Cision Canada
ISC2 Research Reveals Cybersecurity Teams Are Taking a Cautious Approach to AI Adoption
New study reveals 30% of cybersecurity professionals are already using AI tools, delivering insights into the early impact on team performance and hiring trends ALEXANDRIA, Va., July 16, 2025 /CNW/ -- ISC2 – the world's leading nonprofit member organization for cybersecurity professionals – today published its 2025 AI Adoption Pulse Survey to measure the adoption of AI security tools across cybersecurity teams. Based on insights from 436 global cybersecurity professionals employed by organizations of all sizes, the research assesses the impact of AI adoption on team effectiveness, entry-level jobs and cybersecurity hiring. "AI is reshaping how organizations operate, and cybersecurity is no exception," said ISC2 Chief Qualifications Officer Casey Marks. "Our latest AI Survey shows cautious but growing interest in AI security tools, with adoption expected to accelerate in the future. Encouragingly, 44% of professionals report no impact on hiring from current or expected adoption of AI security tools, and 28% see AI creating new opportunities for entry-level talent. Findings suggest that AI is helping cybersecurity professionals by automating repetitive tasks and enabling them to focus on more meaningful work." Adoption of AI Security Tools According to the AI Pulse Survey, 30% of cybersecurity professionals have already integrated AI security tools into their operations, defined in the survey as "AI-enabled security solutions, generative AI, and/or agentic AI for automatic action." Additionally, the majority (42%) are currently exploring or testing their adoption, indicating strong momentum toward future implementation. Among those who have already adopted AI security tools, 70% report positive impacts on their team's overall effectiveness. Top five areas where AI security tools will have the most positive impact on operations in the shortest amount of time - improving efficiencies and automating time-consuming tasks: Network monitoring and intrusion detection: 60% Endpoint protection and response: 56% Vulnerability management: 50% Threat modeling: 45% Security testing: 43% The largest organizations, with over 10,000 employees, lead the adoption of AI tools as part of their cybersecurity operations, with 37% actively using them. This is closely followed by mid-to-large (2,500–9,999 employees) and smaller (100–499 employees) organizations, each with 33% adoption. In contrast, mid-sized (500–2,499 employees) and the smallest (1–99 employees) organizations show the lowest adoption rates, with only 20% in each group actively using AI for security. Notably, the smallest organizations are also the most conservative, with 23% reporting no plans to evaluate AI security tools. Among industries adopting, evaluating or testing AI tools for their security operations, industrial enterprises (38%), IT services (36%), commercial/consumer sectors (36%), and professional services organizations (34%) are leading the way. In contrast, financial services and the public sector currently report the lowest adoption rates, at 21% and 16%, respectively. However, some industries with the lowest current adoption rates are most likely to be considering AI tool integration in the future. Within both financial services and commercial/consumer sectors, 41% of professionals reported actively evaluating these tools, while 36% of those in the public sector indicated the same. Impact on Hiring and Entry-Level Roles A majority of respondents agree that AI security tools will affect hiring at the entry level in cybersecurity. More than half (52%) say AI will significantly or somewhat reduce the need for entry-level staff. However, 31% expressed a more optimistic view, believing that AI will also create new types of entry- and junior-level roles or increase demand, helping to counter the decline elsewhere in early-career opportunities. Respondents expressed optimism about the wider cybersecurity hiring landscape amid AI adoption. Nearly half (44%) agreed that their organization's cybersecurity hiring has not yet been affected by the introduction of AI security tools. In contrast, 21% say AI has changed their hiring plans and priorities in their organizations. At the same time, it's clear that AI security tools are reshaping roles and responsibilities of existing staff. According to the survey, 44% of cybersecurity professionals said that their organizations are actively reconsidering the roles and skills needed to support the adoption and use of AI security tools. The survey report highlights key insights for organizations and hiring managers navigating the growing influence of AI in cybersecurity. As AI continues to evolve, organizations must strike a balance - embracing its efficiencies while prioritizing investment in entry-level opportunities to ensure the cybersecurity workforce remains agile, skilled and future-ready. To explore the full survey findings including how cybersecurity professionals are adopting AI tools, and its impact on team effectiveness, entry-level roles and hiring trends, read the full report here. About the 2025 AI Adoption Pulse Survey ISC2 conducted an online survey to measure adoption of AI security tools across organizations, and to better understand the impact of this adoption on team effectiveness, entry-level jobs and cybersecurity hiring. In total, n=436 professionals currently working in a role with cybersecurity responsibilities participated. The survey was posted on ISC2's member dashboard pages from May 13 to May 22, 2025. For the purposes of this survey, AI security tools were defined as "AI-enabled security solutions, generative AI, and/or agentic AI for automatic action." About ISC2 ISC2 is the world's leading member organization for cybersecurity professionals, driven by our vision of a safe and secure cyber world. Our more than 265,000 certified members, and associates, are a force for good, safeguarding the way we live. Our award-winning certifications – including cybersecurity's premier certification, the CISSP® – enable professionals to demonstrate their knowledge, skills and abilities at every stage of their careers. ISC2 strengthens the influence, diversity and vitality of the cybersecurity profession through advocacy, expertise and workforce empowerment that accelerates cyber safety and security in an interconnected world. Our charitable foundation, the Center for Cyber Safety and Education, helps create more access to cyber careers and educates those most vulnerable. Learn more, get involved or become an ISC2 Candidate to build your cyber career at Connect with us on X, Facebook and LinkedIn.
Geek Vibes Nation
04-07-2025
- Business
- Geek Vibes Nation
Mastering Virtual Cybersecurity Bootcamp Training For Fast Skill Growth
Cyber threats grow more advanced yearly, putting companies and their data at risk. The need for capable cybersecurity professionals has never been greater. According to (ISC)² Cybersecurity Workforce Study 2023, the global security workforce gap reached 4 million unfilled positions. Organizations struggle to find skilled talent fast enough to secure their networks. Remote, structured training programs help solve this gap. These programs allow working adults and career changers to build key skills from anywhere. Virtual learning removes barriers tied to geography and schedules, letting more people train for high-demand roles. How a Virtual Cybersecurity Program Bridges the Skills Divide Bootcamps use a focused training model. Students join with a cohort, completing real projects during intensive, scheduled sessions. Unlike self-study, a bootcamp offers a set curriculum, hands-on labs, instructor feedback, and deadlines. The format reduces distractions and helps students progress quickly. Learners build essential skills in weeks or months rather than years. A cybersecurity bootcamp online uses condensed modules and labs, so each lesson centers on practical tasks. This approach aligns well with the pace of today's threats and tight hiring timelines. Students often move from basic concepts to job-ready skills in a single program. Core Modules in Online Cybersecurity Training Virtual cybersecurity curricula focus on the fundamental skills employers want. Programs typically include the following modules: Module Typical Deliverables Skill Level Real-World Relevance Network Defense Labs, quizzes, packet analysis Beginner Protects systems from intrusions; core for many roles Secure Coding Code reviews, vulnerability fixes Beginner Prevents exploits from bad code in applications Threat Analysis Threat reports, capstone project Intermediate Helps spot, analyze, and report on real threats Incident Response Simulations, team exercises Intermediate Tests how to detect, contain, and recover from attacks Security Operations Monitoring labs, log reviews Beginner Focuses on daily risk management in security environments Employers look for candidates who have completed real projects—not just theory. Deliverables like hands-on labs and group exercises show proof of skill. Interactive Cybersecurity Training Techniques Hands-on practice drives skill growth. The best virtual bootcamps offer live labs and simulated attack environments. Students manipulate real-world tools and test defenses in sandboxed systems, evaluating threats without risk to personal devices. To get the most out of training, look for programs with these features: Cloud-based labs using current security platforms Guided simulations of cyber-attacks and defenses Team exercises for problem-solving and collaboration Red-team/blue-team drills for real incident training Peer code reviews to reinforce secure development Working with classmates on group projects or challenge exercises builds communication and collaboration—traits valued by employers. Building Your Cybersecurity Network During a Bootcamp Support plays a big role in successful bootcamp outcomes. Many programs assign personal mentors. Learners can attend instructor office hours for guidance. Peers connect through discussion boards, chat groups, or regular team projects, which fosters community. Career services also give students an edge: Resume and LinkedIn workshops Practice interviews with industry pros Direct connections with hiring employers Graduates often gain a network of peers and professionals beyond the classroom. This network can lead to job offers and industry insight. Tracking Success in Virtual Cybersecurity Programs Certification tracks boost employability. Most bootcamps prepare students for industry exams like CompTIA Security+, Certified Ethical Hacker (CEH), or Cisco's CCNA. Certifications show proof of skill. Data from the National Initiative for Cybersecurity Education (NICE) indicates that some bootcamp graduates see job placement rates above 75%, while those entering the field may increase their salaries by 20% or more after earning certifications. To strengthen job applications, students should: Add completed capstone projects to their portfolios Use instructor feedback to improve interview responses Highlight group experience to show teamwork abilities Next Steps for Aspiring Cyber Defenders Ready to start? Research program options that match your career interest Verify program accreditation before enrolling Register for a demo class or info session to see teaching style Review and secure financing options, scholarships, or payment plans Set small goals once enrolled: Finish the first module within one week Earn your first achievement badge Join a virtual networking session Security careers move fast, so stay curious and keep learning. The skills built today will shape the defenses of tomorrow.
Business Upturn
28-05-2025
- Business
- Business Upturn
Saviynt Study: Majority of Cybersecurity Professionals See AI Certifications as Career Boost Amid Global Talent Shortage
Bangalore, Karnataka, India: Saviynt, a leading provider of cloud-native identity and governance platform solutions, today released findings from its Identity Security for the AI Age (ISAA) program survey. The most striking insight: 94% of learners believe employers prefer hiring professionals with certifications – highlighting the growing importance of credentials in the evolving identity security landscape. Advertisement To directly address this growing desire from employers, Saviynt launched the no cost ISAA certification program, designed to equip learners with foundational identity security knowledge and practical insights into AI and machine learning (ML). The goal is to empower professionals with the expertise needed to counter evolving threats while helping close the cybersecurity talent deficit. Designed to offer a faster and more accessible path to cybersecurity training, the ISAA certification is helping early-career professionals and university students gain in-demand skills, while accelerating the development of identity-aware cybersecurity teams amid a global talent shortage. In parallel, Saviynt is working closely with universities in India and the U.S. to help students bridge the cybersecurity and identity security skill gap right at the grassroots level. By integrating ISAA training into academic programs, Saviynt is building a pipeline of talent ready to secure the digital future. Saviynt's ISAA program survey – based on responses from over 500 recent graduates and early professionals – also uncovered several other key findings. These include pressing talent demands and emerging trends shaping the future of cybersecurity career development: 69% already hold cybersecurity certifications, proving even seasoned professionals seek cutting-edge training. 94% of learners intend to pursue advanced certifications, showing strong belief in credentialing as a career asset. 33% of respondents were Solutions Specialists, reflecting demand for hands-on, real-world skills. More than half (52%) ranked the AI/ML curriculum as 'extremely relevant' to their goals. 'Certifications today are more than just proof of knowledge; they empower professionals to lead in a world where identity is the first line of defence,' said Shankar Ganapathy, chief operating officer at Saviynt. 'By offering free, AI-ready education, we are helping bridge the talent gap and providing employers with the verified skills they need. The fact that nearly 64% of respondents said the ISAA certification boosted their confidence in pursuing a career in identity security management underscores the importance of accessible, high-impact training.' Suraj Krishnaiah, vice president, Saviynt University, added, 'According to the 2024 ISC2 study, nearly 60% of cybersecurity professionals say skills gaps have significantly affected their ability to secure their organization. The ISAA certification helps close this gap by combining practical AI/ML training with core identity security knowledge. By collaborating with universities, we are embedding these skills where it matters most, at the start of the learning journey, ensuring students are industry-ready from day one. Our goal is to build a more inclusive, resilient cybersecurity workforce that's equipped for the challenges of tomorrow.' The self-paced ISAA certification is now available globally and is designed for both aspiring professionals and industry veterans looking to future-proof their careers. For more information and to enroll in the ISAA certification, please visit Saviynt University. About Saviynt Saviynt empowers enterprises to secure their digital transformation, safeguard critical assets, and meet regulatory compliance. With a vision to provide a secure and compliant future for all enterprises, Saviynt is recognized as an industry leader in identity security whose cutting-edge solutions protect the world's leading brands, Fortune 500 companies and government organizations. The company recently launched Saviynt University to help reduce the knowledge gap in cybersecurity and identity management by providing free training and certification programs, with significant focus on practitioners in India. For more information, please visit View source version on Disclaimer: The above press release comes to you under an arrangement with Business Wire. Business Upturn takes no editorial responsibility for the same.
TECHx
07-05-2025
- Business
- TECHx
CPX Holding Partners with ISC2 to Address Cybersecurity Gap
Home » GISEC » GISEC 2025 » CPX Holding Partners with ISC2 to Address Cybersecurity Gap CPX Holding, a provider of cyber and physical security solutions, has announced a strategic partnership with ISC2. ISC2 is a nonprofit member organization for cybersecurity professionals. The collaboration aims to address the cybersecurity skills gap in the MENA region. The partnership provides access to globally recognized certifications and training programs. It is designed to support professionals, organizations, and governments in developing a skilled workforce. This is especially important as the demand for cybersecurity talent grows with digital transformation and AI adoption. CPX Holding will leverage its expertise in cybersecurity to deliver ISC2's trusted certification framework across the region. This effort will support both public and private sector enterprises in improving cyber resilience and workforce readiness. ISC2 has a long-standing reputation in cybersecurity education. It works with academic institutions, governments, and global enterprises to deliver robust training and certification programs. CPX Holding will expand these offerings throughout the MENA region. Key benefits of the partnership include: Greater access to certified cybersecurity training in MENA. Support for building a sustainable talent pipeline. Alignment with global industry standards and best practices. Hadi Anwar, CEO of CPX Holding, stated that skilled talent is critical for resilience in today's evolving threat landscape. He said, 'As technologies like AI continue to transform security, access to world-class training ensures professionals are ready for tomorrow's challenges.' Deana Jardim, EVP of Marketing, Business Development, and Customer Experience at ISC2, said the partnership would deliver vital certification education. 'As threats evolve, education helps maintain a knowledgeable workforce. ISC2 research shows over 7% growth in the cyber workforce within MENA, proving this regional need.' The CPX Holding and ISC2 partnership represents a strategic step toward closing the skills gap. It helps ensure that cybersecurity professionals in the region are prepared to protect critical infrastructure in a rapidly advancing digital era.
