New Course: (ISC2)2 CCSP – Certified Cloud Security Professional. In this 126-video training, SPOTO trainer Bob Salmans teaches security professionals the knowledge they need to secure cloud data security, infrastructure, and applications security. You will be able to understand the legal compliance and standard security operations for cloud platforms. (ISC.2 CCSP – Certified Cloud Security Professional Training Your in-depth knowledge of cloud data security, cloud platform security and infrastructure security will help you to get beyond the mundane humdrum of your desk job. Your CCSP will help you move into a new career. This series covers topics like Cloud Data Security, Cloud Platform and Infrastructure Security, and Architectural Concepts and Design Requirements. Watch a video of the series: This series includes the following skills: Cloud Concepts, Architecture Security Concepts, and the Cloud Secure Cloud Computing Design Principles. Evaluating Cloud Service Providers Cloud Data Concepts, Storage Architecture Data Security Technologies Data Discovery and Classification Cloud Infrastructure Risks and Security. Protecting Virtualized Systems, BCDR Secure SDLC Process, and Application Security and Software Assurance Cloud Application Architecture, and IAM Implement Cloud Infrastructure… and much more. Download

New Course: (ISC]2 CISSP 2018. SPOTO trainers Keith Barker, Ben Finkel, recently released their new course (ISC]2 CISSP 2018. This course covers the eight security domains that are covered on the certification exam. They include: Security and risk management Security architecture and engineering Communication, network security Identity management and access management Security assessment, testing, and security operations Software development security Ben draws from his background in software development to cover the last domain. Learn more about the (ISC2) exam. Get cybersecurity training from SPOTO. Although there are no prerequisites for the CISSP exam takers must have five years of relevant work experience in order to be certified. The requirement can be reduced by one year if you have a four-year college degree, or an equivalent. For more information, please visit the ISC(2) website. CISSP applicants must be either endorsed by an ISC (ISC2)2 sponsor or submit an ISC (ISC). The exam meets the requirements for DODD-8750 and/or DoDD 8140 baseline certifications at IAT Level III and IAM Level II. This course contains 9 hours of training and 95 videos. Watch a video of the course. These SPOTO blog posts will help you keep your organization safe: Cybersecurity Analyst: Day in The Life Don’t hire Cybersecurity pros, grow them Why is cybersecurity so hard? Keith Barker is a SPOTO trainer and holds many certifications including Cisco CCIE Routing and Switching and Cisco CCIE Security (ISC.2 CISSP), VMware VCP, Palo Alto PNSE and others. Ben Finkel has been involved in software development since 1996. Prior to joining SPOTO in 2014 he worked as a software engineer in banking. He is a Google Certified Training Trainer. His expertise includes Microsoft Azure, Google Cloud, as well as various programming frameworks. Get CISSP today! Download

New Course: ISACACISM – Certified Information Security Management – This 102-video intermediate training teaches security professionals the skills they need to manage and lead information security teams. It includes knowledge in infosec governance and management, incident response, and risk management. This new ISACA training is available. There are certification organizations that help professionals in any industry to determine the skills and knowledge required to be considered experts in their field. ISACA is an organization that provides information security certifications. The Certified Information Security Manager is a key part of a serious security engineer’s career. Earn one and you can demonstrate your expertise in enterprise information security management, governance, and incident response. This 17-part series covers topics like managing information security risk management teams, analyzing, and interpreting regulations and infosec documents for your organization, and how to move beyond technical knowledge of information security into team management. Watch the video. This series covers the following topics: Security Program Resources Security Program Design Security Program Management Standards Asset Inventory, Threats and Operational Risk Management Information Security Program Planning Topics include: Reviewing encryption systems Evaluating the business process Covering encryption basics The Role of Risk Management. Download

New Course: Introduction To Python for Network Engineers

John McGovern, SPOTO trainer, explains how to automate the behavior and speed up the performance of your network devices and network devices with Python in this 147-video training. This is the new Networking training. Python is one the most widely used and popular programming languages in the world. Because of the control it affords engineers and administrators over software-defined networks, […]

Google Slides: A New Course

This 25-video entry-level training by Simona Millham, SPOTO trainer, covers the knowledge required to create, edit and present custom slides and presentations that are visually striking and ensure that your position and data is well-represented. This is the new Google Workspace training. After working in a company of a certain size you will be used to seeing some terrible presentations. […]

How SharePoint Framework Impacts Office 365 App Development

Microsoft SharePoint has been a key tool in collaboration within organizations for many years. It serves many important functions, including the creation and management of intranets (websites for internal use) as well as the integration with many other parts of Office 365, such Excel or Skype for Business. Since its release in 2001, Sharepoint has come a long ways since […]

How security policies, standards, procedures, and guidelines protect your business operations

Disclaimer: I have changed some key details to protect the privacy of a former client. However, the mainsentiment and methods remain the same. Iorchestrated a jewel heist a few years back. Yes, you read that correctly.While claiming a mysteriousformerlife of crimeis always intriguing, the truth isit was all in the name of complianceand I had explicit(albeit lessinteresting)permission from the jeweler’s […]

How secure is the DoD JEDI Cloud

The JEDI (Joint Enterprise Defense Infrastructure), is an enterprise-level, commercial Infrastructure as a Service and Platform as a Service solution to support Department of Defense (DoD), business and mission operations. The Pentagon’s JEDI Cloud will store sensitive classified information, including nuclear secrets. The JEDI Cloud foundation is a zero trust security framework. >”> Why do you need zero trust? According […]

How SASE Architecture Can Help Your Workforce, Your NetOps Team and Your Cybersecurity

SASE is a term you may have heard a lot about these days. Secure Access Service Edge is the acronym. It’s sometimes called “sassy” by IT professionals. It’s an architecture and not a product. SASE allows you to combine security and networking functions into one seamless cloud-based architecture. This allows you to provide secure access for all your organization’s data […]

How Ryuk Malware is Impacting Healthcare Industry

People are not the only ones who are facing this viral threat. Cyber-attacks are increasing from opportunistic hackers. Ryuk ransomware, a troublesome and metamorphic malware, has risen to prominence in the U.S. healthcare system, according to the Joint Cybersecurity Advisory (Coauthored by FBI and CISA and HHS). Here are the facts. How is RyukRansomware infiltrating US Hospitals and Healthcare Systems […]