89 Results Found
Global Knowledge subject matter experts predict the top trends for 2020 in IT training, Microsoft, Cisco, AWS, cybersecurity and more.
The Internet is not a safe place. We see that more than ever with the security breaches of businesses and individuals in the news on a daily basis. As Internet citizens, we need to take our protection into our own hands, as obviously most online services are not doing their best to protect us.
Managers are in dire need of cybersecurity professionals with specific skills. If you’re looking to advance your career, or transfer into the cyber field, now is the time to get certified.
There’s a lot of pressure on IT decision-makers to fill the cybersecurity holes in their organization. The cyber skills shortage is palpable and growing. Cybersecurity is the most challenging IT hiring area in the world. Those of you expecting to hire your way out of your cyber skills gaps, we have some bad news for you—it’s not viable.
Cybersecurity is a top technology investment area around the globe, with over half of our survey respondents saying it’s a priority. It’s no longer a niche skill—every IT professional needs some cybersecurity knowledge.
With skills gaps plaguing the industry, these 10 skills are must-haves for all IT departments. It’s no coincidence that these skills make up a large percentage of the IT skills gap across the industry. Decision-makers are struggling to fill these job roles. The positions also pay well because of a lack of qualified professionals. If you’re looking to make an IT skills investment or start a new career path this year, these are the areas to consider.
The value of IT certifications has grown considerably over the last decade. Examine the evolution of certification trends, see the top-paying certifications and learn how decision-makers are struggling to hire certified employees.
This quick reference guide will highlight the various certification tracks to help you find your path through the EC-Council programs.
ISACA’s role is to help those in the field of cybersecurity get greater utilization out of the people already in the fold. This means enabling IT professionals to take a leadership role and increase their depth of knowledge. Greater skills validation translates to being better able to leverage yourself into leadership positions.
ISACA certifications are some of the most popular and highest-paying in the Global Knowledge 2019 IT Skills and Salary Report. Eleven percent of IT professionals in the United States and Canada are ISACA-certified, and their salaries are 12% above the North American average.
This year, CISSP-certified IT professionals have the third highest global salary ($116,573) and the 10th highest in North America ($123,815). This is nothing new—CISSP has ranked in the top 10 in the U.S. each year since 2015, even coming in first in 2018. CISSP is a top-paying certification year after year. But how has it remained so relevant and valuable?
Based on survey responses from the Global Knowledge 2019 IT Skills and Salary Report, this year’s highest-paying certifications reveal a strong emphasis on particular topics, such as cloud computing, cybersecurity, networking and project management. In fact, cloud and project management dominate the top five spots.
There are two types of networks: those that have been hacked and those that will be. To defend against hacks, cyber professionals can benefit greatly from ethical hacking programs.
Project Scope Management sets the foundation for the creation, development and successful delivery of a project. Learn about the project management process here.
While IT professionals are most likely to hold certifications in CompTIA and Microsoft, a greater percentage are pursuing credentials in AWS and Cisco in 2019. Here is a list of the five most sought-after IT certifications this year.
For organizations with the willingness to get in shape and regain their corporate vitality, combining and aligning best practice frameworks is a sure way to achieve that goal. Admittedly, it takes work. Combining ITIL® 4 and project management should be high on your list.
Should an organization that is the victim of an intentional nefarious hacking activity resort to retaliation? It’s a question that has been gathering a lot of attention. Retaliating against bad actors might seem appealing, but what are the legal ramifications? In this article, find out if there is a legal precedent to "hacking back."
The CISSP (Certified Information System Security Practitioner) certification exam update in 2018 included a modest revision of the topics and a significant change to the testing process. Preparing for the CISSP exam has become more challenging. Here's everything you need to know about the changes.
(ISC)2’s CISSP (Certified Information System Security Practitioner) is a widely desired indicator of cybersecurity knowledge, experience and excellence on the resume of many IT professionals. Learn how to prep for the most comprehensive and in-demand cybersecurity certification.
How do you measure the experience and knowledge of an IT professional? One way is through certifications. Earning any certification is a notable achievement, though not all certifications carry the same perceived worth.
Technology trends such as these show no signs of abating, and IT administrators need to be prepared. Having a well-rounded and versatile team of IT practitioners is becoming increasingly necessary. In the following article, we examine five key skills that every IT department should have covered, regardless of the size of the company.
Cybersecurity has matured into a complex and diverse set of functions. Each of these functional specializations represent different roles requiring different knowledge, skills, and abilities.
Have you been afraid to implement PowerShell in your environment because of security fears? The reality of PowerShell security doesn’t always match the perception. When compared to other scripting languages, PowerShell is actually more secure by default.
Despite a growing awareness and preparation for distributed denial-of-service (DDoS) attacks, the overall arc of DDoS attacks is not weakening, but actually gaining more attention from the companies and personnel who have experienced these threats first-hand.
Google takes security to a whole new level thanks to their years of experience as one of the most popular targets on the internet for would-be hackers and denial of service bots. This led Google to build a sophisticated security infrastructure the likes of which few companies or organizations can claim. Google approaches security holistically and involves everything from the physical data centers, to the data pipelines between them, down to the training of each employee that is responsible for managing the infrastructure.
Consider how many financial transactions are performed on the Internet everyday. Protecting all this data is of upmost importance. Cryptography can be defined as the process of concealing the contents of a message from all except those who know the key. Cryptography can be used for many purposes, but there are two types of cryptographic algorithms you need to understand, symmetric and asymmetric. Symmetric uses a single key, whereas asymmetric uses two keys. What else is required to have a good understanding of cryptography? It’s important to start with an understanding of how cryptography relates to the basic foundations of security: authentication, integrity, confidentiality, and non-repudiation.
If you have been a professional project manager for a number of years, then it is highly likely that you have considered earning your PMP credential. And why wouldn’t you? It is well known that the PMP certificate is not only a demonstration of your mastery of project management concepts, but it also shows that you have the dedication to take on a rigorous course of study. For some the task can seem daunting, but it doesn’t have to be. The key to successfully navigating the exam process is to approach it like a project, which you already know how to do!
Quality, as we know it today, is an accumulation of several concepts that together create a comprehensive approach to quality. The views of quality, as described in A Guide to the Project Management Body of Knowledge (PMBOK® Guide) and tested on the PMP® exam, focus primarily on the work of three major contributors: W. Edwards Deming, Joseph M. Juran and Philip B. Crosby.
Each year as the data from the Global Knowledge IT Skills and Salary Survey is put through the analysis process, certain trends become clearer. One of those is the prevalence of IT professionals who pursue certifications across multiple categories.
Whether or not you work in cybersecurity, National Cyber Security Awareness Month (NCSAM) is a great time to start promoting online safety awareness. Every October when NCSAM rolls around, we at Global Knowledge find it is an opportune time to do our part as an NCSAM Champion to spread the word about cybersecurity.
It should come as no surprise that in this modern era of digital data we need encryption. But what exactly is it? How do you know what kind of encryption you need? If you were to ask someone what kind of encryption they use, they may respond with a specific encryption-based product, like full-disk encryption. Or they may mention an encryption-based protocol, like HTTPS (HyperText Transport Protocol over SSL). But encryption is much more complicated than that.
Just like the physical keys to your car or house, passwords add a bit of inconvenience in exchange for security. However, if you've ever been frustrated by password rules (complexity, special characters and numbers, etc.), you might be happy about the latest news.
Keep your project on time and within budget by controlling the baselines, budget, and schedule. View our comprehensive guide to project management, from project scheduling to cost control, from the experts at Global Knowledge.
Whether you are just getting started in business analysis or want to gain a better understanding of certain aspects of business analysis, we have compiled a list of frequently used terms to help you get started.
Project quality management is the process of determining the quality standards that are applicable to a project and devising a way to satisfy them. Learn more here.
Modern quality management and project management are complementary. They both emphasize customer satisfaction and the underlying belief that quality leads to customer satisfaction. The main objective in quality management is making sure that the project meets the needs it was originally created to meet—nothing more, nothing less. In other words, to ensure quality, you must meet the needs of the stakeholder.
The question of how a project manager working in a functional or matrix organizational structure gets team members to perform is asked in almost every project management class I have taught.
Are you prepping for the PMP exam? What should you know about the impending new edition of A Guide to the Project Management Body of Knowledge PMBOK® Guide before scheduling your examination?
The VMware NSX platform combines networking and security functionality directly in the hypervisor and it interoperable with a vast majority of VMware’s products. The platform provides a set of logical networking elements and services, using logical switching, routing, load balancing, VPN, firewall, etc. This product decouples network functionality from the physical devices.
Projects are a social endeavor. Traditional project management approaches have shied away from the social advantages a more agile project environment brings. By nature, we are storytelling, pattern seeking and social people. We need colocation to shine truly in a project environment.
You are estimating the total project cost using three points for cost estimates with a 95 percent confidence level. What is the cost estimate range if the estimated project cost is $120,000 and the standard deviation is $2,500?
You are the project manager on a construction project where you are deliberating between renting, leasing or purchasing a large piece of equipment. Equipment pricing: Rent at a cost of $2,500 per day; Lease for a 60 day period at $2,500 per day, with a 10% discount; Purchase at a price of $100,000. By looking at your project schedule, you have estimated that you will use the equipment about 50 to 60 days. Based only on price, which decision would you recommend?
Your organization and a seller have just agreed to a contract with a total cost of $150,000, an estimated profit of $10,000, buyer/seller sharing of 70/30 and a ceiling price of $170,000. What is the PTA (point of total assumption)? A. $170,000 B. $160,000 C. $164,2...
As organizations look to do more with fewer resources and leverage scarce knowledge better across their entire organization, we see lots of companies moving to matrix structures. A matrix structure can be defined as “a mixed organizational form in which normal hierarchy is overlaid by some form of lateral authority or influence resulting in two chains of command — one along functional lines and the other along project lines.”
In this blog series, we'll get you up to speed on using the key tools listed in the PMBOK® Guide, including Decision Tree Diagrams.
In this blog series, we'll get you up to speed on using the key tools listed in the PMBOK® Guide. First up, Work Breakdown Structure (WBS).
Young adults unable to find work, employers unable to fill jobs, a recent GAO study that reported substantial declines in telecommunication expertise — there has been a lot of news about the pervasiveness of skills gaps, their causes, the actual impacts and what to do about them. It’s rather confusing, because the term “skills gaps” has been hijacked to politicize an extremely wide range of issues.
Business Continuity and Disaster Recovery (BC/DR) planning is the process of developing the plans, processes and procedures to respond to the range of incidents. We start with understanding the essential functions of an organization, called Business Impact Analysis (BIA). In life, we set the same priorities: protection of family and friends, shelter, food and water and other life-giving essentials.
One of the main weapons of organized crime on the Internet is the use of junk email, also called spam. Hackers use spam for a number of purposes such as selling counterfeit products (medicines, particularly) to steal your personal or financial information, or to infect your computer with spyware and malware. This malicious software can then hijack your computer and your Internet connection to help propagate itself.
Pen testers beware. Whether you believe you know and understand all the potential legal issues, read on. First of all, a penetration test or “pen test” is a method that’s used to evaluate the security and/or vulnerabilities in a network. This test is normally conducted externally wherein the tester is attempting to hack a network or computer. Breaking into computers and networks is illegal under the Computer Fraud and Abuse Act (CFAA), and depending on your activities and other factors, other federal laws and state laws may be broken.
Many employees are not as well-versed in their company’s security policy as they should be. This may result in workers performing tasks that might seem innocent or benign on the surface, but which actually put the organization at risk of a security breach. Understanding what you are doing (as an employee) or what your users are doing (as a boss or manager), can help you work toward a viable resolution to these situations. In most cases, user behavior changes as well as implementation of new technological solutions can curb exposure to risk and increase security policy compliance.
In this series, we are looking at six things that can trip up project managers. We’ve covered the hazards of overcommitting, how to provide feedback, the importance of taking responsibility, staying focused, and what leading from the front can actually look like. Finally, we’ll take a look at handling team input.
Have you ever Googled yourself to see how much of your personal information is online? In many cases it can be pretty scary and include things like your home address, phone number, likes, dislikes, etc. One young man searched for himself and found all of his banking information online. In that case it turned out to be a mistake by a bank employee, exposing the banking information of 86,000 customers.
Communication is vital within projects and contributes significantly to project success. PMs and BAs have important—and different—roles. Let's take a look.
According to Cisco marketing, Dynamic Multipoint VPN (DMVPN) “will lower capital and operation expenses, simplifies branch communications, reduces deployment complexity, and improves business resiliency.” Okay. But what is it, really, and why should we care?
There are several advantages to implementing a route-based VPN (a.k.a. tunnel interface VPN) instead of a site-to-site one. Learn more.
Now that we have looked at the similarities and differences between the first two steps of the military decision-making process (MDMP) and the project management processes from the planning process group that align with them, it’s time to take a look at the third ste...
Constant change in the technology landscape has been mirrored by the steady evolution of information security. The current information system environment is increasingly complex, comprising storage, servers, LANs/WANs, workstations, Unified Communications, Intranet, and Internet connections.
Dell SonicWALL's CSSA (Certified SonicWALL Security Administrator) exam is an open book, online certification exam that certifies a student’s understanding of the SonicOS Unified Threat Management (UTM) operating system. The exam tests a student’s network security knowledge, and their ability to use the GUI menu structure for configuration of standard network security scenarios.
For a project manager (PM) who has served as a military officer on a battalion or higher staff, the parallels between the military decision-making process (MDMP), the orders production process, and project management doctrine prescribed by the Project Management Institute (PMI) are difficult to ignore. Both the MDMP and the processes outlined in A Guide to the Project Management Body of Knowledge—Fifth Edition (PMBOK® Guide) are iterative in nature, allow for the introduction of changes to the original plan, assign tasks and responsibilities, and involve the concept of managing the scope of the operation or project.
While the last few years have brought about many great advances in IT and network technology security and risk management have a critical point. There is a host of new concerns the IT security manager must be concerned with, including social networking, mobile, cloud, and information sharing. This has unleashed a new wave of change and potential risk. Risk management is required to deal with these emerging technologies and should provide the rationale for all information security activities within the organization. You can think of risk management as the process of ensuring that the impact of threats and exploited vulnerabilities is within acceptable limits at an acceptable cost. Risk management requires the use of countermeasures. Countermeasures can include any process that serves to reduce threats or vulnerabilities.
As mentioned earlier, one of the most useful pieces of guidance that ITIL provides relates to the categorization of suppliers. ITIL describes four categories of suppliers:
Enterprises, whether they are commercial, non-profit, or government entities, are operational organizations that operate through the execution of hundreds of processes. The quality of these processes affects every aspect of the enterprise and these processes are rarely static. Business Process Analysis (BPA) is the discipline of examining processes so that they may be changed to align with enterprise objectives.
Risk is something we deal with on a daily basis. Living in New Jersey and having the occasional storm, I’ve recently performed my own risk assessment determining the value of certain assets and activities and made a decision on what I was willing to spend to reduce risk to what I perceived as an acceptable level. My management of risk was a rather simple case. Sure, in my revised business continuity plan for my home, I’ll make sure that I have more D cell batteries, have my garage door adjusted so it opens manually again, more food I can heat on a stove and that doesn’t rely on refrigeration, and finally I’ll consider a whole house gas generator that uses natural gas, which has always been available to power critical systems like the sump pump in my basement. What if, however, I was a really large business? One with lots of components and interdependencies that require a tight integration in order to succeed? How and where can a large volume of information necessary to management, business continuity, and disaster recovery be correlated and communicated to those individuals who, because of their roles and responsibilities, need to make the critical decisions regarding the management of risk?
In a recent post, I gave an overall description of a service portfolio and the key components of a portfolio. Here, I will describe how a cloud services provider might implement an ITIL service portfolio. A cloud services provider will regularly have a set of services under development, a set of service in live operation, and a set of services that are retired.
ITIL describes a service portfolio as a collection of the overall set of services managed by a service provider. A service portfolio describes a service provider’s boundaries and promises across all of the customers and market spaces it serves. I like to think of a service portfolio as describing the past, present, and future collection of services offered by a service provider. The figure below shows a high-level view of a service portfolio.
We already covered the first three of the twelve advantages of Agile software development. These three advantages focus on team development and refining the process. Advantage #4: Motivated Development Team The positive relationship with a reasonable and satisfied customer is only one of the reasons why many developers prefer to work on Agile projects. The other main contributor is that they tend to value working in self directed teams (which the Agile methods require for success).
There is a reason why the Agile methods are becoming mainstream. They can work! Although every Agile practice is not necessarily appropriate for every organization, each practice has delivered real value to many organizations, and some Agile practices can be used by anyone! This four part series explores twelve ways in which the Agile methods are valuable. I’ll bet that you will find more than a few that could be valuable for you!
Knowledge Management examines how we acquire, organize, manage, share, and utilize knowledge and information. The Internet gives us an overwhelming amount of information on a daily basis — and the volume of information available is growing rapidly! One of the biggest challenges for individuals and organizations involved in project management is to make the best use of this knowledge and information so they can operate more efficiently, improve decision making, and sustain a competitive advantage.
Lessons learned is a theory, or conclusion, based on evidence at a given time and describes what went wrong (as well as what went right) throughout the lifecycle of a project. Although it’s completed during the project closeout process, it should occur during the entire project lifecycle to ensure all information is captured and documented. Consequences of not having a project review of lessons learned are the increased likelihood of repeating actions that might have caused:
In spite of an organization's best efforts to prevent downtime and avoid compromises, failures will still happen from time to time. “There are only two types of companies: those that have been hacked, and those that will be. Even that is merging into one category: those that have been hacked and will be again,” (FBI Director Robert Mueller). So what is your organization doing about it? How do you plan for failures and security breaches?
During a recent ITIL foundation class, a student asked an interesting question. She wanted to know: “What is the difference between a project and a service?” To be honest, I haven’t spent much time thinking about this distinction. However, I think that those of us who practice ITIL consulting and training should have good answers to questions such as this. Here’s how I answered this question.
The term "life cycle" implies two things: that a process is perpetual and that the sequence of events is obligatory or uni-directional. There is no beginning or end to a life cycle and the sequence of events cannot change. A seed cannot go directly to being a mature plant nor revert back to the blossom stage.
In my last post I discussed aspects of problem management in the context of a real-life situation regarding the first vehicle I owned. In that scenario, and throughout this series of posts, I’ve demonstrated a real-life situation from a standpoint of the incident and problem management processes that ITIL describes.
An attacker needs to destroy evidence of his presence and activities for several reasons like being able to maintain access and evade detection (and the resulting punishment). Erasing evidence of a compromise is a requirement for any attacker who wants to remain obscure and evade trace back. This usually starts with erasing the contaminated logins and any possible error messages that may have been generated from the attack process.
Once an attacker gains access to the target system, the attacker can choose to use both the system and its resources and further use the system as a launch pad to scan and exploit other systems, or he can keep a low profile and continue exploiting the system. Both these actions can damage the organization. For instance, the attacker can implement a sniffer to capture all network traffic, including telnet and ftp sessions with other systems.
Gaining access is the most important phase of an attack in terms of potential damage, although attackers don’t always have to gain access to the system to cause damage. For instance, denial-of-service attacks can either exhaust resources or stop services from running on the target system. Stopping a service can be carried out by killing processes, using a logic/time bomb, or even reconfiguring and crashing the system. Resources can be exhausted locally by filling up outgoing communication links.
Attackers use a method called scanning before they attack a network. Scanning can be considered a logical extension (and overlap) of active reconnaissance since the attacker uses details gathered during reconnaissance to identify specific vulnerabilities. Often attackers use automated tools such as network/host scanners and war dialers to locate systems and attempt to discover vulnerabilities.
No matter which IT field you're working in, there are several skills that are useful for every IT professional to know. Here, seven experienced IT professionals working in the networking, programming, project management, and security fields, share what they believe a...
As any network administrator will tell you, the ASA Security appliance (as well as its forerunner, the PIX) are capable of generating massive amounts of log messages, especially when the firewall/security appliance is set to log messages at debug level to the syslog...