Browse opportunities

The surge in generative AI and increasingly sophisticated social engineering tactics has given cybercriminals powerful new tools to exploit human vulnerabilities—especially through email. These attacks are no longer just technical; they’re psychological, targeting your employees to gain access, steal data, and inflict financial and reputational damage. Join sponsor, Proofpoint and host, ISC2 on October 21, 2025 at 1:00 p.m. Eastern/10:00 a.m. Pacific for a live 60-minute webinar. During this session we’ll explore actionable approaches for strengthening your human firewall. Discover how to empower your workforce, reduce risk, and build a resilient defense against today’s AI-enhanced threats. Don’t miss it!

The cybersecurity landscape is evolving rapidly. As cyberthreats grow in complexity, organizations must stay ahead of the curve by anticipating what’s next. So, what’s in store for our industry in the coming year? Join Steve Piper, CEO of CyberEdge and Editor-in-Chief of Security Buzz, as he recaps the good, the bad, and the ugly cybersecurity events of 2025 and shares his top five cybersecurity predictions for 2026. This webinar provides a forward-looking perspective, equipping attendees with the insights and strategies needed to stay ahead of emerging threats and capitalize on new opportunities.

AI-driven SOCs promise efficiency gains, but how much automation is too much? While AI-powered security tools enhance SIEM, SOAR, and threat detection, adversaries are exploiting automation blind spots, manipulating AI models, and evading AI-driven defenses. This session dissects real-world adversarial AI attacks, including a case study on Microsoft Copilot’s AI vulnerabilities—where attackers exploited indirect prompt injection and adversarial inputs to manipulate security workflows. Attendees will learn how AI can be both a force multiplier and a security risk, gaining: - An understanding of how attackers bypass AI-powered security automation - A breakdown of adversarial AI tactics and AI-specific SOC vulnerabilities - A hybrid AI-human SOC model that reduces false positives while maintaining resilience This session offers a practical roadmap to securely integrate AI in SOC operations without increasing attack surfaces.

Preparing for the post-quantum era requires more than awareness - it demands a modern cryptographic foundation built for agility, visibility, and compliance. Organizations must be able to discover and manage their cryptographic assets, modernize and consolidate their infrastructure, and confidently test and implement post-quantum cryptography (PQC). On December 2, 2025 at 1:00 p.m. Eastern/10:00 a.m. Pacific, Sponsor Entrust and host ISC2 explore practical steps for aligning your PQC readiness journey with execution - including cryptographic asset management, PKI, and HSMs. We’ll discuss how crypto discovery, agility, and modernization strategies - supported by automation, compliance management, and integrated visibility - can help organizations strengthen security now and through migration. Join us to learn how you can move from planning to deploying PQC, building a tech stack ready to secure your organization against quantum threats today and tomorrow.

In the first half of 2025, over 16 billion passwords were leaked—highlighting the urgent need for stronger, phishing-resistant authentication methods. Despite growing awareness, many organizations still hesitate to adopt passkeys due to perceived complexity, cost concerns, and a lack of clear guidance, as noted in recent research by the FIDO Alliance and HID. On December 11, 2025 at 1:00 p.m. Eastern/10:00 a.m Pacific, Sponsor HID Global and Host ISC2 share practical, field-tested insights into accelerating enterprise passkey adoption. Learn how to: * Navigate common deployment challenges * Align authentication strategies with evolving security goals * Drive user adoption and organizational buy-in Join us to stay ahead of the passwordless curve and prepare your enterprise for a more secure, streamlined authentication future in 2026.

Approximately $350 million in preventable losses stem from polymorphic malware, malicious software that constantly changes its code to evade detection. With 18% of new malware using adaptive techniques that challenge traditional defenses, now is the time to enhance your organization's security posture. Join us December 9, 2025 at 1:00 p.m. Eastern/10:00 a.m. Pacific for this webinar where Sponsor, KnowBe4 and Host, ISC2 share valuable insights and proactive strategies to strengthen your security framework against sophisticated attacks. In this session, you'll discover: - Enhanced detection strategies that go beyond traditional signature-based approaches to identify polymorphic threats before they impact your systems - Proactive defense frameworks specifically designed to counter the most sophisticated shape-shifting malware - Success stories from organizations that effectively neutralized advanced threats through strategic security improvements - Communication templates for building stakeholder support for security enhancements - Practical implementation roadmaps to strengthen your security posture against adaptive threats drawing from real-world scenarios and emerging threat intelligence, You'll leave with a practical toolkit of strategies you can be implemented immediately to enhance your organization's resilience.

AI has historically struggled to assist in offensive security due to a critical shortage of real-world training data. This session takes a deep dive into the methodology behind recently published research designed to overcome this limitation through adversarial self-learning. Following up on her popular Security Congress 2025 keynote, researcher Alissa Knight will dissect a novel architecture where an AI teaches itself to hack not by studying past attacks, but by engaging in a continuous, high-stakes war game against itself. Attendees will learn the mechanics of this "survival of the fittest" loop, where two competing agents—one constructing defensive puzzles and the other evolving breaking strategies—force the emergence of increasingly sophisticated API attacks without human intervention. The session will move from research theory to validation with a live demonstration against a banking API using Ares, a prototype implementation of this autonomous framework.

Join us for a deep dive into Systems Security Certified Practitioner (SSCP), the security operations and network security credential from ISC2, creator of the CISSP. As organizations continue to pursue digital transformation initiatives, the threat landscape is always expanding. Yet cybersecurity leadership talent is scarce. That’s where SSCP from ISC2 comes in — to help fill the gap. Once certified, the opportunities for certified professionals are near limitless. The SSCP is ideal for IT administrators, managers, directors and network security professionals responsible for the hands-on operational security of their organization’s critical assets. It shows you have the advanced technical skills and knowledge to implement, monitor and administer IT infrastructure using security best practices, policies and procedures. In this 60-minute live virtual session, you’ll learn: - If SSCP is right for you - How Official ISC2 Training flexes with your learning style - What to expect on exam day - How to become endorsed and maintain your certification Plus! Get answers to your SSCP questions during the Q&A section. Register now and begin your SSCP certification journey today!

Preparing for the post-quantum era isn’t as simple as swapping algorithms. Organizations face growing complexity across certificates, identities and encrypted data — all while standards, timelines and risks continue to evolve. On January 15, 2026, at 1:00 p.m. Eastern/10:00 a.m. Pacific, sponsor Entrust and host ISC2 will explore why PKI (public key infrastructure) plays a central role in post-quantum readiness, the practical trade-offs between pure post-quantum and hybrid approaches, and how building crypto agility today helps reduce future disruption, risk and operational strain.

Security professionals often focus solely on defense. But what if we viewed cybersecurity as a strategic asset that drives sales and builds customer trust? This session on January 27, 2026 at 1:00 p.m. Eastern/10:00 a.m. Pacific will explore the untapped potential of cybersecurity to become a key enabler for revenue generation and enhanced customer relationships. We will delve into practical strategies for proactively integrating security considerations into the sales cycle, leveraging security as competitive differentiators, and effectively communicating your security posture to build unwavering customer confidence. This session will demonstrate how a shift in mindset can position cybersecurity as a vital contributor to business growth while upholding ethical responsibilities in data protection, offering actionable insights for security professionals across all levels.

Two technological forces are converging to reshape cybersecurity forever: AI and quantum computing. Most organizations are dangerously unprepared for what's coming next. These aren't just buzzwords—they're fundamentally changing how attacks happen, who can launch them, and which defenses will fail under pressure. While most security guidance offers surface-level awareness, attackers are already weaponizing these technologies against specific vulnerabilities in YOUR environment—from social engineering to ransomware to password cracking. Join Sponsor KnowBe4 and Host ISC2 February 12, 2026 at 1:00 p.m. Eastern/10:00 a.m. Pacific for a no-nonsense deep dive into the specific threats you're facing and the exact defenses you need now. KnowBe4 CISO Advisor Roger Grimes cuts through the hype to deliver actionable intelligence on how AI and quantum will impact each attack vector in your organization. Discover: -What AI actually is (and isn't) and why that distinction matters for your security strategy -The real quantum threats emerging now and which defenses become obsolete overnight -Exactly how AI and quantum amplify social engineering, password cracking, ransomware and vulnerability exploitation against your systems -How to protect against threats coming from AI and quantum while securing the AI and quantum tools you’re already deploying -Specific changes to implement in your security program to counter these advanced threats effectively Stop preparing for yesterday's threats. Arm yourself with the precise intelligence and practical defenses that will actually protect your organization in the AI and quantum era.

The competition for skilled cybersecurity professionals has never been more intense. Join Steve Piper, CEO of CyberEdge and Editor-in-Chief of Security Buzz, as he explores proven, practical strategies organizations can use to attract top-tier security talent—and keep them engaged for the long term. Learn how leading teams are modernizing recruiting practices, expanding talent pipelines, and differentiating themselves in a crowded market. Steve will also examine retention drivers such as career development, work hours and location flexibility, employee recognitions, and leadership support. Attendees will leave with actionable insights to reduce turnover, combat burnout, and build resilient, high-performing security teams that can keep pace with today’s evolving threat landscape.

Security champions programs are a proven way to scale security across large development teams, but the rise of AI-assisted development introduces new challenges, risks, and opportunities that traditional programs were not designed to handle. As AI coding assistants and autonomous agents accelerate how software is built, security champions play a critical role in embedding secure-by-design practices earlier and at greater scale. Join sponsor Snyk and host ISC2 on February 19, 2026 at 1:00 p.m. Eastern/10:00 a.m. Pacific to learn how to build an AI-ready Security Champions Program from the ground up, empowering developers to advocate for security across both human-written and AI-generated code. Attend this session to: - Understand how the role of security champions evolves in AI-accelerated development environments - Learn how to identify, train, and enable champions to address AI-specific risks alongside traditional AppSec concerns - Discover how to define success, establish KPIs, and integrate security tooling into modern workflows - Gain practical guidance on fostering collaboration, recognizing champions, and creating feedback loops that scale security as AI adoption grows

Agentic security is no longer a future concept – it’s already reshaping how today’s SOCs operate. But with the hype accelerating, security leaders need clarity on what “agentic” actually looks like in production, which capabilities are real today, and what’s still on the roadmap. Join this session on February 26th, 2026 at 1:00 p.m. Eastern/10:00 a.m. Pacific to learn: - What “agentic security” actually means in the context of the SOC - Which agentic capabilities are realistic and deployable today with concrete examples from security teams seeing value today - How agentic systems complement human analysts in detection and response - Metrics CISOs and security leaders are using to prove measurable outcomes - What’s coming next – and how to prepare for the future SOC We’ll separate practical reality from future promise, explore how agents work alongside human analysts, and outline what the next evolution of the SOC will require. You’ll leave with a clear understanding of what’s deployable today, what’s coming next, and how to prepare your SOC for an agent-driven future.

Sponsored by the Center for Cyber Safety and Education. In high-pressure fields like cybersecurity, long hours and constant demands can make it challenging to maintain balance—especially for professionals exploring a sober or sober-curious path while navigating intense work environments. The Center hosted a candid conversation with Jen VanAntwerp, founder of Sober in Cyber, and Tom Eston, Sr. Director of Professional Services at Snyk, who shared practical strategies for managing stress in healthier ways and building supportive peer networks within the industry. View the recording below to gain actionable insights for creating a more sustainable, balanced approach to your professional and personal well-being.

Join us for a deep dive into Certified in Governance, Risk and Compliance (CGRC), the governance, risk and compliance credential from ISC2, creator of the CISSP. The CGRC is an information security practitioner who champions system security commensurate with an organization’s mission and risk tolerance, while meeting legal and regulatory requirements. CGRC, a vendor-neutral cybersecurity credential, recognizes your knowledge, skills and abilities to authorize and maintain information systems within the RMF. It proves you know how to formalize processes to assess risk and establish security documentation. CGRC is particularly well-suited for IT, information security and cybersecurity practitioners who manage risk in information systems. It is also recommended for any practitioner involved in authorizing and maintaining information systems. In this 60-minute live virtual session, you’ll learn: - If CGRC is right for you - How Official ISC2 Training flexes with your learning style - What to expect on exam day - How to become endorsed and maintain your certification Plus! Get answers to your CGRC questions during the Q&A section. Register now and begin your CGRC certification journey today!

In 2026, software is deployed multiple times a day, often automatically with every code commit, but many security teams are still operating on “on-demand” testing cycles that can’t keep up. While PTaaS (penetration testing as a service) modernized how findings are delivered, it often fails to close the exposure gaps created by daily deployments and shifting cloud infrastructure. Join sponsor Sprocket Security and host ISC2 March 5,2026 at 1:00 p.m. Eastern/10:00 a.m. Pacific to explore why traditional PTaaS is breaking under the pressure of modern engineering and how moving to a Continuous Penetration Testing (CPT) model allows your offensive strategy to match the velocity of your development team.

Artificial intelligence is rapidly reshaping the cybersecurity landscape, giving attackers new ways to automate, scale, and personalize cyberattacks while providing defenders powerful tools to detect and respond faster than ever. Join Steve Piper, CEO of CyberEdge and Editor-in-Chief of Security Buzz, as he explores how AI is being used on both sides of the threat equation and what this escalating arms race means for organizations. Attendees will learn how AI-driven threats such as advanced phishing, deepfakes, and automated malware are changing attacker tactics, as well as how security teams can leverage AI for threat detection, response, and risk reduction. The session will highlight practical considerations for preparing defenses as AI continues to transform the future of cybersecurity.

Ransomware remains one of the most disruptive and costly threats facing enterprises today, and preparation is critical to minimizing its impact. Join Steve Piper, CEO of CyberEdge and Editor-in-Chief of Security Buzz, as he discusses how security teams can build ransomware readiness before an attack occurs, rather than reacting under pressure once systems are locked and operations are disrupted. Attendees will learn how to assess ransomware preparedness, close common gaps in visibility and response, and ensure backup, recovery, and communication plans are tested and trusted. The session will also explore how security, IT, legal, public relations, and executive teams can align ahead of time to reduce downtime, contain damage, and maintain control during a high-pressure ransomware event.

The cybersecurity landscape continues to evolve at a rapid pace, driven by emerging technologies, shifting attacker tactics, and changing business priorities. Join Steve Piper, CEO of CyberEdge and Editor-in-Chief of Security Buzz, as he explores five key cybersecurity predictions that are expected to significantly influence how organizations manage risk and defend against threats as 2027 approaches. Attendees will gain insight into anticipated developments across areas such as AI-driven attacks and defenses, ransomware evolution, regulatory pressures, workforce challenges, and security architecture trends. The session will focus on what these predictions mean in practical terms and how security leaders can begin preparing today to stay ahead of tomorrow’s threats and build more resilient, future-ready cybersecurity strategies.

Cybersecurity is no longer just a technology challenge—it’s a people challenge. Join Steve Piper, CEO of CyberEdge and Editor-in-Chief of Security Buzz, as he explores how organizations can reduce risk by empowering employees to recognize, prevent, and respond to cyber threats. This webinar will cover practical strategies for creating engaging security awareness programs, reinforcing secure behaviors, and embedding security into everyday work routines. Learn how phishing simulations, role-based training, and measurable outcomes can transform employees from the weakest link into a critical line of defense. Attendees will leave with actionable insights to strengthen security culture and reduce human-driven cyber risk.

Most data exfiltration doesn’t start with sophisticated malware, it starts with a person and a simple email action. Whether intentional or accidental, employees forwarding sensitive information to personal accounts, partners, or competitors continues to expose organizations to regulatory, financial, and reputational risk. On March 19, 2026 at 1:00 p.m. Eastern/10:00 a.m. Pacific, sponsor Proofpoint and host ISC2 examine how human-driven email data loss unfolds inside real organizations, what current Data Loss Assessments (DLAs) reveal about everyday user behavior, and why traditional, rule-based DLP controls often fail to detect subtle but high-risk activity. We’ll also discuss how behavioral AI and machine learning are enabling security teams to move from reactive detection to proactive prevention. You’ll learn: -Why user-driven email exfiltration remains a persistent, overlooked risk -Key insights from recent cross-industry Data Loss Assessments, including: - Engineers sending proprietary designs externally - Legal staff exporting sensitive client data before departure - Healthcare employees emailing credentials and unencrypted patient records - Finance teams sharing confidential revenue data outside the organization -How behavioral analysis detects personal emails and high-risk destinations -How anomaly detection flags spikes in sensitive attachments and unusual recipient activity that static DLP misses

Phishing, business email compromise (BEC), and account takeover (ATO) remain some of the most disruptive and resource-draining security challenges for modern organizations. AI-generated attacks now convincingly mimic trusted colleagues, vendors, and partners, bypassing traditional defenses and landing directly in user inboxes. On April 9, 2026 at 1:00 p.m. Eastern/10:00 a.m. Pacific, sponsor Abnormal AI and host ISC2 discuss how security teams can shift from reactive alert triage to automated, behavior-based defense. They'll cover: - Why modern phishing, BEC, and ATO attacks evade traditional email security controls - The operational strain on SOC and IT teams, including alert fatigue and investigation backlogs - Practical ways behavioral AI can automate detection, investigation, and remediation Join us to learn how to create a smarter, automated defense against modern email threats.

Join us for a deep dive into Certified Cloud Security Professional (CCSP), the cloud security credential from ISC2, creator of the CISSP. As cyber threats make daily headlines, the need for cloud security experts is at an all-time high. Yet talent is scarce. The cyber workforce needs an influx of 3.4 million more professionals to meet global demand. As a result, the career opportunities for CCSP-certified professionals are near limitless. CCSP, a vendor-neutral credential, not only provides a strong foundational understanding of key concepts, it shows you’re able to quickly learn and adapt to different scenarios, including working with platforms from different vendors. As more organizations worldwide move to multi-cloud operations, the versatile skills from vendor-neutral certification are highly desirable for cloud security teams. In this 60-minute live virtual session, you’ll learn: - If CCSP is right for you - How Official ISC2 Training flexes with your learning style - What to expect on exam day - How to become endorsed and maintain your certification Plus! Get answers to your CCSP questions during the Q&A section. Register now and begin your CCSP certification journey today! CPE Credit 1 Group A CPE Credit