Cyber Newsroom 


Cybersecurity Nexus NEWSROOM

Worldwide, there is a significant shortage of skilled cybersecurity professionals. Through Cybersecurity Nexus, a program of cybersecurity resources for every career level, ISACA makes a firm commitment to address the skills crisis and do for cybersecurity professionals what we have done (and will continue to do) for audit, control and governance professionals over the past 45 years. On this page, you will find data, news and expert insights on the skills shortage and how ISACA is helping to fill the gap.


Blog Posts

View All ISACA Now Blogs »


Expert insights


 Brent Conran
Brent Conran
CSO of McAfee

“I volunteered for ISACA’s Cybersecurity Task Force because ISACA has been around since the late 1960s and has advocated standards for the profession for 45 years. If someone has an ISACA certification, it shows me they have gone through a rigorous system of study, and they have working knowledge of a specific discipline inside of IT. The new Cybersecurity Nexus is a great program from ISACA, and I am proud to have been part of its development.”

 Darren VanBooven
Darren VanBooven
CISO of the US House of Representatives

"Becoming a successful security practitioner is hard. Ideal candidates are well-rounded and have a solid foundation in networking, operating systems, web technologies, incident response, and an understanding of the threat landscape and risk management. Perhaps most importantly, cybersecurity candidates must understand the business they are trying to protect and provide good customer service. If you don’t do those two things the rest won’t matter.”

 Eddie Schwartz
Eddie Schwartz
Chair of ISACA’s Cybersecurity Task Force and former CISO of RSA

“Security is always one of the top three items on a CIO’s mind, yet IT and computer science programs at the university level are not allocating a proportional amount of training to cybersecurity. Today, there is a sizeable gap between formal education and real world needs. This, in itself, is an area requiring immediate focus so that the industry can get better at detecting and mitigating cyberthreats.”

 Jo Stewart-Rattray
Jo Stewart-Rattray
Director of Information Security and IT Assurance at BRM Holdich (Australia) and member of ISACA’s Relations Board

“Specific training and credentialing to meet the needs of individuals in the cybersecurity profession is essential. Keeping abreast of industry trends, threats and vulnerabilities is an incredibly important part of being a professional. A holistic cybersecurity program enables the cybersecurity professional to keep up to date, obtain the relevant credentials, and have access to whitepapers, frameworks, journals and other guidance. ISACA offers extraordinary resources across the IT disciplines that it covers, and cybersecurity is no exception to this.”