ISACA Launches Cybersecurity Nexus, a Comprehensive Program for Information Security Professionals

ISACA Launches Cybersecurity Nexus, a Comprehensive Program for Information Security Professionals

A few weeks ago I wrote about an opportunity for entry-level information security (infosec) professionals to get some training and “skill up” for their careers. Now there is a new option for people coming into the infosec profession. Today ISACA is launching a comprehensive new program called Cybersecurity Nexus (CSX).

You may be familiar with ISACA as the membership organization devoted to the needs and interests of information governance, control, security and audit professionals. ISACA surveyed its members worldwide and learned that many of them are moving into roles where they have responsibility for selecting and implementing appropriate controls to prevent cyber attacks, especially attacks involving advanced persistent threats (APTs). To support them in these new roles and throughout their infosec careers, ISACA created the CSX program. CSX was developed in collaboration with CISOs and cybersecurity experts from leading companies around the world. The program fills an unmet need for a single, central location where security professionals and their enterprises can find cybersecurity research, guidance, certificates and certifications, education, mentoring and community. All CSX materials are designed to provide security-related information within the larger business context.

There is a Cybersecurity Fundamentals Certificate that is aimed at entry level information security professionals with 0 to 3 years of practitioner experience. The certificate is for people just coming out of college and career-changers now getting into IT security. The foundational level knowledge-based exam covers four domains:

  1. Cybersecurity architecture principles
  2. Security of networks, systems, applications and data
  3. Incident response
  4. Security implications related to adoption of emerging technologies

A more advanced level certification is planned for 2015.

More than just training and certification, however, CSX is designed as a comprehensive program that provides expert-level cybersecurity resources tailored to each stage in a cybersecurity professional’s career. Today the program includes career development resources, frameworks, community and research guidance such as publications including Responding to Targeted Cyberattacks and Transforming Cybersecurity Using COBIT 5. More resources will be added as the program matures. This is the differentiator between ISACA’s cybersecurity initiative and training and certification programs offered by Cyber Aces, SANS Institute and ISC2.

To get more information about ISACA’s Cybersecurity Nexus program, visit