Tag: jobs
-
Choosing the Right Cloud Security Provider: Five Non-Negotiables for Protecting Your Cloud
by
in SecurityNews
Tags: attack, business, cloud, control, corporate, data, infrastructure, intelligence, jobs, risk, service, strategy, technology, threat, vulnerabilityProtecting your cloud environment for the long term involves choosing a security partner whose priorities align with your needs. Here’s what you need to know. As organizations embrace multi-cloud and hybrid environments, the complexity of securing that landscape increases. However, the overlooked risks may not come solely from threat actors. Choosing a security provider that…
-
It looks like IBM is cutting jobs again, with Classic Cloud hit hard
by
in SecurityNewsWe’re told thousands may soon get a pink slip from Big Blue First seen on theregister.com Jump to article: www.theregister.com/2025/03/20/ibm_cuts_us_jobs/
-
Cybersecurity job market faces disruptions: Hiring declines in key roles amid automation and outsourcing
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/analysis/cybersecurity-job-market-faces-disruptions-hiring-declines-in-key-roles-amid-automation-and-outsourcing
-
North Korean IT Workers Exploit GitHub to Launch Global Cyberattacks
by
in SecurityNewsA recent investigation by cybersecurity firm Nisos has uncovered a coordinated effort by North Korean IT workers to exploit GitHub for creating fake personas, enabling them to secure remote jobs in Japan and the United States. These individuals, posing as professionals from countries like Vietnam, Japan, and Singapore, primarily target roles in engineering and blockchain…
-
How CISOs are approaching staffing diversity with DEI initiatives under pressure
by
in SecurityNewsStaffing diversity can help avoid homogenous thinking: Similarly, Sam McMahon, senior manager of IT and security at Valimail, underscores the necessity of representing different backgrounds and mindsets.”In my experience, even small security teams benefit greatly from the variety of perspectives that come with different backgrounds and skill sets,” he says. “We know that the majority…
-
How can I extend IAM frameworks to include NHIs effectively?
by
in SecurityNewsAre Non-Human Identities the Missing Piece in Your IAM Framework? Your job is likely dominated by securing human identities. But, have you taken a moment to consider the significant role that Non-Human Identities (NHIs) play in your cloud security strategy? The emergence of cloud technology and the integration of machine identities in modern business operations……
-
That breach cost HOW MUCH? How CISOs can talk effectively about a cyber incident’s toll
by
in SecurityNews
Tags: attack, breach, business, ciso, cyber, cybersecurity, data, email, incident, incident response, insurance, jobs, network, phone, ransomware, risk, risk-managementThe importance of practice in estimating costs: Quantifying the costs of an incident in advance is an inexact art greatly aided by tabletop exercises. “The best way in my mind to flush all of this out is by going through a regular incident response tabletop exercise,” Gary Brickhouse, CISO at GuidePoint Security, tells CSO. “People…
-
US tech jobs outlook clouded by DOGE cuts, Trump tariffs
by
in SecurityNews
Tags: jobsHiring remains relatively strong as analysts warn of slowdown First seen on theregister.com Jump to article: www.theregister.com/2025/03/18/us_tech_jobs_outlook/
-
CISA scrambles to contact fired employees after court rules layoffs ‘unlawful’
by
in SecurityNewsFederal court rules U.S. cybersecurity agency must re-hire over 100 former employees First seen on techcrunch.com Jump to article: techcrunch.com/2025/03/18/cisa-scrambles-to-contact-fired-employees-after-court-rules-layoffs-unlawful/
-
Squid Werewolf Mimics Recruiters to Target Job Seekers and Steal Personal Data
by
in SecurityNewsIn a sophisticated phishing campaign uncovered by the BI.ZONE Threat Intelligence team, the Squid Werewolf group, also known as APT37, has been impersonating recruiters to target key employees in various organizations. This espionage cluster uses fake job opportunities to lure victims into opening malicious attachments, which ultimately lead to system compromise and data theft. Phishing…
-
White House exempts cyber pros from mass layoffs; Judge reinstates CISA firings
by
in SecurityNewsCISA document process raises security concerns: It’s unclear why CISA posted its request for fired employees to send a password-protected attachment containing personally identifiable information to a publicly promoted email address. It’s also unclear how the password-protected document process would work. CISA did not respond to CSO’s request for clarification.Some cybersecurity professionals cast doubt on…
-
Rethinking Insider Risk in an AI-Driven Workplace
Carnegie Mellon CERT’s Dan Costa on Addressing Root Causes of Insider Risk. As layoffs and AI-driven workflows reshape workplace security, insider risk is becoming more complex. Dan Costa, technical manager for the CERT division at Carnegie Mellon University’s Software Engineering Institute, outlines proactive strategies to manage insider risk effectively. First seen on govinfosecurity.com Jump to…
-
7 misconceptions about the CISO role
by
in SecurityNews
Tags: api, attack, breach, business, ceo, ciso, compliance, control, corporate, cyber, cyberattack, cybersecurity, defense, exploit, finance, firewall, governance, infrastructure, insurance, jobs, network, password, phishing, resilience, risk, risk-assessment, risk-management, saas, software, startup, strategy, technology, threat, tool, training, update, vulnerabilityKatie Jenkins, EVP and CISO, Liberty Mutual Insurance Liberty Mutual InsuranceThe field is changing so rapidly, Jenkins adds, she needs to commit time to keeping up on research and connecting with other CISOs for knowledge exchange.In addition to securing infrastructure, an effective CISO focuses on securing the business, experts say. This requires understanding how security…
-
Intel’s New CEO is the Right Leader for a Tough Job: Analysts
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/feature/intels-new-ceo-is-the-right-leader-for-a-tough-job-analysts
-
Federal agencies ordered to avoid cyber staff layoffs
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/federal-agencies-ordered-to-avoid-cyber-staff-layoffs
-
Trump Administration Orders Federal Agencies To Avoid Cyber Staff Layoffs
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/trump-administration-orders-federal-agencies-to-avoid-cyber-staff-layoffs
-
Workplace Chaos and Uncertainty Stoke Insider Risk Warnings
by
in SecurityNewsExpect Malicious Insiders to Pose ‘Big Challenge’ This Year for CISOs, Expert Warns. The current tumultuous environment for employees and job-seekers across business and government – with numerous layoffs, economic concerns and political chaos – is increasing the risk posed by trusted insiders, making for a big challenge for CISOs this year, says Forrester’s Allie…
-
The most notorious and damaging ransomware of all time
by
in SecurityNews
Tags: access, android, attack, backdoor, backup, banking, botnet, breach, communications, computer, control, credentials, cryptography, cyber, cybercrime, dark-web, data, defense, detection, email, encryption, endpoint, exploit, extortion, finance, flaw, framework, germany, google, government, group, hacker, hacking, healthcare, infection, infrastructure, international, jobs, korea, law, lazarus, leak, linux, malicious, malware, microsoft, mobile, msp, network, north-korea, office, open-source, oracle, password, phishing, phone, powershell, ransom, ransomware, russia, service, software, spam, switch, technology, threat, tool, ukraine, update, usa, virus, vulnerability, windowsConti: History: First appearing in May 2020, the Conti RaaS platform is considered the successor to the Ryuk ransomware. As of January 2021, Conti is believed to have infected over 150 organizations and earned millions of dollars for its criminal developers and their affiliates. At least three new versions have been found since its inception.How it works: Conti uses the…
-
CIOs and CISOs take on NIS2: Key challenges, security opportunities
by
in SecurityNews
Tags: access, cio, ciso, compliance, cybersecurity, data, GDPR, group, healthcare, ISO-27001, jobs, monitoring, nis-2, office, organized, privacy, regulation, risk, skills, software, strategy, supply-chain, technology, trainingCompliance will be easier for some: There are CIOs and CISOs who have found NIS2 compliance relatively easy: those who have worked toward ISO/IEC 27001:2022 certification, whether they remained in the preparation phase or actually got certified.Those who have the certification report having found themselves with “80% of the work done”: the company is ready…
-
Hiring privacy experts is tough, here’s why
by
in SecurityNews
Tags: ai, business, ciso, compliance, cybersecurity, data, framework, jobs, privacy, resilience, skills, technology, trainingWhy it is difficult to hire privacy experts: Finding a highly skilled privacy professional can feel like chasing a unicorn, Kazi describes. “Yes, privacy is important, but they want somebody who’s a lawyer, an expert in technology, knowledgeable about user interface and user experience, and ideally, they know a lot about ethics and are an…
-
Trump nominates cyber vet Sean Plankey for CISA chief amid DOGE cuts and firings
by
in SecurityNews
Tags: cisa, cyber, cybersecurity, defense, disinformation, election, government, infrastructure, jobs, RedTeam, toolPlankey’s potential impact on CISA’s staff and spending cuts: CISA has long been a target of Republicans, primarily due to the minimal amount of now-discontinued work the agency conducted on misinformation efforts. It has also experienced heavy staff and spending cuts spurred by Elon Musk’s DOGE initiative.Over the past seven weeks, CISA has endured at…
-
CISA cybersecurity workforce faces cuts amid shifting US strategy
by
in SecurityNews
Tags: ai, cisa, cyber, cybersecurity, exploit, governance, government, group, incident, infrastructure, jobs, RedTeam, risk, strategy, technology, threat, vulnerabilityA shift in US cybersecurity strategy?: Analysts suggest these layoffs and funding cuts indicate a broader strategic shift in the U.S. government’s cybersecurity approach. Neil Shah, VP at Counterpoint Research, sees both risks and opportunities in the restructuring.”In the near to mid-term, this could weaken the US cybersecurity infrastructure. However, with AI proliferating, the US…
-
New Ballista Botnet spreads using TP-Link flaw. Is it an Italian job?
by
in SecurityNewsThe Ballista botnet is exploiting an unpatched TP-Link vulnerability, targeting over 6,000 Archer routers, Cato CTRL researchers warn. Cato CTRL researchers observed a new botnet, called Ballista botnet, which is exploiting a remote code execution (RCE) vulnerability, tracked as CVE-2023-1389 (CVSS score 8.8), in TP-Link Archer routers. The CVE-2023-1389 flaw is an unauthenticated command injection…
-
Pentesters: Is AI Coming for Your Role?
by
in SecurityNewsWe’ve been hearing the same story for years: AI is coming for your job. In fact, in 2017, McKinsey printed a report, Jobs Lost, Jobs Gained: Workforce Transitions in a Time of Automation, predicting that by 2030, 375 million workers would need to find new jobs or risk being displaced by AI and automation. Queue…
-
Security operations centers are fundamental to cybersecurity, here’s how to build one
by
in SecurityNews
Tags: access, ai, automation, ciso, compliance, cyber, cybersecurity, data, detection, edr, endpoint, governance, group, guide, iam, identity, incident response, intelligence, jobs, network, risk, service, siem, soar, soc, threat, toolBreakdown of SOC tools and technologies: During their Shmoocon talk, Wyler and his colleague James “Pope” Pope, senior manager of governance, risk, and compliance at Corelight, offered a list of the fundamental technologies CISOs should consider when building or outsourcing a SOC.These essential tools include: EDR (endpoint detection and response) EDR is a security solution…
-
Former NSA cyber director warns drastic job cuts threaten national security
by
in SecurityNewsRob Joyce told lawmakers;mass layoffs of federal workers;will hurt the ability of the U.S. to combat malicious cyber activity from China and other adversaries. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/nsa-cyber-director-job-cuts-national-security/742021/
-
Women Are Breaking Into Cybersecurity, But Losing Jobs Faster Than Men
by
in SecurityNewsIn 2024, women accounted for 22% of global security teams on average, compared to 17% in 2023, according to ISC2. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/women-in-cyber-security-2024-isc2/