Tag: jobs
-
7 misconceptions about the CISO role
by
in SecurityNews
Tags: api, attack, breach, business, ceo, ciso, compliance, control, corporate, cyber, cyberattack, cybersecurity, defense, exploit, finance, firewall, governance, infrastructure, insurance, jobs, network, password, phishing, resilience, risk, risk-assessment, risk-management, saas, software, startup, strategy, technology, threat, tool, training, update, vulnerabilityKatie Jenkins, EVP and CISO, Liberty Mutual Insurance Liberty Mutual InsuranceThe field is changing so rapidly, Jenkins adds, she needs to commit time to keeping up on research and connecting with other CISOs for knowledge exchange.In addition to securing infrastructure, an effective CISO focuses on securing the business, experts say. This requires understanding how security…
-
Intel’s New CEO is the Right Leader for a Tough Job: Analysts
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/feature/intels-new-ceo-is-the-right-leader-for-a-tough-job-analysts
-
Federal agencies ordered to avoid cyber staff layoffs
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/federal-agencies-ordered-to-avoid-cyber-staff-layoffs
-
Trump Administration Orders Federal Agencies To Avoid Cyber Staff Layoffs
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/trump-administration-orders-federal-agencies-to-avoid-cyber-staff-layoffs
-
Workplace Chaos and Uncertainty Stoke Insider Risk Warnings
by
in SecurityNewsExpect Malicious Insiders to Pose ‘Big Challenge’ This Year for CISOs, Expert Warns. The current tumultuous environment for employees and job-seekers across business and government – with numerous layoffs, economic concerns and political chaos – is increasing the risk posed by trusted insiders, making for a big challenge for CISOs this year, says Forrester’s Allie…
-
The most notorious and damaging ransomware of all time
by
in SecurityNews
Tags: access, android, attack, backdoor, backup, banking, botnet, breach, communications, computer, control, credentials, cryptography, cyber, cybercrime, dark-web, data, defense, detection, email, encryption, endpoint, exploit, extortion, finance, flaw, framework, germany, google, government, group, hacker, hacking, healthcare, infection, infrastructure, international, jobs, korea, law, lazarus, leak, linux, malicious, malware, microsoft, mobile, msp, network, north-korea, office, open-source, oracle, password, phishing, phone, powershell, ransom, ransomware, russia, service, software, spam, switch, technology, threat, tool, ukraine, update, usa, virus, vulnerability, windowsConti: History: First appearing in May 2020, the Conti RaaS platform is considered the successor to the Ryuk ransomware. As of January 2021, Conti is believed to have infected over 150 organizations and earned millions of dollars for its criminal developers and their affiliates. At least three new versions have been found since its inception.How it works: Conti uses the…
-
CIOs and CISOs take on NIS2: Key challenges, security opportunities
by
in SecurityNews
Tags: access, cio, ciso, compliance, cybersecurity, data, GDPR, group, healthcare, ISO-27001, jobs, monitoring, nis-2, office, organized, privacy, regulation, risk, skills, software, strategy, supply-chain, technology, trainingCompliance will be easier for some: There are CIOs and CISOs who have found NIS2 compliance relatively easy: those who have worked toward ISO/IEC 27001:2022 certification, whether they remained in the preparation phase or actually got certified.Those who have the certification report having found themselves with “80% of the work done”: the company is ready…
-
Hiring privacy experts is tough, here’s why
by
in SecurityNews
Tags: ai, business, ciso, compliance, cybersecurity, data, framework, jobs, privacy, resilience, skills, technology, trainingWhy it is difficult to hire privacy experts: Finding a highly skilled privacy professional can feel like chasing a unicorn, Kazi describes. “Yes, privacy is important, but they want somebody who’s a lawyer, an expert in technology, knowledgeable about user interface and user experience, and ideally, they know a lot about ethics and are an…
-
Trump nominates cyber vet Sean Plankey for CISA chief amid DOGE cuts and firings
by
in SecurityNews
Tags: cisa, cyber, cybersecurity, defense, disinformation, election, government, infrastructure, jobs, RedTeam, toolPlankey’s potential impact on CISA’s staff and spending cuts: CISA has long been a target of Republicans, primarily due to the minimal amount of now-discontinued work the agency conducted on misinformation efforts. It has also experienced heavy staff and spending cuts spurred by Elon Musk’s DOGE initiative.Over the past seven weeks, CISA has endured at…
-
CISA cybersecurity workforce faces cuts amid shifting US strategy
by
in SecurityNews
Tags: ai, cisa, cyber, cybersecurity, exploit, governance, government, group, incident, infrastructure, jobs, RedTeam, risk, strategy, technology, threat, vulnerabilityA shift in US cybersecurity strategy?: Analysts suggest these layoffs and funding cuts indicate a broader strategic shift in the U.S. government’s cybersecurity approach. Neil Shah, VP at Counterpoint Research, sees both risks and opportunities in the restructuring.”In the near to mid-term, this could weaken the US cybersecurity infrastructure. However, with AI proliferating, the US…
-
New Ballista Botnet spreads using TP-Link flaw. Is it an Italian job?
by
in SecurityNewsThe Ballista botnet is exploiting an unpatched TP-Link vulnerability, targeting over 6,000 Archer routers, Cato CTRL researchers warn. Cato CTRL researchers observed a new botnet, called Ballista botnet, which is exploiting a remote code execution (RCE) vulnerability, tracked as CVE-2023-1389 (CVSS score 8.8), in TP-Link Archer routers. The CVE-2023-1389 flaw is an unauthenticated command injection…
-
Pentesters: Is AI Coming for Your Role?
by
in SecurityNewsWe’ve been hearing the same story for years: AI is coming for your job. In fact, in 2017, McKinsey printed a report, Jobs Lost, Jobs Gained: Workforce Transitions in a Time of Automation, predicting that by 2030, 375 million workers would need to find new jobs or risk being displaced by AI and automation. Queue…
-
Security operations centers are fundamental to cybersecurity, here’s how to build one
by
in SecurityNews
Tags: access, ai, automation, ciso, compliance, cyber, cybersecurity, data, detection, edr, endpoint, governance, group, guide, iam, identity, incident response, intelligence, jobs, network, risk, service, siem, soar, soc, threat, toolBreakdown of SOC tools and technologies: During their Shmoocon talk, Wyler and his colleague James “Pope” Pope, senior manager of governance, risk, and compliance at Corelight, offered a list of the fundamental technologies CISOs should consider when building or outsourcing a SOC.These essential tools include: EDR (endpoint detection and response) EDR is a security solution…
-
Former NSA cyber director warns drastic job cuts threaten national security
by
in SecurityNewsRob Joyce told lawmakers;mass layoffs of federal workers;will hurt the ability of the U.S. to combat malicious cyber activity from China and other adversaries. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/nsa-cyber-director-job-cuts-national-security/742021/
-
Women Are Breaking Into Cybersecurity, But Losing Jobs Faster Than Men
by
in SecurityNewsIn 2024, women accounted for 22% of global security teams on average, compared to 17% in 2023, according to ISC2. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/women-in-cyber-security-2024-isc2/
-
Women in Cyber Security on the Rise, But Facing More Layoffs and Budget Cuts Than Men
by
in SecurityNewsIn 2024, women accounted for 22% of global security teams on average, compared to 17% in 2023, according to ISC2. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/women-in-cyber-security-2024-isc2/
-
Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros
by
in SecurityNews
Tags: advisory, ai, awareness, banking, best-practice, business, cloud, compliance, corporate, crime, crypto, cve, cyber, cybercrime, cybersecurity, data, defense, exploit, extortion, finance, fraud, governance, government, group, healthcare, infrastructure, iot, jobs, mail, malicious, microsoft, mitigation, monitoring, network, nis-2, privacy, qr, ransom, ransomware, regulation, resilience, risk, risk-assessment, risk-management, scam, service, strategy, technology, threat, tool, vmware, vulnerability, vulnerability-management, zero-dayCheck out best practices for shoring up data security and reducing cyber risk. Plus, get tips on how to improve job satisfaction among tech staff. Meanwhile, find out why Congress wants federal contractors to adopt vulnerability disclosure programs. And get the latest on cyber scams; zero-day vulnerabilities; and critical infrastructure security. Dive into six things…
-
What is risk management? Quantifying and mitigating uncertainty
by
in SecurityNews
Tags: breach, business, cio, ciso, compliance, control, cyber, cyberattack, data, finance, flaw, framework, governance, healthcare, infosec, infrastructure, insurance, international, jobs, mitigation, monitoring, nist, risk, risk-analysis, risk-assessment, risk-management, software, strategy, technology, tool, vulnerabilityHow do organizations structure risk management operations?: Risk management has in some organizations traditionally been multicentric, with different departments or individuals within the org implementing risk management techniques in their work: Risk management is a component of good project management, for instance. IT leaders in particular must be able to integrate risk management philosophies and…
-
Will AI Start Taking Cybersecurity Professionals’ Jobs?
by
in SecurityNewsNo, But It Will Shift Their Focus to More Strategic and Creative Roles Artificial intelligence is reshaping cybersecurity workflows, automating tasks and enhancing efficiency. But does that mean security professionals are at risk of being replaced? Not quite. AI is redefining roles, rather than eliminating them, to focus more on strategic thinking and problem-solving. First…
-
Indictments of Chinese Cyber Spies Reveal HackerHire Operation
by
in SecurityNewsThe U.S. DOJ indicted a dozen Chinese nationals for their role in a years-long hacker-for-hire campaign that included the Chinese government using private companies and freelance hackers to steal data from U.S. and other governments while obscuring its role in the attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/indictments-of-chinese-cyber-spies-reveal-hacker-for-hire-operation/
-
How to Install Librewolf
by
in SecurityNewsWhen configured properly, Mozilla Firefox offers great privacy and security. However, achieving a higher level of privacy and security in Mozilla Firefox requires many tweaks across all levels. Some users may not be too comfortable with this and may prefer an out-of-the-box solution that isn’t Chromium dependent. Enter Librewolf – which aims to be user…
-
Under Pressure: US Charges China’s APTHire Hackers
by
in SecurityNewsThe US Justice Department on Wednesday announced charges against members of the Chinese-backed i-Soon secret APT and APT27, the latter implicated in January’s Treasury breach. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/us-charges-china-apt-for-hire-hackers
-
Women Faced the Brunt of Cybersecurity Cutbacks in 2024
by
in SecurityNewsMany women are finding that they are unhappy in their cybersecurity roles, largely due to the layoffs their companies are experiencing, cutbacks, and return to in-office work policies. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/women-cyber-cutbacks-2024
-
US cyber, national security threatened by federal job cuts, experts say
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/us-cyber-national-security-threatened-by-federal-job-cuts-experts-say
-
National Security Threatened By Cybersecurity Job Cuts, Experts Say
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/national-security-threatened-by-cybersecurity-job-cuts-experts-say
-
DoJ Busts Alleged Global HackingHire Network of ‘Cyber Mercenaries’
Targets included the U.S. Treasury Department, journalists, and religious organisations, and the attacks intended to steal data and suppress free speech. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/us-doj-charges-chinese-nationals-hacking/
-
Justice Department charges Chinese hackershire linked to Treasury breach
The individuals are accused of hacking over 100 U.S. organizations over the course of a decade First seen on techcrunch.com Jump to article: techcrunch.com/2025/03/05/justice-department-charges-chinese-hackers-for-hire-linked-to-treasury-breach/
-
US Charges 12 Alleged Spies in China’s Freewheeling HackerHire Ecosystem
by
in SecurityNewsThe Justice Department claims 10 alleged hackers and two eChinese government officials took part in a wave of cyberattacks around the globe that included breaching the US Treasury Department and more. First seen on wired.com Jump to article: www.wired.com/story/us-charges-12-alleged-spies-in-chinas-freewheeling-hacker-for-hire-ecosystem/