News & Commentary

Latest Content tagged with Careers & People
Page 1 / 2   >   >>
14 Social Media-Savvy CISOs to Follow on Twitter
Slideshows  |  8/18/2017  | 
A roundup of some of the more social media-engaged security leaders to follow for updates on industry news, trends, and events.
Curbing the Cybersecurity Workforce Shortage with AI
Commentary  |  8/18/2017  | 
By using cognitive technologies, an organization can address the talent shortage by getting more productivity from current employees and improving processes.
Behind the Briefings: How Black Hat Sessions Get Chosen
Behind the Briefings: How Black Hat Sessions Get Chosen
Dark Reading Videos  |  8/17/2017  | 
Daniel Cuthbert and Stefano Zanero explain what the Black Hat review board is looking for in an abstract submission for the Briefings.
20 Tactical Questions SMB Security Teams Should Ask Themselves
Commentary  |  8/15/2017  | 
Or why it pays for small- and medium-sized businesses to plan strategically but act tactically.
Cybersecurity's Ceiling
News  |  8/14/2017  | 
Security spending and staffing are rising, but restrained resources are tempering market growth.
What CISOs Need to Know about the Psychology behind Security Analysis
Commentary  |  8/14/2017  | 
Bandwidth, boredom and cognitive bias are three weak spots that prevent analysts from identifying threats. Here's how to compensate.
What Women in Cybersecurity Really Think About Their Careers
News  |  8/4/2017  | 
New survey conducted by a female security pro of other female security pros dispels a few myths.
Why Cybersecurity Needs a Human in the Loop
Commentary  |  8/3/2017  | 
It's no longer comparable to Kasparov versus Deep Blue. When security teams use AI, it's like Kasparov consulting with Deep Blue before deciding on his next move.
Throw Out the Playbooks to Win at Incident Response
Commentary  |  7/28/2017  | 
Four reasons why enterprises that rely on playbooks give hackers an advantage.
How to Build a Path Toward Diversity in Information Security
News  |  7/27/2017  | 
Hiring women and minorities only addresses half the issue for the IT security industry -- the next step is retaining these workers.
The Right to Be Forgotten & the New Era of Personal Data Rights
Commentary  |  7/27/2017  | 
Because of the European Union's GDPR and other pending legislation, companies must become more transparent in how they protect their customers' data.
The Wild West of Security Post-Secondary Education
News  |  7/26/2017  | 
Black Hat researchers will show how inconsistent security schooling is at the university level.
10 Critical Steps to Create a Culture of Cybersecurity
Commentary  |  7/26/2017  | 
Businesses are more vulnerable than they need to be. Here's what you should do about it.
How Women Can Raise Their Profile within the Cybersecurity Industry
Commentary  |  7/25/2017  | 
Closing the cybersecurity gender gap won't happen overnight, but women can take can take steps to begin leveling the playing field.
DevOps & Security: Butting Heads for Years but Integration is Happening
Commentary  |  7/20/2017  | 
A combination of culture change, automation, tools and processes can bring security into the modern world where it can be as agile as other parts of IT.
Profile of a Hacker: The Real Sabu
Partner Perspectives  |  7/20/2017  | 
There are multiple stories about how the capture of the infamous Anonymous leader Sabu went down. Heres one, and another about what he is doing today.
7 Deadly Sins to Avoid When Mitigating Cyberthreats
Commentary  |  7/14/2017  | 
How digitally savvy organizations can take cyber resilience to a whole new dimension.
Black Hat to Host Discussion on Diversity
Commentary  |  7/13/2017  | 
Panel of diversity pioneers will share their views and firsthand experience on how to make inclusion a priority in security.
Majority of IT Security Professionals Work Weekends
Quick Hits  |  7/12/2017  | 
A survey finds that 57% of IT security professionals work weekends, and most say they still find their jobs rewarding.
Desperately Seeking Security: 6 Skills Most In Demand
Slideshows  |  7/8/2017  | 
When people say there's a security skills gap, this is what they really mean.
The SOC Is DeadLong Live the SOC
Commentary  |  7/7/2017  | 
The traditional security operations center can't deal with present reality. We must rethink the concept in a way that prepares for the future.
Black Hat Survey: Security Pros Expect Major Breaches in Next Two Years
News  |  7/6/2017  | 
Significant compromises are not just feared, but expected, Black Hat attendees say.
Security Experts & Hackers: We're Not So Different
Partner Perspectives  |  7/6/2017  | 
Using the similarities among hackers and security programmers can be an advantage.
Avoiding the Dark Side of AI-Driven Security Awareness
Commentary  |  7/5/2017  | 
Can artificial intelligence bring an end to countless hours of boring, largely ineffective user training? Or will it lead to a surveillance state within our information infrastructures?
Defining Security: The Difference Between Safety & Privacy
Commentary  |  6/28/2017  | 
Words matter, especially if you are making a case for new security measures, state-of-the-art technology or personnel.
No-Name Security Incidents Caused as Many Tears as WannaCry, Pros Say
Quick Hits  |  6/27/2017  | 
Half of security pros say they've worked just as frantically this year to fix other incidents that the public never heard about.
Two Arrested for Microsoft Network Intrusion
Quick Hits  |  6/22/2017  | 
UK authorities arrest two men for allegedly breaking into Microsoft's network with the intent to steal customer data from the software giant.
KPMG: Cybersecurity Has Reached a Tipping Point from Tech to CEO Business Issue
Commentary  |  6/22/2017  | 
Still, a majority of US-based chief execs say they will be maintaining and not investing in security technology over the next three years, a recent study shows.
Dark Reading INsecurity Conference Registration Now Open
Commentary  |  6/21/2017  | 
November event will focus on attendee interaction, "blue team" best practices.
Feds Call on Contractors to Play Ball in Mitigating Insider Threats
Commentary  |  6/20/2017  | 
It's said that you're only as strong as your weakest player. That's as true in security as it is in sports.
Lack of Experience Biggest Obstacle for InfoSec Career
Quick Hits  |  6/16/2017  | 
A majority of wanna-be infosec professionals find they need more experience to be a contender to enter this career, according to a recent Tripwire poll.
By the Numbers: Parsing the Cybersecurity Challenge
Commentary  |  6/14/2017  | 
Why your CEO should rethink company security priorities in the drive for digital business growth.
From Reporter to Private Investigator to Security Engineer
Commentary  |  6/8/2017  | 
How I fell in love with coding and traded in a camera-rigged Prius for a MacBook and a GitHub account.
Cybersecurity Faces 1.8 Million Worker Shortfall By 2022
News  |  6/7/2017  | 
(ISC)2 report shows the skills shortage is getting worse.
Why Compromised Identities Are ITs Fault
Commentary  |  6/7/2017  | 
The eternal battle between IT and security is the source of the problem.
Cybersecurity Stands as Big Sticking Point in Software M&A
News  |  6/7/2017  | 
The breach that was the fly in the ointment of the Yahoo-Verizon deal is one of many now surfacing as security of acquired firms starts to become a point of negotiation.
Number of CISOs Rose 15% This Year
News  |  6/5/2017  | 
Although the number of CISOs increased to 65% of organizations, it could just be a case of "window dressing," new ISACA report shows.
Securely Managing Employee Turnover: 3 Tips
Commentary  |  6/5/2017  | 
Don't let the process spiral into organizational chaos. Here are steps you can take to keep your company safe.
Hollywood Film Studio Seeks Up-And-Coming Hackers for Reality TV Show
Quick Hits  |  6/2/2017  | 
New program on major cable network will feature competitions, personalities.
Internet Society Takes On IoT, Website Security, Incident Response via OTA Merger
News  |  6/1/2017  | 
What happens now that the Online Trust Alliance - which includes Microsoft, Symantec, Twitter, and other big names - will be under the umbrella of the global Internet organization?
Securing the Human a Full-Time Commitment
News  |  5/30/2017  | 
Encouraging the people in your organization to make safer cyber decisions requires dedicated brainpower to pull off, SANS study shows.
In the Cloud, Evolving Infrastructure Means Evolving Alliances
Commentary  |  5/25/2017  | 
New opportunities make for unusual bedfellows. Here's how to navigate the shift in organizational dynamics between security operations, line-of-business managers, and developers.
Unsanctioned Computer Support Costs Companies $88K per Year
Quick Hits  |  5/24/2017  | 
A new survey of security professionals says that 83% of respondents help colleagues in other departments fix their privately-owned computers on company time.
With Billions Spent on Cybersecurity, Why Are Problems Getting Worse?
Commentary  |  5/23/2017  | 
Technology alone won't keep you safe. Fully engaged employees should be your first line of defense.
In Search of an Rx for Enterprise Security Fatigue
Commentary  |  5/22/2017  | 
Are you exhausted by the vast number of measures your organization needs to keep its systems and data safe? You're not alone.
All Generations, All Risks, All Contained: A How-To Guide
Commentary  |  5/18/2017  | 
Organizations must have a security plan that considers all of their employees.
How Many People Does It Take to Defend a Network?
Commentary  |  5/16/2017  | 
The question is hard to answer because there aren't enough cybersecurity pros to go around.
5 Steps to Maximize the Value of your Security Investments
Commentary  |  5/12/2017  | 
How a security rationalization process can help CISOs make the most out of their information security infrastructure, and also improve the company bottom line.
What Developers Don't Know About Security Can Hurt You
Commentary  |  5/11/2017  | 
Developers won't start writing secure code just because you tell them it's part of their job. You need to give them the right training, support, and tools to instill a security mindset.
Shining a Light on Securitys Grey Areas: Process, People, Technology
Commentary  |  5/9/2017  | 
The changing distributed and mobile business landscape brings with it new security and privacy risks. Heres how to meet the challenge.
Page 1 / 2   >   >>


Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: No, no, no! Have a Unix CRON do the pop-up reminders!
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.