News & Commentary

Latest Content tagged with Careers & People
Page 1 / 2   >   >>
(ISC) : Global Cybersecurity Workforce Short 3 Million People
News  |  10/17/2018  | 
With the skills gap still wide, security leaders explain the challenges of hiring and retaining security experts.
4 Ways to Fight the Email Security Threat
Commentary  |  10/15/2018  | 
It's time to reimagine employee training with fresh, more aggressive approaches that better treat email security as a fundamentally human problem.
Most IT Security Pros Want to Change Jobs
Quick Hits  |  10/12/2018  | 
They cite five main reasons for wanting to move on and what it would take to retain them.
Meet 5 Women Shaping Microsoft's Security Strategy
Slideshows  |  10/10/2018  | 
Profiles of some of the women currently leading Microsoft security operations - and their efforts to drive inclusivity.
Who Do You Trust? Parsing the Issues of Privacy, Transparency & Control
Commentary  |  10/5/2018  | 
Technology such as Apple's device trust score that decides "you" is not you is a good thing. But only if it works well.
CISOs: How to Answer the 5 Questions Boards Will Ask You
Commentary  |  10/2/2018  | 
As boards learn the importance of cybersecurity, certain issues arise on a regular basis. These tips can help you address them.
The Right Diagnosis: A Cybersecurity Perspective
Commentary  |  10/1/2018  | 
A healthy body and a healthy security organization have a lot more in common than most people think.
4 Traits of a Cyber-Resilient Culture
News  |  9/28/2018  | 
Companies with a solid track record of cybersecurity share these practices and characteristics.
How Data Security Improves When You Engage Employees in the Process
Commentary  |  9/28/2018  | 
When it comes to protecting information, we can all do better. But encouraging a can-do attitude goes a long way toward discouraging users' risky behaviors.
Managing Data the Way We Manage Money
Commentary  |  9/27/2018  | 
In the data-driven enterprise, myriad types of data have become a new form and flow of currency. Why, then, hasn't the CISO achieved parity with the CFO?
6 Security Training Hacks to Increase Cyber IQ Org-Wide
Slideshows  |  9/21/2018  | 
Move beyond generic, annual security awareness training with these important tips.
5 Steps to Success for New CISOs
Commentary  |  9/19/2018  | 
You've been hired to make an impact. These tips can help set you up for continued success.
The 7 Habits of Highly Effective Security Teams
Commentary  |  9/17/2018  | 
Security requires smart people, processes, and technology. Too often, the "people" portion of the PPT equation is neglected.
Russian National Extradited for 2014 JP Morgan Hack
Quick Hits  |  9/10/2018  | 
Andrei Tyurin was arrested for his involvement in a hacking campaign targeting US financial institutions, financial news publishers, brokerage firm, and other companies.
DevOps Demystified: A Primer for Security Practitioners
Commentary  |  9/10/2018  | 
Key starting points for those still struggling to understand the concept.
Mozilla Taps Former Google Exec as it Rethinks Privacy
Quick Hits  |  9/4/2018  | 
News of the recent hire closely follows Mozilla's decision to block trackers in its Firefox browser by default.
Why Automation Will Free Security Pros to Do What They Do Best
Commentary  |  8/31/2018  | 
There are three reasons today's security talent pool is neither scalable nor effective in addressing the rapid evolution of cyberattacks.
Lessons From the Black Hat USA NOC
Commentary  |  8/30/2018  | 
The conference's temporary network operations center provides a snapshot of what is possible when a variety of professionals work together.
4 Benefits of a World with Less Privacy
Commentary  |  8/30/2018  | 
The privacy issue is a problem for a lot of people. I see it differently.
Why CISOs Should Make Friends With Their CMOs
Slideshows  |  8/27/2018  | 
A partnership between IT security and marketing could offer many benefits to each group and to the entire enterprise.
How to Gauge the Effectiveness of Security Awareness Programs
Commentary  |  8/21/2018  | 
If you spend $10,000 on an awareness program and expect it to completely stop tens of millions of dollars in losses, you are a fool. If $10,000 prevents $100,000 in loss, that's a 10-fold ROI.
Proving ROI: How a Security Road Map Can Sway the C-Suite
Commentary  |  8/21/2018  | 
When executives are constantly trying to cut the fat, CISOs need to develop a flexible structure to improve baseline assessments and target goals, tactics, and capabilities. Here's how.
Data Privacy Careers Are Helping to Close the IT Gender Gap
Commentary  |  8/20/2018  | 
There are three main reasons why the field has been more welcoming for women. Can other tech areas step up?
Make a Wish: Dark Reading Caption Contest Winners
Commentary  |  8/18/2018  | 
Certification, endpoint security, 2FA, phishing, and PII were among the themes and puns offered by readers in our latest cartoon caption competition. And the winners are ...
Leveraging the Power of your End-Users Human Cognition
Leveraging the Power of your End-Users Human Cognition
Dark Reading Videos  |  8/17/2018  | 
Cofense CEO Rohyt Belani makes a case for more aggressively leveraging the unique ability of your most perceptive and well-trained end-users to help you more quickly spot and stop email threats.
Overcoming 'Security as a Silo' with Orchestration and Automation
Commentary  |  8/16/2018  | 
When teams work in silos, the result is friction and miscommunication. Automation changes that.
The Data Security Landscape Is Shifting: Is Your Company Prepared?
Commentary  |  8/13/2018  | 
New ways to steal your data (and profits) keep cropping up. These best practices can help keep your organization safer.
Dark Reading News Desk Live at Black Hat USA 2018
News  |  8/9/2018  | 
Watch here Wednesday and Thursday, 2 p.m. - 6 p.m. ET to see over 40 live video interviews straight from the Black Hat USA conference in Las Vegas.
Shadow IT: Every Company's 3 Hidden Security Risks
Commentary  |  8/7/2018  | 
Companies can squash the proliferation of shadow IT if they listen to employees, create transparent guidelines, and encourage an open discussion about the balance between security and productivity.
IT Managers: Are You Keeping Up with Social-Engineering Attacks?
Commentary  |  8/6/2018  | 
Increasingly sophisticated threats require a mix of people, processes, and technology safeguards.
Power Grid Security: How Safe Are We?
Commentary  |  8/2/2018  | 
Experiencing a power outage? It could have been caused by a hacker or just a squirrel chewing through some equipment. And that's a problem.
How GDPR Could Turn Privileged Insiders into Bribery Targets
Commentary  |  8/2/2018  | 
Regulatory penalties that exceed the cost of an extortion payout may lead to a new form of ransomware. These four steps can keep you from falling into that trap.
10 More Women in Security You May Not Know But Should
Slideshows  |  7/31/2018  | 
The second installment in a series highlighting women who are driving change in cybersecurity but may not be on your radar yet.
University of Phoenix Poll: 20% of US Adults Have Considered Infosec Careers
Quick Hits  |  7/30/2018  | 
Many respondents could enter the field by leveraging skills they already have.
The Good & Bad News About Today's Cybersecurity Investment Landscape
Commentary  |  7/25/2018  | 
Lots of things keep CISOs up at night. But instead of guessing what CISOs want, investors and vendors should incorporate customer feedback throughout product ideation and development cycles.
How 'Projection' Slows Down the Path to Security Maturity
Commentary  |  7/24/2018  | 
A little bit of self-awareness goes a long way when it comes to evaluating a company's security maturity level. It's also a prerequisite to improving.
Why Security Startups Fly And Why They Crash
News  |  7/20/2018  | 
What makes startups stand out in a market flooded with thousands of vendors? Funding experts and former founders share their thoughts.
The Fundamental Flaw in Security Awareness Programs
Commentary  |  7/19/2018  | 
It's a ridiculous business decision to rely on the discretion of a minimally trained user to thwart a highly skilled sociopath, financially motivated criminal, or nation-state.
SOCs Use Automation to Compensate for Training, Technology Issues
News  |  7/13/2018  | 
Executives and front-line SOC teams see human and technology issues in much different ways, according to two new reports.
What's Cooking With Caleb Sima
News  |  7/12/2018  | 
Security Pro File: Web app security pioneer dishes on his teenage security career, his love of electric scooters, Ace Ventura and a new baby food business venture with his wife and famed chef, Kathy Fang.
Lessons from My Strange Journey into InfoSec
Commentary  |  7/12/2018  | 
Establishing an entre into the security world can be a maddeningly slow process. For those of us already here, it can be an opportunity to help others.
New Cyber Center Opens at Augusta University in Georgia
Quick Hits  |  7/11/2018  | 
University partners with state on $100 million Georgia Cyber Center for cybersecurity education and research.
WEF: 217 More Years Until Women and Men Reach Economic Equality
News  |  7/5/2018  | 
Progress toward economic parity is in reverse for the first time since 2006, but cybersecurity can help change the game.
4 Basic Principles to Help Keep Hackers Out
Commentary  |  7/5/2018  | 
The most effective hackers keep things simple, something organizations must take into account.
6 Drivers of Mental and Emotional Stress in Infosec
Slideshows  |  7/2/2018  | 
Pressure comes in many forms but often with the same end result: stress and burnout within the security community.
There's No Automating Your Way Out of Security Hiring Woes
News  |  6/28/2018  | 
Call it the paradox of cybersecurity automation: It makes your staff more productive but takes more quality experts to make it work.
The 3 R's for Surviving the Security Skills Shortage
News  |  6/27/2018  | 
How to recruit, retrain, and retain with creativity and discipline.
First Women-Led Cybersecurity Venture Capital Firm Launches
News  |  6/26/2018  | 
Chenxi Wang, former Forrester VP of research and Twistlock executive, heads up Rain Capital, with the intent to also help build new startups.
Intel Names Window Snyder as Chief Software Security Officer
News  |  6/25/2018  | 
The microprocessor giant hires security veteran credited with leading both Microsoft's and Apple's security advancements.
Cisco CPO: Privacy Is Not About Secrecy or Compliance
News  |  6/19/2018  | 
Michelle Dennedy sat down with Dark Reading at the recent Cisco Live event to set the record straight about privacy, regulation, encryption, and more.
Page 1 / 2   >   >>


12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer,  10/12/2018
Most IT Security Pros Want to Change Jobs
Dark Reading Staff 10/12/2018
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10839
PUBLISHED: 2018-10-16
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-13399
PUBLISHED: 2018-10-16
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382
PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.