Careers & People

4/18/2017
02:00 PM
50%
50%

How Top Security Execs are Doing More with Less

Even the largest corporations aren't immune to the cybersecurity skills gap - an inside look at how they are coping and adjusting.

You might think the largest US corporations have the least trouble attracting new cybersecurity talent, but that's not necessarily the case. Many millennials are more interested in start-ups and new companies rather than the traditional Fortune 100/1000, which they may not think are as tech-savvy or as bleeding edge as a new firm.

Security executives from three tech-savvy major corporations - Coca-Cola, Ford Motor Co., and Microsoft - next month at Interop ITX in Las Vegas, will share their firsthand experience and insight on how they are managing and coping with the cybersecurity skills shortage. Like small- and midsized businesses, these major corporations also find themselves doing more with less at a time when the job openings exponentially outnumber the candidates in the talent pool. 

[Check out the two-day Dark Reading Cybersecurity Crash Course at Interop ITX, May 15 & 16, where Dark Reading editors and some of the industry's top cybersecurity experts will share the latest data security trends and best practices.]

Katherine Fithen, chief privacy officer and director of Global IT Governance & Compliance for The Coca-Cola Company; Rob Duhart, Ford Motor Company's Big Data Analytics Security Lead, Data Supply Chain, EEIT; and Ann Johnson, vice president of the Enterprise Cybersecurity Group at Microsoft, will participate in a panel discussion called "Surviving The Security Skills Shortage" on Wed., May 17, 11:40am PT at Interop ITX.

The panel will discuss their recruiting efforts to attract new and young security talent, as well as how they retain those elusive top performers. Retraining their existing IT and security teams also is a big part of the strategy today, especially as skillsets must quickly evolve with rapid-fire technology and threat changes. The security execs also will give advice on what works and what doesn't, as well as what they consider the hottest and most in-demand security skills today.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
ameliamartin
50%
50%
ameliamartin,
User Rank: Apprentice
4/19/2017 | 9:51:17 AM
Re: Technology
Thanks for sharing valuable information
ameliamartin
50%
50%
ameliamartin,
User Rank: Apprentice
4/19/2017 | 9:47:37 AM
Re: Technology
Great to see I shall be thankful for valuable info
abbottanderson
50%
50%
abbottanderson,
User Rank: Apprentice
4/19/2017 | 7:27:35 AM
Technology
Thanks for sharing valuable information
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: No, no, no! Have a Unix CRON do the pop-up reminders!
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.