News & Commentary
Latest Content tagged with Careers & People
|
Cisco CPO: Privacy Is Not About Secrecy or Compliance
Michelle Dennedy sat down with Dark Reading at the recent Cisco Live event to set the record straight about privacy, regulation, encryption, and more.
3 Tips for Driving User Buy-in to Security Policies
Teaching users why it's important to commit to security controls is a far more effective strategy than simply demanding that they follow them. Here's how.
Demystifying Mental Health in the Infosec Community
Security experts talk about burnout, diversity, mental health, and legal issues in a new Community track at Black Hat USA.
LeBron vs. Steph: The NBA Version of Cyber Defense vs. Cyberattacks
It takes an aggressive, swarming approach to overcome the most dangerous threats today.
Why CISOs Need a Security Reality Check
We deserve a seat at the executive table, and we'll be much better at our jobs once we take it.
6 Ways Greed Has a Negative Effect on Cybersecurity
How the security industry can both make money and stay true to its core values, and why that matters.
Threat Landscape: Dark Reading Caption Contest Winners
Insider threats -- desktop attacks, security awareness, caffeine -- all worthy contenders in our cartoon caption competition. And the winners are ...
Dark Reading Launches Second INsecurity Conference
To be held in Chicago Oct. 23-25, defense-focused conference will feature closed-door discussions, co-resident Black Hat Training sessions
Facebook Must Patch 2 Billion Human Vulnerabilities; How You Can Patch Yours
The situation Facebook is in should be prompting all security teams to evaluate just how defenseless or protected the people in their organizations are.
Machine Learning, Artificial Intelligence & the Future of Cybersecurity
The ability to learn gives security-focused AI and ML apps unrivaled speed and accuracy over their more basic, automated predecessors. But they are not a silver bullet. Yet.
Getting Revolutionary (Not Evolutionary) about Cybersecurity
Being a security revolutionary isn't purely about new, ground-breaking ideas. It's about anticipating, outpacing, and influencing your world, both internally and externally. Here are five keys to success.
How to Empower Today's 'cISOs'
Although many security leaders have a C in their title, not all are true capital-C "Chiefs." Here are three ways to live up to the job description.
Bridging the Cybersecurity Talent Gap
There's no one surefire way of fixing the problem, which endangers everyone's security. There are, however, several options we should try.
Growing Job Pressures Increase Risk of Burnout for Cybersecurity Professionals
A new Trustwave survey shows information security executives and practitioners are under increasing pressure from trying to keep up with threats and compliance mandates.
The State of Information Sharing 20 Years after the First White House Mandate
Finally! Actionable guidance for ISACs and enterprises on what threat intel to share, how to share it, and which key technologies will automate redaction and protect privacy.
Dark Reading Conference Call for Speakers Closes Friday
Don't be shy, security practitioners. Share your best practices at our 2nd annual INsecurity Conference, to be held Oct. 23-25 in Chicago.
What Israel's Elite Defense Force Unit 8200 Can Teach Security about Diversity
Unit 8200 doesn't follow a conventional recruiting model. Technical knowledge isn't a requirement. The unit values traits that emphasize problem-solving and interpersonal skills, and it uses hiring processes that build female leaders.
Want Your Daughter to Succeed in Cyber? Call Her John
It's time to "do the right thing" when it comes to gender in the hiring and promotion of women in cybersecurity. Four women (and a man named John) offer practical solutions for shifting the balance.
Taming the Chaos of Application Security: 'We Built an App for That'
Want to improve the state of secure software coding? Hide the complexity from developers.
The New Security Playbook: Get the Whole Team Involved
Smart cybersecurity teams are harnessing the power of human intelligence so employees take the right actions.
20 Signs You Are Heading for a Retention Problem
If you don't invest in your best security talent, they will look to burnish their resumes elsewhere. Here's why.
Millennials, Women May Bridge Cyber Talent Gap
Younger generations, particularly women, could be the answer to a cybersecurity skill shortage expected to reach 1.8 million unfilled roles by 2020.
We're Doing Security Wrong!
When you simply heap technology onto a system, you limit your hiring pool and spread your employees too thin. Focus on your people instead.
Automation Exacerbates Cybersecurity Skills Gap
Three out of four security pros say the more automated AI products they bring in, the harder it is to find trained staff to run the tools.
'Zero Login:' The Rise of Invisible Identity
Will new authentication technologies that recognize users on the basis of their behaviors finally mean the death of the despised password?
Diversity: It's About Inclusion
Unrealistic entry-level job requirements, black-hoodie hacker image problems are among the 'uncomfortable conversations' needed to remedy cybersecurity's diversity gap.
Latest News from RSAC 2018
Check out Dark Reading's updated, exclusive coverage of the news and security themes that dominated RSA Conference 2018 in San Francisco.
Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training
Booz Allen survey shows most organizations' answer to the security skills shortage may be unsustainable.
2018 RSA Conference: Execs Push Cooperation, Culture & Civilian Safety
On the keynote stage, execs from Microsoft and McAfee introduced a new Cybersecurity Tech Accord.
Majority of Men Think Women Have Equal Opportunity to Advance in Cybersecurity Career
Not so fast, say women.
Stripping the Attacker Naked
How cyber threat intelligence can help you gain a better understanding of the enemy and why that gives security teams the upper hand.
How Security Can Bridge the Chasm with Development
Enhancing the relationships between security and engineering is crucial for improving software security. These six steps will bring your teams together.
How Gamers Could Save the Cybersecurity Skills Gap
McAfee shares its firsthand experience on training in-house cybersecurity pros and publishes new data on how other organizations deal with filling security jobs.
10 Women in Security You May Not Know But Should
The first in a series of articles shining a spotlight on women who are quietly changing the game in cybersecurity.
How Measuring Security for Risk & ROI Can Empower CISOs
For the vast majority of business decisions, organizations seek metrics-driven proof. Why is cybersecurity the exception?
Automating Ethics for Cybersecurity
Having a code of ethics and enforcing it are two different things.
UVA Defeats UMBC, in Stunning Upset
In first trip to Mid-Atlantic Collegiate Cyber Defense Competition, University of Virginia's Cyber Defense Team defeats reigning national champs from University of Maryland, Baltimore County.
780 Days in the Life of a Computer Worm
This is a story of a worm, from the time it was coded and deployed onto the Internet. It is narrated by the worm in the first person.
SOC in Translation: 4 Common Phrases & Why They Raise Flags
By keeping an ear out for out for catchphrases like "Just ask Stu" or "I've got a bad feeling about this," CISOs can overcome the barriers that get between business leaders and their security teams.
Facebook CISO Stamos to Depart from the Social Media Firm: Report
Stamos will remain in his position through August, according to a report in The New York Times.
Who Does What in Cybersecurity at the C-Level
As security evolve as a corporate priority, so do the roles and responsibilities of the executive team. These seven titles are already feeling the impact.
Online Ads vs. Security: An Invisible War
Why visiting one website is like visiting 50, and how you can fight back against malvertisers.
(ISC)2 Report: Glaring Disparity in Diversity for US Cybersecurity
While the average US security salary is $122,000, the average salary for people of color is $115,000, with men identifying as minorities making $6000 more than minority women.
A Secure Enterprise Starts with a Cyber-Aware Staff
An attack doesn't have to be super high-tech to cause a lot of damage. Make sure your employees know how to spot an old-fashioned phishing campaign.
What CISOs Should Know About Quantum Computing
As quantum computing approaches real-world viability, it also poses a huge threat to today's encryption measures.
Disappearing Act: Dark Reading Caption Contest Winners
A standout field with hysterical puns about security policies, Meltdown, Amazon Web Services, and the right to be forgotten. And the winner is …
DevSecOps: The Importance of Building Security from the Beginning
Here are four important areas to tackle in order to master DevSecOps: code, privacy, predictability, and people.
7 University-Connected Cyber Ranges to Know Now
Universities are beginning to add cyber ranges to the facilities for teaching cyber security to students and professionals.
Privilege Abuse Attacks: 4 Common Scenarios
It doesn't matter if the threat comes from a disgruntled ex-employee or an insider anticipating financial gain, privilege abuse patterns are pretty much the same, and they're easy to avoid.
Pragmatic Security: 20 Signs You Are 'Boiling the Ocean'
Ocean-boiling is responsible for most of the draconian, nonproductive security policies I've witnessed over the course of my career. Here's why they don't work.
|
White Papers
Video
0 Comments
Current Issue
Flash Poll
The State of IT and Cybersecurity
IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-7682
PUBLISHED: 2018-06-22
PUBLISHED: 2018-06-22
PUBLISHED: 2018-06-22
PUBLISHED: 2018-06-22
PUBLISHED: 2018-06-22
From DHS/US-CERT's National Vulnerability Database CVE-2018-7682
PUBLISHED: 2018-06-22
Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains.
CVE-2018-12689PUBLISHED: 2018-06-22
phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id parameter in a cmd.php?cmd=login_form request, or a crafted username and password in the login panel.
CVE-2018-12538PUBLISHED: 2018-06-22
In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage...
CVE-2018-12684PUBLISHED: 2018-06-22
Out-of-bounds Read in the send_ssi_file function in civetweb.c in CivetWeb through 1.10 allows attackers to cause a Denial of Service or Information Disclosure via a crafted SSI file.
CVE-2018-12687PUBLISHED: 2018-06-22
tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This