News & Commentary

Latest Content tagged with Careers & People
Page 1 / 2   >   >>
3 Tips to Keep Cybersecurity Front & Center
Commentary  |  2/14/2018  | 
In today's environment, a focus on cybersecurity isn't a luxury. It's a necessity, and making sure that focus is achieved starts with the company's culture.
Equifax Names New CISO
Quick Hits  |  2/13/2018  | 
Former Home Depot CISO takes the reins in the wake of Equifax's massive data breach and fallout.
Thinking about a Career Move in Cybersecurity?
Commentary  |  2/1/2018  | 
The numbers show career opportunities for cyber defenders.
An Action Plan to Fill the Information Security Workforce Gap
Commentary  |  1/29/2018  | 
Nothing says #whorunstheworld like an all-female blue team taking down a male-dominated red team in a battle to protect sensitive customer data, and other ideas to entice women into a cyber career.
Security Automation: Time to Start Thinking More Strategically
Commentary  |  1/24/2018  | 
To benefit from automation, we need to review incident response processes to find the areas where security analysts can engage in more critical thought and problem-solving.
You Break It, They Buy It: Economics, Motivations Behind Bug Bounty Hunting
News  |  1/19/2018  | 
Some bug hunters make 16 times the median salary of software engineers in their home countries.
Tax Reform, Cybersecurity-Style
Commentary  |  1/18/2018  | 
How the security industry can be more effective and efficient by recognizing four hidden "taxes" in the buying and selling process.
How to Keep Blue Teams Happy in an Automated Security World
Commentary  |  1/18/2018  | 
The creativity and intuition of your team members must be developed and nurtured.
Which CISO 'Tribe' Do You Belong To?
News  |  1/17/2018  | 
New research categorizes CISOs into four distinct groups based on factors related to workforce, governance, and security controls.
In Security & Life, Busy Is Not a Badge of Honor
Commentary  |  1/16/2018  | 
All security teams are busy, but not all security teams are productive. The difference between the two is huge.
Doh!!! The 10 Most Overlooked Security Tasks
Slideshows  |  1/16/2018  | 
Heres a list of gotchas that often slip past overburdened security pros.
Mental Models & Security: Thinking Like a Hacker
Commentary  |  1/16/2018  | 
These seven approaches can change the way you tackle problems.
How to Attract More Women Into Cybersecurity Now
News  |  1/12/2018  | 
A recent survey finds a number of attributes women seek in their careers can be found in a cybersecurity profession the dots just need to be connected.
'Tis the Season: Dark Reading Caption Contest Winners
Commentary  |  1/9/2018  | 
Bricked devices, penetration tests, and virtual reality were among the themes submitted in our latest holiday caption competition. And the winners are ...
A Pragmatic Approach to Fixing Cybersecurity: 5 Steps
Commentary  |  1/3/2018  | 
The digital infrastructure that supports our economy, protects our national security, and empowers our society must be made more secure, more trusted, and more reliable. Here's how.
The Disconnect Between Cybersecurity & the C-Suite
Commentary  |  12/28/2017  | 
Most corporate boards are not taking tangible actions to shape their companies' security strategies or investment plans, a PwC study shows.
6 Tips to Protect Against Technical Support Fraud
Slideshows  |  12/27/2017  | 
Just when youre having fun over the holidays and not paying attention, you can be hit with a tech support scam. Here's how to stay safe into the new year.
CISOs Play Rising Role In Business
News  |  12/26/2017  | 
CISO hiring trends show more external hires, longer tenures, and an increase in MBAs as tech pros are required to understand the business.
CISO Holiday Miracle Wish List
Slideshows  |  12/22/2017  | 
If CISOs could make a wish to solve a problem, these would be among the top choices.
Be a More Effective CISO by Aligning Security to the Business
Partner Perspectives  |  12/21/2017  | 
These five steps will you help marshal the internal resources you need to reduce risk, break down barriers, and thwart cyber attacks.
Top 8 Cybersecurity Skills IT Pros Need in 2018
Slideshows  |  12/18/2017  | 
Cloud security architecture skills to customer-service savvy are among the key IT security skills needed next year as CIOs ramp up hiring.
Why Hackers Are in Such High Demand, and How They're Affecting Business Culture
Commentary  |  12/14/2017  | 
White hat hackers bring value to organizations and help them defend against today's advanced threats.
8 Steps for Building an IT Security Career Path Program
Slideshows  |  12/13/2017  | 
A cybersecurity career-path program can help with talent retention and recruitment.
Automation Could Be Widening the Cybersecurity Skills Gap
Commentary  |  12/13/2017  | 
Sticking workers with tedious jobs that AI can't do leads to burnout, but there is a way to achieve balance.
5 Reasons the Cybersecurity Labor Shortfall Won't End Soon
Commentary  |  12/11/2017  | 
The number of unfilled jobs in our industry continues to grow. Here's why.
What Slugs in a Garden Can Teach Us About Security
Commentary  |  12/8/2017  | 
Design principles observed in nature serve as a valuable model to improve organizations' security approaches.
6 Personality Profiles of White-Hat Hackers
Slideshows  |  12/5/2017  | 
From making the Internet safer to promoting their security careers, bug bounty hunters have a broad range of motivators for hacking most just like the challenge.
Tips for Writing Better Infosec Job Descriptions
News  |  12/4/2017  | 
Security leaders frustrated with their talent search may be searching for the wrong skills and qualifications.
Security Geek Gift Guide
Slideshows  |  12/1/2017  | 
Fun gifts for cybersecurity co-workers and bosses alike.
3 Ways to Retain Security Operations Staff
Commentary  |  11/20/2017  | 
Finding skilled security analysts is hard enough. Once you do, you'll need to fight to keep them working for you. These tips can help.
Death of the Tier 1 SOC Analyst
News  |  11/16/2017  | 
Say goodbye to the entry-level security operations center (SOC) analyst as we know it.
Fred Kwong: The Psychology of Being a CISO
News  |  11/15/2017  | 
Security Pro File: Fred Kwong learned people skills in the classroom and technical skills on the job. The former psychology major, now CISO at Delta Dental, shares his path to cybersecurity and how he applies his liberal arts background to his current role.
What the NFL Teaches Us about Fostering a Champion Security Team
Commentary  |  11/14/2017  | 
Cybersecurity experts can learn how to do a better job by keeping a close eye on the gridiron.
Burnout, Culture Drive Security Talent Out the Door
News  |  11/7/2017  | 
Security's efforts to bridge the talent gap mean little when workers don't want to stay in the industry.
Hiring Outside the Box in Cybersecurity
Commentary  |  11/7/2017  | 
Candidates without years of experience can still be great hires, as long as they are ready, willing, and able.
Virtual Reality Could Serve as a Cybersecurity Recruiting Tool
News  |  11/6/2017  | 
A recent study finds 74% of millennials and post-millennials agree VR use in cybersecurity tools may entice them into an IT security career.
4 Ways the Next Generation of Security Is Changing
Commentary  |  11/3/2017  | 
The CISO's job will get easier because of trends in the industry. Here's how.
Russian Election-Tampering & Enterprise Security Plans
Commentary  |  11/3/2017  | 
Take our new flash poll and tells us if the current political climate is making you rethink disaster recovery and business continuity planning.
Mischel Kwon Unplugged
News  |  11/2/2017  | 
Security Pro File: Kwon talks about her tenure at DOJ and US-CERT, winning a WiFi antenna contest at DEF CON, voice lessons - and her brief stint as an industry 'float princess.'
Who Says Brilliant Security Engineers Can't Be Amazing People Managers?
Commentary  |  10/31/2017  | 
Don't let midcareer stagnation be an exit ramp from the cybersecurity industry. Use it as an opportunity to explore and to deepen your enthusiasm.
Security Gets Social: 10 of Dark Reading's Most Shared Stories
Slideshows  |  10/30/2017  | 
We scared up our most popular stories on Facebook, Twitter, and LinkedIn.
Preventing Credential Theft: A Security Checklist for Boards
Commentary  |  10/30/2017  | 
Board members pose a unique risk for business, but proper planning helps.
Why Patching Software Is Hard: Organizational Challenges
Commentary  |  10/25/2017  | 
The Equifax breach shows how large companies can stumble when it comes to patching. Organizational problems can prevent best practices from being enforced.
Security Training & Awareness: 3 Big Myths
Commentary  |  10/23/2017  | 
The once-overwhelming consensus that security awareness programs are invaluable is increasingly up for debate.
How to Talk to the C-Suite about Malware Trends
Commentary  |  10/20/2017  | 
There is no simple answer to the question 'Are we protected against the latest brand-name malware attack?' But there is a smart one.
Game Change: Meet the Mach37 Fall Startups
Slideshows  |  10/18/2017  | 
CEOs describe how they think their fledgling ventures will revolutionize user training, privacy, identity management and embedded system security.
InfoSec Pros Among Worst Offenders of Employer Snooping
News  |  10/17/2017  | 
A majority of IT security professionals admit to trolling through company information unrelated to their work -- even sensitive material.
Why Security Leaders Can't Afford to Be Just 'Left-Brained'
Commentary  |  10/17/2017  | 
The left side of the brain is logical and linear; the right side, creative. You have to use both sides of the brain to connect to your audience in your business.
GDPR Compliance: 5 Early Steps to Get Laggards Going
Slideshows  |  10/16/2017  | 
If you're just getting on the EU General Data Protection Regulation bandwagon, here's where you should begin.
20 Questions to Ask Yourself before Giving a Security Conference Talk
Commentary  |  10/16/2017  | 
As cybersecurity continues to become more of a mainstream concern, those of us who speak at industry events must learn how to truly connect with our audience.
Page 1 / 2   >   >>


13 Russians Indicted for Massive Operation to Sway US Election
Kelly Sheridan, Associate Editor, Dark Reading,  2/16/2018
One in Three SOC Analysts Now Job-Hunting
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/12/2018
Encrypted Attacks Continue to Dog Perimeter Defenses
Ericka Chickowski, Contributing Writer, Dark Reading,  2/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: One agent too many was installed on Bob's desktop.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.