Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Careers & People
Page 1 / 2   >   >>
Design, Security, Tech Is the New Stack You Should Be Building
Commentary  |  3/3/2021  | 
Instead of different departments managing information systems, Ally Financial has combined data, digitization, security, and design into a single "stack" of human resources.
Building a Next-Generation SOC Starts With Holistic Operations
Commentary  |  3/1/2021  | 
The proper template for a modernized SOC team is one that operates seamlessly across domains with a singular, end-to-end view.
Virginia Takes Different Tack Than California With Data Privacy Law
Commentary  |  2/18/2021  | 
Online businesses targeting Virginia consumers and have personal data of 100,000 consumers in the state must conform to the new statute.
Black History Month 2021: Time to Talk Diversity and Cybersecurity
Commentary  |  2/16/2021  | 
In an industry that consistently needs new ideas, it's essential to have individuals who think, speak, and act in diverse ways.
How to Submit a Column to Dark Reading
Commentary  |  2/15/2021  | 
Have a new idea, a lesson learned, or a call to action for your fellow cybersecurity professionals? Here's how to submit your Commentary pieces to Dark Reading.
How Neurodiversity Can Strengthen Cybersecurity Defense
Commentary  |  2/9/2021  | 
Team members from different backgrounds, genders, ethnicities, and neurological abilities are best equipped to tackle today's security challenges.
Cartoon Caption Winner: Insider Threat
Commentary  |  2/8/2021  | 
And the winner of Dark Reading's January cartoon caption contest is ...
Many Cybersecurity Job Candidates Are Subpar, While On-the-Job Training Falls Short
News  |  1/27/2021  | 
With demand for skilled cybersecurity workers so high, is it really surprising that most companies are seeing fewer qualified applicants?
Virtual Pen-Testing Competition Tasks College Students With Running a Red Team Operation
News  |  1/13/2021  | 
Aimed at developing offensive cyber talent, last weekend's sixth annual Collegiate Penetration Testing Competition brought out some of the brightest from RIT and Stanford, among other universities.
How to Boost Executive Buy-In for Security Investments
Commentary  |  1/12/2021  | 
Linking security budgets to breach-protection outcomes helps executives balance spending against risk and earns CISOs greater respect in the C-suite.
Security Operations Struggle to Defend Value, Keep Workers
News  |  1/12/2021  | 
Companies continue to value security operations centers but the economics are increasingly challenging, with high analyst turnover and questions raised over return on investment.
Over-Sharer or Troublemaker? How to Identify Insider-Risk Personas
Commentary  |  1/12/2021  | 
It's past time to begin charting insider risk indicators that identify risky behavior and stop it in its tracks.
2021 Cybersecurity Predictions: The Intergalactic Battle Begins
Commentary  |  12/18/2020  | 
There's much in store for the future of cybersecurity, and the most interesting things aren't happening on Earth.
Black Hat Europe: Dark Reading Video News Desk Coverage
News  |  12/10/2020  | 
Coming to you from virtual backgrounds and beautifully curated bookcases around the world, Dark Reading brings you video interviews with the leading researchers speaking at this week's Black Hat Europe.
Security Incidents Are 'Tip of the Iceberg,' Says UK Security Official
News  |  12/9/2020  | 
Pete Cooper, deputy director of cyber defense for the UK Cabinet Office, emphasized the importance of security fundamentals, collaboration, and diversity in his Black Hat Europe keynote talk.
Gula Tech Foundation to Award $1M in Grants to Infosec Nonprofits
Quick Hits  |  12/8/2020  | 
The first Gula Tech Foundation competitive grant program will focus on increasing African American engagement in cybersecurity.
From FUD to Fix: Why the CISO-Vendor Partnership Needs to Change Now
Commentary  |  12/3/2020  | 
CISOs and their staffs are up against too many systems, screens, and alerts, with too few solutions to effectively address pain points.
Automated Pen Testing: Can It Replace Humans?
Commentary  |  12/2/2020  | 
These tools have come a long way, but are they far enough along to make human pen testers obsolete?
The Cybersecurity Skills Gap: It Doesn't Have to Be This Way
Commentary  |  12/1/2020  | 
Once it becomes clear that off-the-shelf experts aren't realistic at scale, cultivating entry-level talent emerges as the only long-term solution -- not just for a hiring organization but for the field as a whole.
Can't Afford a Full-time CISO? Try the Virtual Version
Commentary  |  12/1/2020  | 
A vCISO can align a company's information security program to business strategy and budgeting guidance to senior management.
2020 Cybersecurity Holiday Gift Guide for Kids
Slideshows  |  12/1/2020  | 
Grab some wrapping paper: These STEM toys and games are sure to spark creativity and hone coding and logic skills among a future generation of cybersecurity pros.
Failing Toward Zero: Why Your Security Needs to Fail to Get Better
Commentary  |  11/27/2020  | 
Each security incident should lead to a successive reduction in future incidences of the same type. Organizations that fail toward zero embrace failure and learn from their mistakes.
Why Security Awareness Training Should Be Backed by Security by Design
News  |  11/25/2020  | 
Cybersecurity training needs an overhaul, though the training itself is only one small part of how security teams can influence user behavior.
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
News  |  11/23/2020  | 
Companies should plan their future workforce model now, so they have time to implement the necessary tools, including cybersecurity and seamless remote access, a Forrester report says.
10 Undergraduate Security Degree Programs to Explore
Slideshows  |  11/23/2020  | 
Colleges and universities are ramping up cybersecurity education with a wider range of degree programs and more resources for students to build their infosec careers.
2021 Cybersecurity Spending: How to Maximize Value
Commentary  |  11/19/2020  | 
This is a pivotal moment for CISOs. As their influence increases, so does the pressure for them to make the right decisions.
Twitter Taps Mudge
Quick Hits  |  11/16/2020  | 
Noted security researcher Peiter Zatko joins the social network as head of security.
The Sameness of Every Day: How to Change Up Audit Fatigue
Commentary  |  11/13/2020  | 
And with more data compliance laws on the way, audit fatigue could be a real challenge for infosec professionals.
3 Tips For Successfully Running Tech Outside the IT Department
Commentary  |  11/11/2020  | 
When marketing opts for "extra-departmental IT," coordination and communication are required to keep things secured.
Overlooked Security Risks of the M&A Rebound
Commentary  |  11/10/2020  | 
Successful technology integration, post-merger, is tricky in any market, and never more so than with today's remote work environments and distributed IT infrastructure.
Digital Transformation Means Security Must Also Transform
Commentary  |  11/5/2020  | 
Being successful in this moment requires the ability to evolve in terms of team management, visibility, and crisis management.
Online Users Feel Safe, But Risky Behavior Abounds
News  |  11/5/2020  | 
New research also shows a divide between younger and older users in their security practices, including use of two-factor authentication and how often software updates are performed.
Public Safety & Cybersecurity Concerns Elevate Need for a Converged Approach
Commentary  |  10/30/2020  | 
As public and private spaces are opening up, the need for a converged approach to cybersecurity and physical security is essential, as is integration with health measures and tech.
SANS Launches New CyberStart Program for All High School Students
News  |  10/30/2020  | 
Free program lets students solve real-world security problems - and learn about cybersecurity.
How Healthcare Organizations Can Combat Ransomware
Commentary  |  10/29/2020  | 
The days of healthcare organizations relying solely on endpoint security software to stop attacks are over. Here are six ways that healthcare providers can fight the ever-present threat.
Breaking the Glass Ceiling: Tough for Women, Tougher for Women of Color
News  |  10/28/2020  | 
Security practitioners shed light on obstacles limiting career growth and the steps businesses can take to achieve their promises of a more diverse workforce.
5 Human Factors That Affect Secure Software Development
Commentary  |  10/27/2020  | 
With the move to remote work, it's especially important to understand how to support, discourage, and monitor conditions for development teams.
New Report Links Cybersecurity and Sustainability
Quick Hits  |  10/26/2020  | 
Some have also created the role of chief sustainability officer, according to Kaspersky.
FIRST Announces Cyber-Response Ethical Guidelines
Quick Hits  |  10/21/2020  | 
The 12 points seek to provide security professionals with advice on ethical behavior during incident response.
Dealing With Insider Threats in the Age of COVID
Commentary  |  10/21/2020  | 
Dangerous gray areas like new BYOD policies and shadow IT devices have increased, thanks to the rapid shift to remote working.
Are You One COVID-19 Test Away From a Cybersecurity Disaster?
Commentary  |  10/21/2020  | 
One cybersecurity failure can result in a successful ransomware attack or data breach that could cause tremendous damage. There's no need to panic, but neither is there time to ignore the issue.
Building the Human Firewall
Commentary  |  10/20/2020  | 
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?
Security Officers, Are Your Employees Practicing Good Habits from Home?
Commentary  |  10/12/2020  | 
Even if you can't see your employees in the office, they still need to be reminded that criminals are always trying to spot a weak link in the chain.
Why MSPs Are Hacker Targets, and What To Do About It
Commentary  |  10/9/2020  | 
Managed service providers are increasingly becoming the launching pad of choice for ransomware and other online malfeasance.
John McAfee Indicted on Tax Charges
Quick Hits  |  10/5/2020  | 
The indictment alleging tax evasion and failure to file returns was unsealed after his arrest in Spain.
'It Won't Happen to Me': Employee Apathy Prevails Despite Greater Cybersecurity Awareness
Commentary  |  10/1/2020  | 
To protect your organization from all emerging file-borne threats, the security and leadership teams must align to develop a streamlined approach to file security.
7 Non-Technical Skills Threat Analysts Should Master to Keep Their Jobs
Commentary  |  9/23/2020  | 
It's not just technical expertise and certifications that enable analysts to build long-term careers in cybersecurity.
Nearly 70% of IT & Security Pros Hone Their Cyber Skills Outside of Work
News  |  9/22/2020  | 
New research shows how security skills are lacking across multiple IT disciplines as well - including network engineers, sys admins, and cloud developers.
Time for CEOs to Stop Enabling China's Blatant IP Theft
Commentary  |  9/17/2020  | 
Protecting intellectual property in the name of US economic and national security should be part of every company's fiduciary duty.
Cybersecurity Bounces Back, but Talent Still Absent
Commentary  |  9/16/2020  | 
While the demand for cybersecurity talent rebounds, organizations will need to focus on cyber-enabled roles to fill immediate skills gaps.
Page 1 / 2   >   >>


News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-25252
PUBLISHED: 2021-03-03
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
CVE-2021-26813
PUBLISHED: 2021-03-03
markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time.
CVE-2021-27215
PUBLISHED: 2021-03-03
An issue was discovered in genua genugate before 9.0 Z p19, 9.1.x through 9.6.x before 9.6 p7, and 10.x before 10.1 p4. The Web Interfaces (Admin, Userweb, Sidechannel) can use different methods to perform the authentication of a user. A specific authentication method during login does not check the...
CVE-2021-3419
PUBLISHED: 2021-03-03
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2020-15937
PUBLISHED: 2021-03-03
An improper neutralization of input vulnerability in FortiGate version 6.2.x below 6.2.5 and 6.4.x below 6.4.1 may allow a remote attacker to perform a stored cross site scripting attack (XSS) via the IPS and WAF logs dashboard.