News & Commentary
Latest Content tagged with Careers & People
|
The 7 Habits of Highly Effective Security Teams
Security requires smart people, processes, and technology. Too often, the "people" portion of the PPT equation is neglected.
Russian National Extradited for 2014 JP Morgan Hack
Andrei Tyurin was arrested for his involvement in a hacking campaign targeting US financial institutions, financial news publishers, brokerage firm, and other companies.
DevOps Demystified: A Primer for Security Practitioners
Key starting points for those still struggling to understand the concept.
Mozilla Taps Former Google Exec as it Rethinks Privacy
News of the recent hire closely follows Mozilla's decision to block trackers in its Firefox browser by default.
Why Automation Will Free Security Pros to Do What They Do Best
There are three reasons today's security talent pool is neither scalable nor effective in addressing the rapid evolution of cyberattacks.
Lessons From the Black Hat USA NOC
The conference's temporary network operations center provides a snapshot of what is possible when a variety of professionals work together.
4 Benefits of a World with Less Privacy
The privacy issue is a problem for a lot of people. I see it differently.
Why CISOs Should Make Friends With Their CMOs
A partnership between IT security and marketing could offer many benefits to each group — and to the entire enterprise.
How to Gauge the Effectiveness of Security Awareness Programs
If you spend $10,000 on an awareness program and expect it to completely stop tens of millions of dollars in losses, you are a fool. If $10,000 prevents $100,000 in loss, that's a 10-fold ROI.
Proving ROI: How a Security Road Map Can Sway the C-Suite
When executives are constantly trying to cut the fat, CISOs need to develop a flexible structure to improve baseline assessments and target goals, tactics, and capabilities. Here's how.
Data Privacy Careers Are Helping to Close the IT Gender Gap
There are three main reasons why the field has been more welcoming for women. Can other tech areas step up?
Make a Wish: Dark Reading Caption Contest Winners
Certification, endpoint security, 2FA, phishing, and PII were among the themes and puns offered by readers in our latest cartoon caption competition. And the winners are ...
Overcoming 'Security as a Silo' with Orchestration and Automation
When teams work in silos, the result is friction and miscommunication. Automation changes that.
The Data Security Landscape Is Shifting: Is Your Company Prepared?
New ways to steal your data (and profits) keep cropping up. These best practices can help keep your organization safer.
Dark Reading News Desk Live at Black Hat USA 2018
Watch here Wednesday and Thursday, 2 p.m. - 6 p.m. ET to see over 40 live video interviews straight from the Black Hat USA conference in Las Vegas.
Shadow IT: Every Company's 3 Hidden Security Risks
Companies can squash the proliferation of shadow IT if they listen to employees, create transparent guidelines, and encourage an open discussion about the balance between security and productivity.
IT Managers: Are You Keeping Up with Social-Engineering Attacks?
Increasingly sophisticated threats require a mix of people, processes, and technology safeguards.
Power Grid Security: How Safe Are We?
Experiencing a power outage? It could have been caused by a hacker … or just a squirrel chewing through some equipment. And that's a problem.
How GDPR Could Turn Privileged Insiders into Bribery Targets
Regulatory penalties that exceed the cost of an extortion payout may lead to a new form of ransomware. These four steps can keep you from falling into that trap.
10 More Women in Security You May Not Know But Should
The second installment in a series highlighting women who are driving change in cybersecurity but may not be on your radar – yet.
University of Phoenix Poll: 20% of US Adults Have Considered Infosec Careers
Many respondents could enter the field by leveraging skills they already have.
The Good & Bad News About Today's Cybersecurity Investment Landscape
Lots of things keep CISOs up at night. But instead of guessing what CISOs want, investors and vendors should incorporate customer feedback throughout product ideation and development cycles.
How 'Projection' Slows Down the Path to Security Maturity
A little bit of self-awareness goes a long way when it comes to evaluating a company's security maturity level. It's also a prerequisite to improving.
Why Security Startups Fly – And Why They Crash
What makes startups stand out in a market flooded with thousands of vendors? Funding experts and former founders share their thoughts.
The Fundamental Flaw in Security Awareness Programs
It's a ridiculous business decision to rely on the discretion of a minimally trained user to thwart a highly skilled sociopath, financially motivated criminal, or nation-state.
SOCs Use Automation to Compensate for Training, Technology Issues
Executives and front-line SOC teams see human and technology issues in much different ways, according to two new reports.
What's Cooking With Caleb Sima
Security Pro File: Web app security pioneer dishes on his teenage security career, his love of electric scooters, Ace Ventura – and a new baby food business venture with his wife and famed chef, Kathy Fang.
Lessons from My Strange Journey into InfoSec
Establishing an entrée into the security world can be a maddeningly slow process. For those of us already here, it can be an opportunity to help others.
New Cyber Center Opens at Augusta University in Georgia
University partners with state on $100 million Georgia Cyber Center for cybersecurity education and research.
WEF: 217 More Years Until Women and Men Reach Economic Equality
Progress toward economic parity is in reverse for the first time since 2006, but cybersecurity can help change the game.
4 Basic Principles to Help Keep Hackers Out
The most effective hackers keep things simple, something organizations must take into account.
6 Drivers of Mental and Emotional Stress in Infosec
Pressure comes in many forms but often with the same end result: stress and burnout within the security community.
There's No Automating Your Way Out of Security Hiring Woes
Call it the paradox of cybersecurity automation: It makes your staff more productive but takes more quality experts to make it work.
The 3 R's for Surviving the Security Skills Shortage
How to recruit, retrain, and retain with creativity and discipline.
First Women-Led Cybersecurity Venture Capital Firm Launches
Chenxi Wang, former Forrester VP of research and Twistlock executive, heads up Rain Capital, with the intent to also help build new startups.
Intel Names Window Snyder as Chief Software Security Officer
The microprocessor giant hires security veteran credited with leading both Microsoft's and Apple's security advancements.
Cisco CPO: Privacy Is Not About Secrecy or Compliance
Michelle Dennedy sat down with Dark Reading at the recent Cisco Live event to set the record straight about privacy, regulation, encryption, and more.
3 Tips for Driving User Buy-in to Security Policies
Teaching users why it's important to commit to security controls is a far more effective strategy than simply demanding that they follow them. Here's how.
Demystifying Mental Health in the Infosec Community
Security experts talk about burnout, diversity, mental health, and legal issues in a new Community track at Black Hat USA.
LeBron vs. Steph: The NBA Version of Cyber Defense vs. Cyberattacks
It takes an aggressive, swarming approach to overcome the most dangerous threats today.
Why CISOs Need a Security Reality Check
We deserve a seat at the executive table, and we'll be much better at our jobs once we take it.
6 Ways Greed Has a Negative Effect on Cybersecurity
How the security industry can both make money and stay true to its core values, and why that matters.
Threat Landscape: Dark Reading Caption Contest Winners
Insider threats -- desktop attacks, security awareness, caffeine -- all worthy contenders in our cartoon caption competition. And the winners are ...
Dark Reading Launches Second INsecurity Conference
To be held in Chicago Oct. 23-25, defense-focused conference will feature closed-door discussions, co-resident Black Hat Training sessions
Facebook Must Patch 2 Billion Human Vulnerabilities; How You Can Patch Yours
The situation Facebook is in should be prompting all security teams to evaluate just how defenseless or protected the people in their organizations are.
Machine Learning, Artificial Intelligence & the Future of Cybersecurity
The ability to learn gives security-focused AI and ML apps unrivaled speed and accuracy over their more basic, automated predecessors. But they are not a silver bullet. Yet.
Getting Revolutionary (Not Evolutionary) about Cybersecurity
Being a security revolutionary isn't purely about new, ground-breaking ideas. It's about anticipating, outpacing, and influencing your world, both internally and externally. Here are five keys to success.
How to Empower Today's 'cISOs'
Although many security leaders have a C in their title, not all are true capital-C "Chiefs." Here are three ways to live up to the job description.
Bridging the Cybersecurity Talent Gap
There's no one surefire way of fixing the problem, which endangers everyone's security. There are, however, several options we should try.
|
White Papers
Video
0 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
How Data Breaches Affect the Enterprise
This report, offers new data on the frequency of data breaches, the losses they cause, and the steps that organizations are taking to prevent them in the future. Read the report today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2017-3912
PUBLISHED: 2018-09-18
PUBLISHED: 2018-09-18
PUBLISHED: 2018-09-18
PUBLISHED: 2018-09-18
PUBLISHED: 2018-09-18
From DHS/US-CERT's National Vulnerability Database CVE-2017-3912
PUBLISHED: 2018-09-18
Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility.
CVE-2018-6690PUBLISHED: 2018-09-18
Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system.
CVE-2018-6693PUBLISHED: 2018-09-18
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege escal...
CVE-2018-16515PUBLISHED: 2018-09-18
Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation.
CVE-2018-16794PUBLISHED: 2018-09-18
Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the txtBoxEmail parameter in /adfs/ls.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This