Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Careers & People
Page 1 / 2   >   >>
Organizations Still Struggle to Hire & Retain Infosec Employees: Report
News  |  8/5/2021  | 
Security leaders are challenged to fill application security and cloud computing jobs in particular, survey data shows.
New Normal Demands New Security Leadership Structure
News  |  8/2/2021  | 
At the inaugural Omdia Analyst Summit, experts discuss where the past year has created gaps in traditional security strategy and how organizations can fill them.
What to Look for in an Effective Threat Hunter
Commentary  |  7/15/2021  | 
The most important personality traits, skills, and certifications to look for when hiring a threat hunting team.
Did the Cybersecurity Workforce Gap Distract Us From the Leak?
Commentary  |  7/14/2021  | 
Cyber games can play a critical role in re-engaging our workforce and addressing the employee retention crisis.
Cartoon Caption Winner: Sight Unseen
Commentary  |  7/9/2021  | 
And the winner of Dark Reading's June contest is ...
8 Ways to Preserve Legal Privilege After a Cybersecurity Incident
Commentary  |  7/6/2021  | 
Knowing your legal distinctions can make defense easier should you end up in court after a breach, attack, or data loss.
WFH: A Smart Time to Revisit Employee Use of Social Media
Commentary  |  7/2/2021  | 
Employers have their hands full when it comes to monitoring online activities that could hurt the brand or violate the organization's core values.
WhiteHat Security Rebrands as NTT Application Security
Quick Hits  |  7/1/2021  | 
The name change follows NTT Security Corporation's acquisition of WhiteHat in 2019.
3 Things Every CISO Wishes You Understood
Commentary  |  6/30/2021  | 
Ensuring the CISO's voice is heard by the board will make security top of mind for the business, its employees, and their customers.
The Danger of Action Bias: Is It Always Better to Act Quickly?
News  |  6/28/2021  | 
Experts discuss the meaning of action bias and how it presents a threat to IT security leaders, practitioners, and users.
The Role of Encryption in Protecting LGBTQ+ Community Members
Commentary  |  6/28/2021  | 
The Internet is a vital tool that helps LGBTQ+ community members communicate without fear of persecution -- and strong encryption is a critical part of this equation.
School's Out for Summer, but Don't Close the Book on Cybersecurity Training
Commentary  |  6/25/2021  | 
Strengthening their security posture should be at the top of school IT departments' summer to-do list.
Boardroom Perspectives on Cybersecurity: What It Means for You
Commentary  |  6/24/2021  | 
Because board members are paying close attention to security, security leaders must be able to respond to and alleviate their concerns with data.
John McAfee, Creator of McAfee Antivirus Software, Dead at 75
Quick Hits  |  6/24/2021  | 
McAfee, who was being held in a Spanish jail on US tax-evasion charges, had learned on Monday he would be extradited to the US.
Survey Seeks to Learn How 2020 Changed Security
Quick Hits  |  6/23/2021  | 
Respondents to a new Dark Reading/Omdia survey will be entered into a drawing for a Black Hat Black Card.
Despite Heightened Cyber-Risks, Few Security Leaders Report to CEO
News  |  6/22/2021  | 
A new report suggests that top management at most companies still don't get security.
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Commentary  |  6/17/2021  | 
Consider four factors and behaviors that impact a particular employee's risk, and how security training should take them into account.
Name That Toon: Sight Unseen
Commentary  |  6/14/2021  | 
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
The Workforce Shortage in Cybersecurity Is a Myth
Commentary  |  6/10/2021  | 
What we really have is an automation-in-the-wrong-place problem.
New Security Event @Hack to Take Place in Saudi Arabia
Quick Hits  |  6/9/2021  | 
The Saudi Federation of Cybersecurity, Programming, and Drones (SAFCSP) and Informa Tech will launch a multi-day event in Riyadh this November.
With Cloud, CDO and CISO Concerns Are Equally Important
Commentary  |  6/9/2021  | 
Navigated properly, a melding of these complementary perspectives can help keep an organization more secure.
Cyber Athletes Compete to Form US Cyber Team
Commentary  |  6/7/2021  | 
Here's how security pros can showcase value to future employers: a field of friendly strife to measure their aptitude against competitors.
Modern SOCs a 'Painful' Challenge Amid Growing Complexity: Report
Quick Hits  |  5/28/2021  | 
A new study examines the tools and technologies driving investment and activities for security operations centers.
The Changing Face of Cybersecurity Awareness
Commentary  |  5/21/2021  | 
In the two decades since cybersecurity awareness programs emerged, they've been transformed from a good idea to a business imperative.
Dev-Sec Disconnect Undermines Secure Coding Efforts
News  |  5/20/2021  | 
Rather than continue to complain about each other, developers and security pros need to work together and celebrate their successes.
Cobalt Strike Becomes a Preferred Hacking Tool by Cybercrime, APT Groups
News  |  5/19/2021  | 
Incident response cases and research show how the red-team tool has become a become a go-to for attackers.
Name That Toon: Road Trip
Commentary  |  5/17/2021  | 
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
When AI Becomes the Hacker
News  |  5/13/2021  | 
Bruce Schneier explores the potential dangers of artificial intelligence (AI) systems gone rogue in society.
66% of CISOs Feel Unprepared for Cyberattacks
Quick Hits  |  5/12/2021  | 
More than half of CISOs surveyed are more concerned about a cyberattack in 2021 than in 2020, researchers report.
Gap Between Security and Networking Teams May Hinder Tech Projects
Quick Hits  |  5/5/2021  | 
Professionals in each field describe a poor working relationship between the two teams
Wanted: The (Elusive) Cybersecurity 'All-Star'
News  |  5/5/2021  | 
Separate workforce studies by (ISC) and ISACA point to the need for security departments to work with existing staff to identify needs and bring entry-level people into the field.
Dark Reading Celebrates 15th Anniversary
Commentary  |  5/3/2021  | 
Cybersecurity news site begins 16th year with plans to improve site, deliver more content on cyber threats and best practices.
Challenging Our Education System to Nurture the Cyber Pipeline
Commentary  |  4/27/2021  | 
Let's teach students how to teach themselves. Once we do that, we will have taught a generation of students how to think like hackers.
In Appreciation: Dan Kaminsky
News  |  4/26/2021  | 
Beloved security industry leader and researcher passes away unexpectedly at the age of 42.
KnowBe4 Issues IPO to Drive Global Expansion, New Automation Features
News  |  4/23/2021  | 
Security awareness firm aims expand into Europe and Asia, and add automation and machine learning to its technology.
Name That Toon: Greetings, Earthlings
Commentary  |  4/22/2021  | 
Caption time! Come up with something out of this world for Dark Reading's latest contest, and our panel of experts will reward the winner with a $25 Amazon gift card.
Dark Reading to Upgrade Site Design, Performance
Commentary  |  4/13/2021  | 
Improvements will make site content easier to navigate, faster, and more functional.
Biden Nominates Former NSA Officials for Top Cybersecurity Roles
News  |  4/12/2021  | 
President Biden has nominated Jen Easterly as the new director of CISA and is expected to nominate Chris Inglis as the first national cyber director.
Women Are Facing an Economic Crisis & the Cybersecurity Industry Can Help
Commentary  |  4/9/2021  | 
Investing in women's cybersecurity careers can bring enormous benefits and help undo some of the significant economic damage wrought by the pandemic.
Handcuffs Over AI: Solving Security Challenges With Law Enforcement
Commentary  |  4/8/2021  | 
We've tried everything else ... now it's time to make the prospect of getting caught -- and punished -- a real deterrent to cybercrime.
Cartoon Caption Winner: Something Seems Afoul
Commentary  |  4/7/2021  | 
And the winner of Dark Readings's March cartoon caption contest is ...
US Tech Dominance Rides on Securing Intellectual Property
Commentary  |  4/2/2021  | 
A recent, mostly overlooked pardon points to a big problem in the US tech industry: Intellectual property offers a lucrative golden ticket for insiders.
Solving the Leadership Buy-In Impasse With Data
Commentary  |  4/1/2021  | 
Justify your requirements with real numbers to get support for security investments.
Advice From Security Experts: How to Approach Security in the New Normal
Commentary  |  3/31/2021  | 
Here are the biggest lessons they've learned after a year of work from home, and how they advise their counterparts at organizations to proceed as a result of those lessons.
Data Bias in Machine Learning: Implications for Social Justice
Commentary  |  3/26/2021  | 
Take historically biased data, then add AI and ML to compound and exacerbate the problem.
Security Operations in the World We Live in Now
Commentary  |  3/25/2021  | 
Despite the challenges of remote work, security operations teams can position themselves well for the future.
The CIO's Shifting Role: Improving Security With Shared Responsibility
Commentary  |  3/25/2021  | 
CIOs must create a culture centered around cybersecurity that is easily visible and manageable.
CSA & ISACA Team Up on Cloud Auditing Certificate
News  |  3/22/2021  | 
The Certificate of Cloud Auditing Knowledge aims to fill a gap in the market for cloud IT auditing as more organizations work in cloud environments.
Qualys CEO Courtot Departs for Health Reasons
Quick Hits  |  3/22/2021  | 
The well-known security industry entrepreneur initially took a leave of absence in February.
Women's History Month: Making Mentorship Meaningful
Commentary  |  3/18/2021  | 
This month is a perfect opportunity for us to take a step back and think about what role we want to play as women in the technology sector.
Page 1 / 2   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-40690
PUBLISHED: 2021-09-19
All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract...
CVE-2021-41073
PUBLISHED: 2021-09-19
loop_rw_iter in fs/io_uring.c in the Linux kernel through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation.
CVE-2021-23441
PUBLISHED: 2021-09-19
All versions of package com.jsoniter:jsoniter are vulnerable to Deserialization of Untrusted Data via malicious JSON strings. This may lead to a Denial of Service, and in certain cases, code execution.
CVE-2021-41393
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations.
CVE-2021-41394
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows alteration of build artifacts in some situations.