Careers & People

News & Commentary
95% of Organizations Have Cultural Issues Around Cybersecurity
Marc Wilczek, Digital Strategist & CIO AdvisorCommentary
Very few organizations have yet baked cybersecurity into their corporate DNA, research finds.
By Marc Wilczek Digital Strategist & CIO Advisor, 11/16/2018
Comment1 Comment  |  Read  |  Post a Comment
7 Free (or Cheap) Ways to Increase Your Cybersecurity Knowledge
Curtis Franklin Jr., Senior Editor at Dark Reading
Building cybersecurity skills is a must; paying a lot for the education is optional. Here are seven options for increasing knowledge without depleting a budget.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/15/2018
Comment1 Comment  |  Read  |  Post a Comment
Japan Cyber Minister Says He Has Never Used a Computer
Dark Reading Staff, Quick Hits
Yoshitaka Sakurada, who recently took on the role after a cabinet shuffling, says it's up to the government to deal with it.
By Dark Reading Staff , 11/15/2018
Comment1 Comment  |  Read  |  Post a Comment
Empathy: The Next Killer App for Cybersecurity?
Shay Colson, CISSP, Senior Manager, CyberClarity360Commentary
The toughest security problems involve people not technology. Here's how to motivate your frontline employees all the way from the service desk to the corner office.
By Shay Colson CISSP, Senior Manager, CyberClarity360, 11/13/2018
Comment2 comments  |  Read  |  Post a Comment
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark ReadingNews
Facebook and Synack create programs to educate vets and grow employment opportunities while shrinking the cybersecurity talent gap.
By Kelly Sheridan Staff Editor, Dark Reading, 11/12/2018
Comment3 comments  |  Read  |  Post a Comment
9 Traits of A Strong Infosec Resume
Kelly Sheridan, Staff Editor, Dark Reading
Security experts share insights on which skills and experiences are most helpful to job hunters looking for their next gig.
By Kelly Sheridan Staff Editor, Dark Reading, 10/31/2018
Comment1 Comment  |  Read  |  Post a Comment
Spooking the C-Suite: The Ephemeral Specter of Third-Party Cyber-Risk
Brandon Dobrec, Senior Product Manager,  LookingGlass Cyber SolutionsCommentary
Halloween movies are the perfect metaphor for breaking down today's scariest supplier breach tropes.
By Brandon Dobrec Senior Product Manager, LookingGlass Cyber Solutions, 10/31/2018
Comment5 comments  |  Read  |  Post a Comment
3 Keys to Reducing the Threat of Ransomware
Joe Merces, CEO at Cloud DaddyCommentary
Following these steps could mean the difference between an inconvenience and a multimillion-dollar IT system rebuild -- for the public and private sectors alike.
By Joe Merces CEO at Cloud Daddy, 10/26/2018
Comment9 comments  |  Read  |  Post a Comment
Good Times in Security Come When You Least Expect Them
Joshua Goldfarb, Co-founder & Chief Product Officer, IDRRA Commentary
Not every cybersecurity endeavor can have a huge impact. But a small percentage of your efforts can still produce results that blow you away.
By Joshua Goldfarb Co-founder & Chief Product Officer, IDRRA , 10/23/2018
Comment3 comments  |  Read  |  Post a Comment
2018 State of Cyber Workforce
Ericka Chickowski, Contributing Writer, Dark Reading
Let's start with this eye-opener: The cybersecurity profession is facing a shortfall of 3 million workers worldwide.
By Ericka Chickowski Contributing Writer, Dark Reading, 10/22/2018
Comment9 comments  |  Read  |  Post a Comment
(ISC) : Global Cybersecurity Workforce Short 3 Million People
Kelly Sheridan, Staff Editor, Dark ReadingNews
With the skills gap still wide, security leaders explain the challenges of hiring and retaining security experts.
By Kelly Sheridan Staff Editor, Dark Reading, 10/17/2018
Comment0 comments  |  Read  |  Post a Comment
4 Ways to Fight the Email Security Threat
Asaf Cidon, Vice President, Content Security Services, at Barracuda NetworksCommentary
It's time to reimagine employee training with fresh, more aggressive approaches that better treat email security as a fundamentally human problem.
By Asaf Cidon Vice President, Content Security Services, at Barracuda Networks, 10/15/2018
Comment2 comments  |  Read  |  Post a Comment
Most IT Security Pros Want to Change Jobs
Dark Reading Staff, Quick Hits
They cite five main reasons for wanting to move on and what it would take to retain them.
By Dark Reading Staff , 10/12/2018
Comment2 comments  |  Read  |  Post a Comment
Meet 5 Women Shaping Microsoft's Security Strategy
Kelly Sheridan, Staff Editor, Dark Reading
Profiles of some of the women currently leading Microsoft security operations - and their efforts to drive inclusivity.
By Kelly Sheridan Staff Editor, Dark Reading, 10/10/2018
Comment0 comments  |  Read  |  Post a Comment
Who Do You Trust? Parsing the Issues of Privacy, Transparency & Control
Richard Ford, Chief Scientist, ForcepointCommentary
Technology such as Apple's device trust score that decides "you" is not you is a good thing. But only if it works well.
By Richard Ford Chief Scientist, Forcepoint, 10/5/2018
Comment0 comments  |  Read  |  Post a Comment
CISOs: How to Answer the 5 Questions Boards Will Ask You
John Hellickson, Vice President, Advisory Services, at Kudelski Security, Inc.Commentary
As boards learn the importance of cybersecurity, certain issues arise on a regular basis. These tips can help you address them.
By John Hellickson Vice President, Advisory Services, at Kudelski Security, Inc., 10/2/2018
Comment1 Comment  |  Read  |  Post a Comment
The Right Diagnosis: A Cybersecurity Perspective
Joshua Goldfarb, Co-founder & Chief Product Officer, IDRRA Commentary
A healthy body and a healthy security organization have a lot more in common than most people think.
By Joshua Goldfarb Co-founder & Chief Product Officer, IDRRA , 10/1/2018
Comment0 comments  |  Read  |  Post a Comment
4 Traits of a Cyber-Resilient Culture
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Companies with a solid track record of cybersecurity share these practices and characteristics.
By Ericka Chickowski Contributing Writer, Dark Reading, 9/28/2018
Comment1 Comment  |  Read  |  Post a Comment
How Data Security Improves When You Engage Employees in the Process
Robert E. Crossler, Assistant Professor of Information Systems, Washington State UniversityCommentary
When it comes to protecting information, we can all do better. But encouraging a can-do attitude goes a long way toward discouraging users' risky behaviors.
By Robert E. Crossler Assistant Professor of Information Systems, Washington State University, 9/28/2018
Comment6 comments  |  Read  |  Post a Comment
Managing Data the Way We Manage Money
Dave Sikora, CEO, ALTRCommentary
In the data-driven enterprise, myriad types of data have become a new form and flow of currency. Why, then, hasn't the CISO achieved parity with the CFO?
By Dave Sikora CEO, ALTR, 9/27/2018
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
Empathy: The Next Killer App for Cybersecurity?
Shay Colson, CISSP, Senior Manager, CyberClarity360,  11/13/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15769
PUBLISHED: 2018-11-16
RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients during the handshake when a very large prime value is...
CVE-2018-18955
PUBLISHED: 2018-11-16
In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace can bypass access controls on resour...
CVE-2018-19311
PUBLISHED: 2018-11-16
Centreon 3.4.x allows XSS via the Service field to the main.php?p=20201 URI, as demonstrated by the "Monitoring > Status Details > Services" screen.
CVE-2018-19312
PUBLISHED: 2018-11-16
Centreon 3.4.x allows SQL Injection via the searchVM parameter to the main.php?p=20408 URI.
CVE-2018-19318
PUBLISHED: 2018-11-16
SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=manager&a=update to change the username and password of the super administrator account.