Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Careers & People

News & Commentary
How Security Vendors Can Address the Cybersecurity Talent Shortage
Rob Rashotte, VP of Global Training and Technical Field Enablement at FortinetCommentary
The talent gap is too large for any one sector, and cybersecurity vendors have a big role to play in helping to close it.
By Rob Rashotte VP of Global Training and Technical Field Enablement at Fortinet, 5/24/2019
Comment4 comments  |  Read  |  Post a Comment
Researcher Publishes Four Zero-Day Exploits in Three Days
Robert Lemos, Contributing WriterNews
The exploits for local privilege escalation vulnerabilities in Windows could be integrated into malware before Microsoft gets a chance to fix the issues.
By Robert Lemos Contributing Writer, 5/23/2019
Comment0 comments  |  Read  |  Post a Comment
Proving the Value of Security Awareness with Metrics that 'Deserve More'
Ira Winkler, CISSP, President, Secure MentemCommentary
Without metrics that matter to the business, awareness programs will continue to be the bastard child of security.
By Ira Winkler CISSP, President, Secure Mentem, 5/22/2019
Comment0 comments  |  Read  |  Post a Comment
To Narrow the Cyber Skills Gap with Attackers, Cut the Red Tape
James Hadley, CEO at Immersive LabsCommentary
Attackers are getting further ahead, and entrenched corporate rules shoulder much of the blame.
By James Hadley CEO at Immersive Labs, 5/21/2019
Comment2 comments  |  Read  |  Post a Comment
Killer SecOps Skills: Soft Is the New Hard
Edy Almer, VP Product, CyberbitCommentary
The sooner we give mindsets and tool sets equal bearing, the better. We must put SOC team members through rigorous training for emergency situations.
By Edy Almer VP Product, Cyberbit, 5/20/2019
Comment0 comments  |  Read  |  Post a Comment
Black Hat Q&A: Bruce Schneier Calls For Public-Interest Technologists
Black Hat Staff,  News
Ahead of his 2019 Black Hat USA talk, cybersecurity luminary Bruce Schneier explains why its so important for tech experts to be actively involved in setting public policy.
By Alex Wawro, Special to Dark Reading , 5/20/2019
Comment0 comments  |  Read  |  Post a Comment
The Data Problem in Security
Julian Waits, GM Cyber Security Business Unit, Devo TechnologyCommentary
CISOs must consider reputation, resiliency, and regulatory impact to establish their organization's guidelines around what data matters most.
By Julian Waits GM Cyber Security Business Unit, Devo Technology, 5/16/2019
Comment0 comments  |  Read  |  Post a Comment
Cyber Workforce Exec Order: Right Question, Wrong Answer
Ryan Shaw, Co-Founder, BionicCommentary
Shuffling resources, adding administrative process, and creating a competition and incentive system will do little to grow and mature the talent we need to meet the cybersecurity challenges we face.
By Ryan Shaw Co-Founder, Bionic, 5/16/2019
Comment0 comments  |  Read  |  Post a Comment
Resolution Requires Cybersecurity Training for Members of Congress
Dark Reading Staff, Quick Hits
A bipartisan resolution would mandate IT and cybersecurity training for all members of Congress, their staff, and employees.
By Dark Reading Staff , 5/14/2019
Comment0 comments  |  Read  |  Post a Comment
Missing in Action: Cybersecurity Professionals
Andrea Fumagalli, Vice President of Engineering, DFLabsCommentary
Just as every organization security team's needs are unique, so are the reasons for the shortage of candidates for open positions. Here are five strategies to help you close the gap.
By Andrea Fumagalli Vice President of Engineering, DFLabs, 5/14/2019
Comment0 comments  |  Read  |  Post a Comment
Why AI Will Create Far More Jobs Than It Replaces
John DiLullo, CEO, LastlineCommentary
Just as spreadsheets and personal computers created a job boom in the '70s, so too will artificial intelligence spur security analysts' ability to defend against advanced threats.
By John DiLullo CEO, Lastline, 5/14/2019
Comment2 comments  |  Read  |  Post a Comment
How the Skills Gap Strains and Constrains Security Pros
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
New ISSA/ESG survey underscores increasing pressures and security fallout of a strapped security team.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/9/2019
Comment1 Comment  |  Read  |  Post a Comment
New Initiative Aims to Fast-Track Women into Cybersecurity Careers
Dark Reading Staff, Quick Hits
'100 Women in 100 Days' is a career development program made possible by a $160,000 gift from Craig Newmark Philanthropies.
By Dark Reading Staff , 5/9/2019
Comment8 comments  |  Read  |  Post a Comment
How to Close the Critical Cybersecurity Talent Gap
Tom Weithman, Managing Director at CIT GAP Funds & Chief Investment Officer at MACH37Commentary
If we don't change our ways, the gap will keep getting worse. Outside-the-box thinking and new techniques are required, and here are a few ways to get started.
By Tom Weithman Managing Director at CIT GAP Funds & Chief Investment Officer at MACH37, 5/9/2019
Comment2 comments  |  Read  |  Post a Comment
The Fine Line of Feedback: 6 Tips for Talking to Security Pros
Joshua Goldfarb, Independent ConsultantCommentary
Feedback is a two-way street in terms of giving, receiving, and knowing how to give and receive.
By Joshua Goldfarb Independent Consultant, 5/8/2019
Comment0 comments  |  Read  |  Post a Comment
Trust the Stack, Not the People
John De Santis, CEO, HyTrustCommentary
A completely trusted stack lets the enterprise be confident that apps and data are treated and protected wherever they are.
By John De Santis CEO, HyTrust, 5/6/2019
Comment0 comments  |  Read  |  Post a Comment
New Executive Order Aims to Grow Federal Cybersecurity Staff
Dark Reading Staff, Quick Hits
The EO outlines a 'rotational assignment program' intended to help security practitioners develop their skills.
By Dark Reading Staff , 5/3/2019
Comment0 comments  |  Read  |  Post a Comment
How Storytelling Can Help Keep Your Company Safe
Zack Schuler, Founder and CEO of NINJIOCommentary
Well-crafted narratives can help you win over users in the battle to develop a sustainable cybersecurity culture.
By Zack Schuler Founder and CEO of NINJIO, 5/3/2019
Comment0 comments  |  Read  |  Post a Comment
World Password Day or Groundhog Day?
Stephen Cox, VP & CSA, SecureAuthCommentary
Despite decades trying to fortify our passwords with bolt-on solutions, attackers have always found ways to defeat them. Here are four reasons why.
By Stephen Cox VP & CSA, SecureAuth, 5/2/2019
Comment3 comments  |  Read  |  Post a Comment
8 Personality Traits for Cybersecurity
Dark Reading Staff, Quick Hits
Personality assessment firm Hogan Assessments lists top characteristics for a 'successful' cybersecurity hire.
By Dark Reading Staff , 5/1/2019
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
How Security Vendors Can Address the Cybersecurity Talent Shortage
Rob Rashotte, VP of Global Training and Technical Field Enablement at Fortinet,  5/24/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7068
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7069
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7070
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7071
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2019-7072
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .