Advertise

Careers & People

7/16/2015
03:15 PM

Ericka Chickowski
Slideshows

Connect Directly

1 Comment
Comment Now

100%

10 Trends In Infosec Careers And Staffing

Employment stable for job-seekers, but staffing gaps persist for employers who need better security teams to counter threats

1 of 11

Source: State of Cybesecurity: Implications for 2015 ISACA/RSA Conference Survey

This week the folks of Black Hat released the results of a survey of previous conference attendees to get the pulse of the security community on a number of fronts. Particularly illuminating were several of the answers to career-related questions. Most security pros surveyed reported that they're stable in the positions they're at and that they could definitely use more help in the way of increased staffing at their firms. It's a reflection of the overall infosec job market, where employers struggle to find enough qualified candidates and opportunities abound for the right candidates. We've put together the results from the Black Hat survey, along with a few other relevant studies out this year, to get a good picture of the market.

[Register now for Black Hat USA.]

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading. View Full Bio

1 of 11

Comment |

Email This |

Print |

RSS

More Insights

Webcasts

End Phishing

Continuous Security Validation for Banking, Financial Services and Insurance

More Webcasts

White Papers

The case for connected application

Gartner's 2018 Market Guide for Managed Detection and Response Services

More White Papers

Reports

2018 State of the Cloud Report

How Enterprises Are Attacking the IT Security Problem

More Reports

Comments

Newest First | Oldest First | Threaded View

[close this box]

100%

bizdoc,
User Rank: Apprentice
7/19/2015 | 5:37:40 PM

Career Planning/Personal Branding

Anyone needing help developing their career/personal brand should get: Personal Brand Planning for life, available on Amazon.

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms

Kelly Jackson Higgins, Executive Editor at Dark Reading, 8/14/2018

Intel Reveals New Spectre-Like Vulnerability

Curtis Franklin Jr., Senior Editor at Dark Reading, 8/15/2018

Australian Teen Hacked Apple Network

Dark Reading Staff 8/17/2018

Live Events

Webinars

More UBM Tech
Live Events

INsecurity Conference - An Event Like No Other

Black Hat Trainings - October 22 & 23

Are You Looking to Learn About New Cybersecurity Threats & Challenges? Then INsecurity Is For You!

White Papers

The case for connected application

Burnt by a SIEM

Gartner's 2018 Market Guide for Managed Detection and Response Services

Essential Guide - Blocking Malware Without a SOC

The Fileless Attack Checklist

More White Papers

Video

All Videos

Cartoon

Latest Comment: -- John Klossner's latest cartoon!

Cartoon Archive

Current Issue

The Biggest Cybersecurity Breaches of 2018 (So Far)

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Surviving the IT Security Skills Shortage

Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!

Download Now!

[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem

0 comments

New Best Practices for Secure App Development

0 comments

Dark Reading Strategic Security Report: The Impact of Enterprise Data Breaches

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2011-2765
PUBLISHED: 2018-08-20

pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks.

CVE-2018-15594
PUBLISHED: 2018-08-20

arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.

CVE-2018-15572
PUBLISHED: 2018-08-20

The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.

CVE-2018-15573
PUBLISHED: 2018-08-20

** DISPUTED ** An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web interface to read and write data to any file on disk (as long as rlm.exe has access to it) via /goform/edit_lf_process with file content in the lfdata parameter and a pathname in the lf...

CVE-2018-15574
PUBLISHED: 2018-08-20

** DISPUTED ** An issue was discovered in the license editor in Reprise License Manager (RLM) through 12.2BL2. It is a cross-site scripting vulnerability in the /goform/edit_lf_get_data lf parameter via GET or POST. NOTE: the vendor has stated "We do not consider this a vulnerability."

Terms of Service
Privacy Statement
Legal Entities