Tag: jobs
-
Cybersecurity Snapshot: Top Guidance for Improving AI Risk Management, Governance and Readiness
Tags: access, ai, api, attack, awareness, breach, business, ceo, cloud, compliance, computer, control, corporate, crime, cryptography, cyber, cybersecurity, data, data-breach, encryption, exploit, finance, framework, germany, google, governance, guide, hacking, ibm, identity, india, infrastructure, intelligence, jobs, law, leak, metric, microsoft, network, penetration-testing, privacy, risk, risk-management, scam, security-incident, skills, strategy, technology, threat, tool, training, vulnerability, vulnerability-managementMany organizations are playing catch-up in key AI security policy areas, such as usage governance, risk oversight, data protection, and staff training. In this Cybersecurity Snapshot special edition, we round up recent guidance on preparing for, managing and governing AI cyber risks. Key takeaways Most organizations’ AI adoption is dangerously outpacing their security strategies and…
-
Yubico bolsters APAC presence, touts device subscriptions
Yubico is moving beyond one-off product sales, hiring local teams in Singapore and pitching its subscription service to help enterprises secure employee access to corporate networks and applications First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366633872/Yubico-bolsters-its-APAC-presence-touts-device-subscriptions
-
How to Block North Korean IT Worker Scams in Remote Hiring
Attorney Jonathan Armstrong on Vetting Job Applicants, Red Flags and Compliance. North Korean operatives are using fake identities and remote job listings to bypass sanctions and infiltrate companies. But employers can avoid becoming unwitting accomplices, said legal expert Jonathan Armstrong, who advises firms to adopt stronger vetting practices and structured investigations. First seen on govinfosecurity.com…
-
Cyber scholarshipservice students say government has pulled rug on them, potentially burdening them with debt
Hiring freezes, budget cuts and more are raising questions about the future of CyberCorps. First seen on cyberscoop.com Jump to article: cyberscoop.com/cyber-scholarship-for-service-students-say-government-has-pulled-rug-on-them-potentially-burdening-them-with-debt/
-
Cyber scholarshipservice students say government has pulled rug on them, potentially burdening them with debt
Hiring freezes, budget cuts and more are raising questions about the future of CyberCorps. First seen on cyberscoop.com Jump to article: cyberscoop.com/cyber-scholarship-for-service-students-say-government-has-pulled-rug-on-them-potentially-burdening-them-with-debt/
-
Suspected Chinese snoops weaponize unpatched Windows flaw to spy on European diplomats
Expired security cert, real Brussels agenda, plus PlugX malware finish the job First seen on theregister.com Jump to article: www.theregister.com/2025/10/30/suspected_chinese_snoops_abuse_unpatched/
-
Suspected Chinese snoops weaponize unpatched Windows flaw to spy on European diplomats
Expired security cert, real Brussels agenda, plus PlugX malware finish the job First seen on theregister.com Jump to article: www.theregister.com/2025/10/30/suspected_chinese_snoops_abuse_unpatched/
-
Cybersecurity management for boards: Metrics that matter
Tags: ai, attack, automation, breach, business, cloud, compliance, control, cyber, cybersecurity, data-breach, deep-fake, detection, dora, finance, firewall, governance, insurance, jobs, metric, mitigation, nis-2, nist, phishing, ransomware, regulation, resilience, risk, scam, soc, threat, trainingWhy does this matter? Resilience aligns with your actual business goals: continuity, trust and long-term value. It reflects your appetite for risk and your ability to adapt. And with regulations like DORA and NIS2 pushing accountability higher up the ladder, your board is on the hook. Financial impact and continuity metrics: You can’t fight cyber…
-
Tips for CISOs switching between industries
Understand and demonstrate achieved results: Making the jump into a new industry isn’t about matching past job titles but about proving you can create impact in a new context. DiMarco says the key is to demonstrate relevance early.”When I pitch a candidate, I explain what they did, how they did it, and what their impact…
-
AI layoffs to backfire: Half quietly rehired at lower pay
Bosses banking on automation? 55% will regret those job cuts First seen on theregister.com Jump to article: www.theregister.com/2025/10/29/forrester_ai_rehiring/
-
Varonis Lays Off 5% of Staff, Stock Plunges as Renewals Drop
2nd Round of Layoffs Since 2022 Comes 2 Months After $150M Email Security Purchase. Varonis cut 5% of its workforce and saw its stock price nosedive after disclosing a sharp drop in renewal rates for its on-premise subscription business. The underperformance of the federal vertical caused a notable headwind for Varonis despite it accounting for…
-
New names surface for NSA director, other top jobs at spy agency
Officers from the Army and Air Force are under consideration to lead the NSA, and moves could be happening soon for other top jobs at the spy agency, sources tell Recorded Future News. First seen on therecord.media Jump to article: therecord.media/national-security-agency-vacancies-director-deputy-general-counsel
-
New names surface for NSA director, other top jobs at spy agency
Officers from the Army and Air Force are under consideration to lead the NSA, and moves could be happening soon for other top jobs at the spy agency, sources tell Recorded Future News. First seen on therecord.media Jump to article: therecord.media/national-security-agency-vacancies-director-deputy-general-counsel
-
Top 7 agentic AI use cases for cybersecurity
Tags: access, ai, attack, authentication, ceo, cyber, cybersecurity, data, detection, fraud, identity, infrastructure, jobs, mitigation, monitoring, office, phishing, resilience, risk, scam, service, soc, strategy, technology, threat, tool, vulnerability, zero-trust2. Security operations center support: Security operations centers (SOCs) are a great use case for agentic AI because they serve as the frontline for detecting and responding to threats, says Naresh Persaud, principal, cyber risk services, at Deloitte.With thousands of incidents to triage daily, SOCs are experiencing mounting alert fatigue. “Analysts can spend an average…
-
Top 7 agentic AI use cases for cybersecurity
Tags: access, ai, attack, authentication, ceo, cyber, cybersecurity, data, detection, fraud, identity, infrastructure, jobs, mitigation, monitoring, office, phishing, resilience, risk, scam, service, soc, strategy, technology, threat, tool, vulnerability, zero-trust2. Security operations center support: Security operations centers (SOCs) are a great use case for agentic AI because they serve as the frontline for detecting and responding to threats, says Naresh Persaud, principal, cyber risk services, at Deloitte.With thousands of incidents to triage daily, SOCs are experiencing mounting alert fatigue. “Analysts can spend an average…
-
North Korea’s BlueNoroff Expands Scope of Crypto Heists
Two campaigns targeting fintech execs and Web3 developers show the APT going cross-platform in financially motivated campaigns that use fake business collaboration and job recruitment lures. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/north-korea-bluenoroff-expands-crypto-heists
-
Is Your Google Workspace as Secure as You Think it is?
The New Reality for Lean Security TeamsIf you’re the first security or IT hire at a fast-growing startup, you’ve likely inherited a mandate that’s both simple and maddeningly complex: secure the business without slowing it down.Most organizations using Google Workspace start with an environment built for collaboration, not resilience. Shared drives, permissive settings, and constant…
-
Unternehmen und Security-Experten brauchen gemeinsame Grundlage bei der Personalrekrutierung
manage it sprach mit Casey Marks, Chief Operating Officer von ISC2, über den aktuellen 2025 Cybersecurity Hiring Trends Report [1]. Die Studie zeigt, wie Unternehmen weltweit ihre Cybersicherheits-Teams aufbauen und welche Herausforderungen und Chancen in der Cybersicherheitsbranche bestehen. Ich freue mich, dass wir heute nicht über Cybersicherheit aus technischer Sicht sprechen, sondern aus der… First…
-
âš¡ Weekly Recap: WSUS Exploited, LockBit 5.0 Returns, Telegram Backdoor, F5 Breach Widens
Security, trust, and stability, once the pillars of our digital world, are now the tools attackers turn against us. From stolen accounts to fake job offers, cybercriminals keep finding new ways to exploit both system flaws and human behavior.Each new breach proves a harsh truth: in cybersecurity, feeling safe can be far more dangerous than…
-
Data sovereignty proof: How to verify controls like ‘Project Texas’
“Verification regimes work best when they serve everyone’s interests. The reporting company wants a process that does not impose too many burdens or interrupt workflow while allowing it to demonstrate compliance. Oversight bodies want hard data that is difficult to fake and indicates adherence to the regime. Finally, these systems need to be simple enough…
-
Hundreds of People With ‘Top Secret’ Clearance Exposed by House Democrats’ Website
A database containing information on people who applied for jobs with Democrats in the US House of Representatives was left accessible on the open web. First seen on wired.com Jump to article: www.wired.com/story/hundreds-of-people-with-top-secret-clearance-exposed-by-house-democrats-website/
-
Data sovereignty proof: How to verify controls like ‘Project Texas’
“Verification regimes work best when they serve everyone’s interests. The reporting company wants a process that does not impose too many burdens or interrupt workflow while allowing it to demonstrate compliance. Oversight bodies want hard data that is difficult to fake and indicates adherence to the regime. Finally, these systems need to be simple enough…
-
North Korean Chollima Actors Added BeaverTail and OtterCookie to its Arsenal
Famous Chollima, a DPRK-aligned threat group, has evolved its arsenal, with BeaverTail and OtterCookie increasingly merging functionalities to steal credentials and cryptocurrency via deceptive job offers. A recent campaign involved a trojanized Node.js application distributed through a malicious NPM package, highlighting the group’s adaptation in delivery methods. In the campaign, Famous Chollima notes merged BeaverTail…
-
How CISA Layoffs Weaken Civilian Cyber Defense
Cyber teams need to get to work backfilling diminishing federal resources, according to Alexander Garcia-Tobar, who shares clear steps on a path forward for protecting enterprises with less CISA help. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/cisa-layoffs-weaken-civilian-cyber-defense
-
North Korean Hackers Lure Defense Engineers With Fake Jobs to Steal Drone Secrets
Threat actors with ties to North Korea have been attributed to a new wave of attacks targeting European companies active in the defense industry as part of a long-running campaign known as Operation Dream Job.”Some of these [companies’ are heavily involved in the unmanned aerial vehicle (UAV) sector, suggesting that the operation may be linked…
-
Why must CISOs slay a cyber dragon to earn business respect?
really prevents one, the board shrugs,” Levine says. CISOs “kind of normalize the idea that the company is constantly under attack. That is certainly true, but it makes it very difficult for the board to get worked up over preventing a single attack.” Moreover, this issue begs the question: Why should a security leader need…
-
Why must CISOs slay a cyber dragon to earn business respect?
really prevents one, the board shrugs,” Levine says. CISOs “kind of normalize the idea that the company is constantly under attack. That is certainly true, but it makes it very difficult for the board to get worked up over preventing a single attack.” Moreover, this issue begs the question: Why should a security leader need…