Tag: skills
-
Recruiting Innovations to Overcome the Cybersecurity Skills Gap
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/perspective/recruiting-innovations-to-overcome-the-cybersecurity-skills-gap
-
The Builder Strikes Back: How Security Teams Must Reclaim Their Engineering Edge
by
in SecurityNewsThe vendor dependency trap is crippling security teams. AI is democratizing building capabilities that were once vendor-exclusive. Develop these five critical skills now before your competitors do. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/the-builder-strikes-back-how-security-teams-must-reclaim-their-engineering-edge/
-
CISOs are taking on ever more responsibilities and functional roles has it gone too far?
by
in SecurityNews
Tags: ai, business, cio, ciso, cloud, compliance, computing, control, corporate, cyber, cybersecurity, data, defense, framework, fraud, governance, healthcare, infosec, intelligence, international, Internet, jobs, law, mitigation, nist, privacy, regulation, resilience, risk, risk-management, service, skills, software, supply-chain, technology, threatth century alongside technology and internet-enabled threats, morphing to meet the demands of the moment. But the position hasn’t just matured; in many cases it has expanded, taking on additional domains.”The CISO role has expanded significantly over the years as companies realize that information security has a unique picture of what is going on across…
-
11 hottest IT security certs for higher pay today
by
in SecurityNews
Tags: access, attack, automation, business, cloud, container, control, corporate, credentials, cyber, cybersecurity, data, defense, encryption, exploit, finance, fortinet, google, governance, incident response, infosec, intelligence, Internet, jobs, linux, malicious, malware, monitoring, network, penetration-testing, remote-code-execution, resilience, reverse-engineering, risk, risk-assessment, risk-management, skills, software, technology, threat, tool, training, vulnerability, windowsOffensive Security Certified Expert (OSCE): OffSec’s Offensive Security Certified Expert consists of three courses: Advanced Web Attacks and Exploitation, Advanced Evasion Techniques and Breaching Defenses, and Windows User Mode Exploit Development. The format for each course exam is the same: Candidates have 48 hours to compromise a given target using various techniques. No formal prerequisites exist for any of the…
-
Former Michigan football coach indicted in hacks of athlete databases of more than 100 colleges
by
in SecurityNewsFederal prosecutors said Matthew Weiss, a former assistant football coach at the University of Michigan, learned hacking skills to breach online databases, primarily targeting “female college athletes.” First seen on therecord.media Jump to article: therecord.media/former-michigan-football-assistant-coach-indicted-hacks-athletes
-
Wellbeing in the Cybersecurity Sector: A Call for Participation
by
in SecurityNewsCybersecurity has a wellbeing problem. One that we, at The IT Security Guru, won’t stop shouting about. We’ve all seen the stats: burnout runs rife throughout cybersecurity, there’s a retention issue, and a sizable skills gap. This, on top of the fact that threats are becoming more frequent in volume and more complex in make-up,…
-
Will Cisco’s Free Tech Training for 1.5M People Help Close EU’s Skills Gap?
by
in SecurityNewsCisco’s training through its Networking Academy will help “build a resilient and skilled workforce ready to meet Europe’s digital transformation and AI objectives.” First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisco-skills-tech-training-european-union/
-
Boards Challenged to Embrace Cybersecurity Oversight
by
in SecurityNewsIntegrating Cyber Risk into Business Risk Decisions Cybersecurity failures are now business risks that CEOs and Boards must own. The world of business owners, investors, and their representatives are collectively realizing the potentially catastrophic impacts of cybersecurity incidents if not incorporated into the strategic management of the most senior business leadership. Many regulatory bodies, insurance…
-
CIOs and CISOs take on NIS2: Key challenges, security opportunities
by
in SecurityNews
Tags: access, cio, ciso, compliance, cybersecurity, data, GDPR, group, healthcare, ISO-27001, jobs, monitoring, nis-2, office, organized, privacy, regulation, risk, skills, software, strategy, supply-chain, technology, trainingCompliance will be easier for some: There are CIOs and CISOs who have found NIS2 compliance relatively easy: those who have worked toward ISO/IEC 27001:2022 certification, whether they remained in the preparation phase or actually got certified.Those who have the certification report having found themselves with “80% of the work done”: the company is ready…
-
Hiring privacy experts is tough, here’s why
by
in SecurityNews
Tags: ai, business, ciso, compliance, cybersecurity, data, framework, jobs, privacy, resilience, skills, technology, trainingWhy it is difficult to hire privacy experts: Finding a highly skilled privacy professional can feel like chasing a unicorn, Kazi describes. “Yes, privacy is important, but they want somebody who’s a lawyer, an expert in technology, knowledgeable about user interface and user experience, and ideally, they know a lot about ethics and are an…
-
Generative AI red teaming: Tips and techniques for putting LLMs to the test
by
in SecurityNewsDefining objectives and scopeAssembling a teamThreat modelingAddressing the entire application stackDebriefing, post-engagement analysis, and continuous improvementGenerative AI red teaming complements traditional red teaming by focusing on the nuanced and complex aspects of AI-driven systems including accounting for new testing dimensions such as AI-specific threat modeling, model reconnaissance, prompt injection, guardrail bypass, and more. AI red-teaming…
-
EU’s Digital Transformation Push Includes Training for 1.5 Million
by
in SecurityNewsCisco has set an ambitious goal to train 1.5 million people across the European Union in digital skills by 2030. This Cisco Networking Academy initiative, which focuses on areas such as Artificial Intelligence (AI), cybersecurity, and data science, was unveiled at the European Commission’s Employment and Social Rights Forum in Brussels. The move aligns with…
-
UK Cybersecurity Weekly News Roundup 9 March 2025
by
in SecurityNews
Tags: android, attack, backdoor, breach, china, cloud, compliance, computer, cyber, cyberattack, cybercrime, cybersecurity, data, espionage, exploit, government, group, hacker, infrastructure, international, malware, microsoft, network, ransomware, regulation, resilience, service, skills, software, theft, update, vulnerabilityWelcome to this week’s edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond. Microsoft Engineer’s Transition to Cybersecurity Ankit Masrani, a 36-year-old software engineer, successfully transitioned into a cybersecurity role at Microsoft. With a background in IT and a Master’s degree in computer science, Masrani secured…
-
What Skills Does a QA Engineer Need in 2025? Your Guide to Software Quality Assurance Mastery
by
in SecurityNewsSoftware Quality Assurance (SQA) isn’t just about catching bugs”, it’s about guaranteeing flawless user experiences in a world where software powers everything from smart homes to…Read More First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2025/03/what-skills-does-a-qa-engineer-need-in-2025-your-guide-to-software-quality-assurance-mastery/
-
SIEM-Kaufratgeber
by
in SecurityNews
Tags: access, ai, api, business, cloud, compliance, container, cyberattack, data, detection, DSGVO, encryption, framework, HIPAA, infrastructure, least-privilege, mail, microsoft, mitre, ml, monitoring, open-source, saas, service, siem, skills, soar, software, threat, toolDie kontextuellen Daten, die SIEM-Lösungen liefern, sind eine grundlegende Komponente moderner Security-Stacks.Protokoll-Daten zu auditieren, zu überprüfen und zu managen, ist alles andere als eine glamouröse Aufgabe aber ein entscheidender Aspekt, um ein sicheres Unternehmensnetzwerk aufzubauen. Schließlich schaffen Event Logs oft eine sekundäre Angriffsfläche für Cyberkriminelle, die damit ihre Aktivitäten verschleiern wollen.Vorgängen wie diesen treten Netzwerksicherheitsexperten…
-
3 ‘must-have’ skills for leading a cybersecurity team in 2025
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/perspective/3-must-have-skills-for-leading-a-cybersecurity-team-in-2025
-
What CISOs need from the board: Mutual respect on expectations
by
in SecurityNews
Tags: business, ceo, ciso, compliance, control, cyber, cybersecurity, finance, framework, governance, metric, risk, risk-management, skills, strategy, technology, threat, update, vulnerabilityPart 500. While this legislation was groundbreaking for being very prescriptive in what cyber controls are required, there was in earlier drafts indications that each board should have suitably cyber-qualified members.Similar guidelines were established with the Australian Institute of Company Directors (AICD) drafting its Cyber Governance Principles, which were recently refreshed. The timing of this…
-
Strategic? Functional? Tactical? Which type of CISO are you?
by
in SecurityNews
Tags: breach, business, ceo, cisco, ciso, cloud, compliance, cybersecurity, finance, governance, group, guide, healthcare, infrastructure, jobs, risk, service, skills, startup, strategy, technology, trainingTransformational, as in program-builders or turnaround agents.Operational, often early-career CISOs who are closer to the technology and work at small-to-midsize companies where they still perform some technical duties.Compliance, that is, risk experts typically found in highly regulated industries.Steady-state CISOs, who, in opposition to the transformational type, keep everything on an even keel.Customer-facing CISOs, usually found…
-
Career Spotlight: Cloud Security Specialist
by
in SecurityNewsDemand for Cloud Security Skills Is Growing, Offering Good Pay and New Challenges Cloud services support a wide range of applications from finance to healthcare systems and have become prime targets for cybercriminals, making cloud security a major concern for cybersecurity organizations. The need to secure the cloud is driving demand for skilled cloud security…
-
Cybersecurity Talent Crisis: Future Defenders Rise to the Challenge in CTF Showdown
by
in SecurityNewsThe UK is facing a cybersecurity talent crisis, with nearly half (44%) of businesses struggling to find professionals equipped to combat the evolving cyber threat landscape, according to the UK Government’s Cyber Security Skills in the UK Labour Market 2024 report. In response, Check Point Software, a global leader in cybersecurity solutions, joined forces with…
-
Getting the Most Value out of the OSCP: Pre-Course Prep
by
in SecurityNews
Tags: access, antivirus, attack, compliance, control, credentials, cyber, cybersecurity, detection, exploit, finance, framework, guide, hacker, hacking, infosec, infrastructure, jobs, kali, linux, mandiant, metric, microsoft, mitre, network, organized, password, penetration-testing, PurpleTeam, RedTeam, risk, service, skills, software, tactics, technology, tool, training, vulnerability, windowsThe first post in a five-part practical guide series on maximizing the professional, educational, and financial value of the OffSec certification pursuit for a successful career in offensive cybersecurity consulting Disclaimer: All opinions expressed in this article are solely my own. I have reviewed the content to ensure compliance with OffSec’s copyright policies and agreements.…
-
Beyond the paycheck: What cybersecurity professionals really want
by
in SecurityNews
Tags: business, ceo, corporate, cyber, cybersecurity, data, india, jobs, regulation, risk, risk-management, service, skills, strategy, trainingInvest in skills and allow room for growth: Upskilling also remains a powerful retention tool. As Huber points out, Tenable invests in training entire teams on emerging technologies and capabilities, ensuring that employees feel equipped and valued.Similarly, KPMG has implemented targeted programs to support diversity and career progression within cybersecurity. The firm’s Cyber Women Leads…
-
Scotland’s Quorum Cyber Bringing AI, Microsoft Security Skills To The US
by
in SecurityNewsQuorum Cyber, a major Microsoft security solution provider, wants to bring its expertise to the U.S. from its Scotland home base. First seen on crn.com Jump to article: www.crn.com/news/security/2025/scotland-s-quorum-cyber-bringing-ai-microsoft-security-skills-to-the-us
-
British military drops basic training to fast track recruitment of ‘cyber warriors’
by
in SecurityNewsThe British government is dropping the traditional fitness and weapons training for specialist cyber military recruits in order to address a cyber skills shortage within His Majesty’s Armed Forces, including in its arm for offensive operations in the National Cyber Force. First seen on therecord.media Jump to article: therecord.media/british-military-drops-basic-training-to-fast-track-cyber-recruits
-
CISOs: Stop trying to do the lawyer’s job
by
in SecurityNews
Tags: breach, business, ciso, compliance, cybersecurity, data, email, finance, group, guide, incident response, international, jobs, law, privacy, RedTeam, risk, risk-management, security-incident, service, skills, strategy, technology, training, updateThere’s a joke that’s been floating around boardrooms for years: “What’s the difference between lawyers and engineers? Lawyers don’t think they’re engineers.”This light-hearted jab highlights a fundamental difference between the two professions. Engineers, and by extension CISOs, focus on building and fixing things, learning a wide array of skills, sometimes sticking their hands into technologies…
-
CIOs and CISOs grapple with DORA: Key challenges, compliance complexities
by
in SecurityNews
Tags: access, automation, banking, business, cio, ciso, communications, compliance, control, country, cyber, cybersecurity, data, dora, finance, framework, GDPR, governance, jobs, law, monitoring, network, nis-2, penetration-testing, privacy, regulation, resilience, risk, risk-management, service, skills, supply-chain, technology, threat, tool, training, vulnerabilityIn force since January, the Digital Operational Resilience Act (DORA) has required considerable effort from CIOs and CISOs at 20 types of financial entities to achieve compliance. For many, the journey is not complete.”In the past months, financial entities targeted by DORA have been busy internally defining roles and responsibilities related to ICT security, identifying…
-
Federal Cyber Workers Can Now Accept Trump Resignation Offer
by
in SecurityNewsCISO Buyout Offers, Industry-Wide Skills Shortage Raise Fears of Cybersecurity Gaps. The Cybersecurity and Infrastructure Security Agency has reversed an exemption for its staffers to participate in the administration’s “Fork in the Road” resignation program, as lawmakers and security experts warn of a growing cyber workforce shortage threatening U.S. national security. First seen on govinfosecurity.com…
-
Police arrest teenager suspected of hacking NATO and numerous Spanish institutions
by
in SecurityNewsSpain’s National Police, in a joint operation with the Civil Guard, has arrested an 18-year-old suspected of being the hacker going by aliases including “Natohub,” and known for hacking the computer services of private companies and Spanish institutions such as the Civil Guard, the Ministry of Defense, the National Mint, and the Ministry of Education,…