Tag: skills

Police arrest teenager suspected of hacking NATO and numerous Spanish institutions

Feb 6, 2025 9:06 PM

Tags: access, attack, blockchain, breach, business, computer, crime, crimes, crypto, cybercrime, dark-web, data, defense, framework, hacker, hacking, international, leak, service, skills

Spain’s National Police, in a joint operation with the Civil Guard, has arrested an 18-year-old suspected of being the hacker going by aliases including “Natohub,” and known for hacking the computer services of private companies and Spanish institutions such as the Civil Guard, the Ministry of Defense, the National Mint, and the Ministry of Education,…
39% of IT leaders fear major incident due to excessive workloads

Feb 3, 2025 10:12 AM

Tags: access, attack, backup, breach, business, ceo, cio, ciso, control, crowdstrike, cyber, cyberattack, data, ddos, group, jobs, malicious, risk, siem, skills, tactics, threat, training, vulnerability, vulnerability-management

Enterprise security operations teams find themselves stretched thin and contending with an escalating cyber threat landscape today. Many are understaffed and underfunded, leaving CISOs on edge about the consequences for the enterprise, and their careers.A recent survey from Adaptavist about fallout from last summer’s CrowdStrike outage found that two out of five (39%) IT leaders…
NAO: UK government cyber resilience weak in face of mounting threats

Jan 29, 2025 10:39 PM

Tags: cyber, government, office, resilience, skills, threat

The National Audit Office has found UK government cyber resilience wanting, weakened by legacy IT and skills shortages, and facing mounting threats First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366618552/NAO-UK-government-cyber-resilience-weak-in-face-of-mounting-threats
Cross-post: Office of the CISO 2024 Year in Review: AI Trust and Security

Jan 29, 2025 4:36 PM

Tags: access, ai, application-security, attack, best-practice, business, ciso, cloud, compliance, computing, control, cybersecurity, data, detection, finance, framework, google, governance, guide, infrastructure, injection, intelligence, lessons-learned, malicious, microsoft, mitigation, monitoring, office, openai, penetration-testing, privacy, risk, risk-assessment, risk-management, skills, software, strategy, supply-chain, technology, theft, threat, tool, training, unauthorized, vulnerability

[written together with Marina Kaganovich, Executive Trust Lead, Office of the CISO @ Google Cloud; originally posted here] In 2024, we shared our insights on how to approach generative AI securely by exploring the fundamentals of this innovative technology, delving into key security terms, and examining the essential policies needed for AI governance. We also discussed…
Want to be an effective cybersecurity leader? Learn to excel at change management

Jan 29, 2025 8:37 AM

Tags: authentication, awareness, business, cio, ciso, cloud, compliance, corporate, cybersecurity, finance, fraud, group, guide, Hardware, identity, jobs, password, privacy, risk, risk-management, service, skills, software, strategy, technology, threat, vulnerability, zero-trust

If there’s one thing that’s inevitable in cybersecurity, it’s change. Ever-evolving technology requires new protections, threats seem to multiply and morph on a daily basis, and even the humblest pieces of software and hardware demand constant updating to stay secure.That work has been increasing as the importance, visibility, and impact of security initiatives have ramped…
5 ways boards can improve their cybersecurity governance

Jan 28, 2025 11:36 PM

Tags: attack, breach, business, ciso, cloud, cyber, cybersecurity, data, election, endpoint, finance, gartner, governance, government, group, identity, incident, india, infrastructure, jobs, middle-east, network, ransomware, regulation, risk, skills, technology, threat, training

As chairman of the board for Cinturion Group, Richard Marshall is intimately involved in ensuring the security of the fiber optic network his company is constructing from India through the Middle East and on to Europe.The monumental Trans Europe Asia System (TEAS) will be difficult enough to build given it will be buried beneath thousands…
US takes aim at healthcare cybersecurity with proposed HIPAA changes

Jan 28, 2025 10:03 AM

Tags: access, authentication, best-practice, breach, compliance, control, csf, cyber, cyberattack, cybersecurity, data, defense, detection, dora, encryption, finance, framework, government, group, healthcare, HIPAA, incident response, infrastructure, insurance, intelligence, jobs, law, malware, mfa, network, nist, penetration-testing, phishing, privacy, ransom, ransomware, regulation, resilience, risk, security-incident, service, skills, technology, threat, tool, update, usa, vulnerability, vulnerability-management

The US Department of Health and Human Services (HHS) has launched a consultation on stricter rules for the safeguarding of electronic health records.The proposed revamp of security rules covered by the Health Insurance Portability and Accountability Act (HIPAA) is designed to address the increased risk from cyberattacks such as ransomware against healthcare environments.The revamped rules…
The cybersecurity skills gap reality: We need to face the challenge of emerging tech

Jan 28, 2025 8:03 AM

Tags: access, ai, application-security, business, cio, ciso, cloud, computing, control, corporate, cybersecurity, data, jobs, risk, skills, technology, training

The cybersecurity skills shortage remains a controversial topic. Research from ISC2 states that the current global workforce of cybersecurity professionals stands at 5.5 million, but the workforce currently needs 10.2 million, a gap of 4.8 million people.Skeptics (and there are lots of them) say hogwash! They claim that these numbers are purely self-serving for ISC2,…
Cybersecurity needs women, and it needs to treat them better

Jan 27, 2025 8:03 AM

Tags: cio, ciso, computer, cyber, cyberattack, cybersecurity, data-breach, group, healthcare, jobs, service, skills, technology, training

The participation of women in cybersecurity is vital, a non-negotiable proposition. Forget any current handwringing over diversity and equity; it’s fundamental that the contribution of women to the profession has made cybersecurity better.The proverbial door was kicked open long ago for women, who have made major contributions to the development of information security. But it’s…
Automating endpoint management doesn’t mean ceding control

Jan 23, 2025 6:22 PM

Tags: ai, automation, business, compliance, control, cybersecurity, data, endpoint, governance, intelligence, ml, risk, security-incident, skills, threat, tool, vulnerability

Beset with cybersecurity risks, compliance regimes, and digital experience challenges, enterprises need to move toward autonomous endpoint management (AEM), the next evolution in endpoint management and security solutions. CSO’s Security Priorities Study 2024 reveals that 75% of security decision-makers say that understanding which security tools and solutions fit best within their company is becoming more complex. Many are…
Insights from Fortinet’s 2025 State of Cloud Security Report

Jan 23, 2025 3:22 PM

Tags: cloud, compliance, fortinet, skills

Fortinet’s Vincent Hwang on Addressing Security, Compliance Gaps. According to Fortinet’s 2025 State of Cloud Security Report, 76% of organizations have a shortage of cloud security expertise, compounding cloud adoption and security challenges. How should organizations address the skills gap? Vincent Hwang of Fortinet shares analysis and advice. First seen on govinfosecurity.com Jump to article:…
CISOs Dramatically Increase Boardroom Influence but Still Lack Soft Skills

Jan 23, 2025 2:22 PM

Tags: ceo, ciso, skills

Splunk reveals that 82% of CISOs now report directly to the CEO, but many lack EQ First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisos-increase-boardroom-influence/
10 top XDR tools and how to evaluate them

Jan 23, 2025 11:22 AM

Tags: ai, attack, automation, business, cloud, computing, container, corporate, credentials, data, defense, detection, edr, email, encryption, endpoint, finance, firewall, google, guide, Hardware, iam, ibm, identity, incident response, infrastructure, intelligence, malicious, malware, marketplace, microsoft, mitigation, network, office, okta, open-source, organized, risk, security-incident, service, siem, skills, soar, software, spam, technology, threat, tool, training, vulnerability, zero-day

Little in the modern IT world lends itself to manual or siloed management, and this is doubly true in the security realm. The scale of modern enterprise computing and modern application stack architecture requires security tools that can bring visibility into the security posture of modern IT components and integrate tightly to bring real-time threat…
25 on 2025: APAC security thought leaders share their predictions and aspirations

Jan 22, 2025 8:22 PM

Tags: access, advisory, ai, api, attack, authentication, awareness, best-practice, breach, business, ciso, cloud, compliance, control, cryptography, csf, cyber, cyberattack, cybercrime, cybersecurity, dark-web, data, data-breach, deep-fake, detection, disinformation, encryption, endpoint, exploit, extortion, finance, framework, fraud, government, group, hacking, Hardware, identity, incident, incident response, infrastructure, injection, intelligence, international, iot, malicious, malware, microsoft, monitoring, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, scam, service, skills, social-engineering, software, spear-phishing, strategy, supply-chain, tactics, technology, threat, tool, training, update, vulnerability, warfare, zero-trust

As threat actors and security teams harness the growing potential of artificial intelligence (AI), who will prevail? From generative AI (GenAI) to agentic AI, we look through the lens of 25 of Asia-Pacific’s thought leaders in security and dive into their predictions and goals for the year. src=”https://b2b-contenthub.com/wp-content/uploads/2025/01/Athikom.jpg?quality=50&strip=all” alt=”athikom” loading=”lazy” width=”400px”>Athikom Kanchanavibhu Chief Information Security…
Three Keys to Modernizing Data Security: DSPM, AI, and Encryption

Jan 21, 2025 10:22 PM

Tags: access, ai, automation, best-practice, business, cloud, compliance, container, control, cyber, cybercrime, data, data-breach, detection, encryption, GDPR, incident response, infrastructure, privacy, regulation, risk, saas, security-incident, skills, software, strategy, threat, tool, vulnerability

Three Keys to Modernizing Data Security: DSPM, AI, and Encryption andrew.gertz@t“¦ Tue, 01/21/2025 – 14:56 Organizations worldwide face a “perfect storm” of increasing and ever-evolving cyber threats. Internal and external factors are at play, elevating cyber risks and their consequences and mandating new approaches to safeguard data. A recent study based on responses from over…
Midsize firms universally behind in slog toward DORA compliance

Jan 20, 2025 8:22 AM

Tags: ai, business, ciso, compliance, cybersecurity, dora, finance, germany, insurance, intelligence, monitoring, resilience, risk, service, skills, technology, tool

Beginning Friday, Jan. 17, all EU financial institutions are now required to operate in compliance with the Digital Operational Resilience Act (DORA). The EU directive aims to increase cybersecurity in the financial industry. However, studies show that many companies are still struggling with implementation.According to a November 2024 survey from metafinanz, the average level of…
5 Things Government Agencies Need to Know About Zero Trust

Jan 15, 2025 6:02 PM

Tags: access, application-security, attack, best-practice, business, cloud, control, cyber, cybersecurity, data, gartner, government, identity, incident response, infrastructure, Internet, jobs, monitoring, network, nist, risk, skills, strategy, technology, update, vulnerability, vulnerability-management, zero-trust

Zero trust as a concept is simple to grasp. Implementing a zero trust architecture, on the other hand, is complex because it involves addressing a unique mix of process, procedure, technology and user education. Here are some considerations to keep in mind as you begin your journey. Draft guidance on implementing a zero trust architecture,…
The CFO may be the CISO’s most important business ally

Jan 15, 2025 11:02 AM

Tags: ai, business, cio, ciso, control, cyber, cybersecurity, data, finance, mitigation, network, phone, risk, skills, strategy, technology, threat

CISOs frequently encounter inherent conflicts with business colleagues in their day-to-day responsibilities. In many ways, this is the nature of setting security policies for an organization. But the goal for CISOs should be to reset this dynamic and forge a strong, collaborative alliance with their critical leadership counterparts.Take the CFO, for example. For many CISOs,…
WEF Report Reveals Growing Cyber Resilience Divide Between Public and Private Sectors

Jan 14, 2025 8:02 PM

Tags: cyber, cybersecurity, resilience, risk, skills

WEF’s Global Cybersecurity Outlook 2025 report highlights key challenges like the skills gap, third-party risks, and resilience disparities between businesses and private sectors. The post WEF Report Reveals Growing Cyber Resilience Divide Between Public and Private Sectors appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/wef-report-reveals-growing-cyber-resilience-divide-between-public-and-private-sectors/
Time for a change: Elevating developers’ security skills

Jan 13, 2025 5:28 AM

Tags: skills, software

Organizations don’t know their software engineers’ security skills because they don’t assess them in the interview process. Trying to do that in an interview is challenging, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/13/developers-cybersecurity-skills/
Hands-on jobs to grow fastest, because AI can’t touch them

Jan 11, 2025 8:26 PM

Tags: ai, jobs, skills

World Economic Forum finds huge demand for brainbox skills, news for how it changes your role First seen on theregister.com Jump to article: www.theregister.com/2025/01/10/ai_jobs_wef/
2025 Cybersecurity and AI Predictions

Jan 11, 2025 11:42 AM

Tags: access, ai, api, attack, backdoor, backup, browser, business, chrome, communications, compliance, control, corporate, crowdstrike, crypto, cybercrime, cybersecurity, dark-web, data, deep-fake, defense, detection, exploit, finance, firmware, flaw, framework, fraud, GDPR, hacker, Hardware, identity, intelligence, international, korea, LLM, malicious, mitigation, monitoring, network, open-source, privacy, regulation, resilience, risk, risk-assessment, scam, service, skills, supply-chain, switch, technology, threat, tool, training, unauthorized, vulnerability

The cybersecurity and AI landscape continues to evolve at a breathtaking pace, and with it, the associated risks. Snowballing cybercrime costs are compounded by a cybersecurity workforce gap of nearly 4.8 million professionals, as reported by ISC2. Meanwhile, ISACA’s end-2024 State of Cybersecurity Report shows that nearly half of those surveyed claim no involvement in…
Regional skills plan to boost UK cyber defences

Jan 8, 2025 5:18 PM

Tags: cyber, skills

Over 30 projects in England and Northern Ireland will receive a share of a £1.9m fund designed to enhance cyber security skills and protect small businesses First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617748/Regional-skills-plan-to-boost-UK-cyber-defences
Durch Cloud-Migration und Nachhaltigkeit – IT-Fachkräften werden neue Skills abverlangt

Jan 7, 2025 5:18 PM

Tags: cloud, skills

First seen on security-insider.de Jump to article: www.security-insider.de/cloud-migration-nachhaltigkeit-chancen-herausforderungen-it-fachkraefte-a-76b03a81d4df5bb74e2579184305ee2d/
Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting

Jan 7, 2025 9:17 AM

Tags: ai, api, apt, attack, bug-bounty, business, chatgpt, cloud, computing, conference, credentials, cve, cyber, cybercrime, cyberespionage, cybersecurity, data, defense, detection, email, exploit, finance, firewall, flaw, framework, github, government, group, guide, hacker, hacking, incident response, injection, LLM, malicious, microsoft, open-source, openai, penetration-testing, programming, rce, RedTeam, remote-code-execution, service, skills, software, sql, tactics, threat, tool, training, update, vulnerability, waf, zero-day

Generative AI has had a significant impact on a wide variety of business processes, optimizing and accelerating workflows and in some cases reducing baselines for expertise.Add vulnerability hunting to that list, as large language models (LLMs) are proving to be valuable tools in assisting hackers, both good and bad, in discovering software vulnerabilities and writing…
How Learning Experience Platforms Are Transforming Training

Jan 6, 2025 8:18 AM

Tags: cyber, skills, training

Within today’s fast-changing global society, effective training is vital for personal and professional success. However, traditional methods often do not provide enough flexibility or personalization options. In light of this, learning experience platforms (LXPs) have revolutionized how organizations and individuals approach learning and skills development. These sophisticated digital systems offer learners of all kinds an…
New LLM jailbreak uses models’ evaluation skills against them

Jan 5, 2025 11:17 AM

Tags: LLM, skills

First seen on scworld.com Jump to article: www.scworld.com/news/new-llm-jailbreak-uses-models-evaluation-skills-against-them
Microsoft Sentinel: A cloud-native SIEM with integrated GenAI

Jan 2, 2025 9:17 PM

Tags: ai, attack, automation, breach, business, cloud, cyber, cybersecurity, data, data-breach, detection, edr, intelligence, microsoft, risk, siem, skills, soar, soc, technology, threat, tool, training, vulnerability

In a recent survey, 74% of cybersecurity professionals said that the threat landscape is the worst they’ve seen in 5 years.1 Escalating cyber threats, an expanding attack surface, and staffing shortages are putting tremendous pressure on the security operations center (SOC).It’s never been more important to have the right tools in place, especially when it…
>>Outthe-Box<< Detection Coverage: A Critical Metric for Endpoint Security

Jan 1, 2025 12:27 AM

Tags: detection, edr, endpoint, metric, mitre, skills, soc
The state of cybersecurity and IT talent shortages

Dec 31, 2024 6:27 AM

Tags: cybersecurity, skills

This article highlights key findings and trends in the 2024 IT and cybersecurity skills gap, from the shortage of cybersecurity talent to the rising demand for certifications … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/31/cybersecurity-skills-gap-trends-2024/