It’s no secret that companies are facing a huge cybersecurity talent shortage. The word’s been out for several years that many high-paying positions requiring cybersecurity skills are going unfilled. Unfortunately, broadcasting the cybersecurity skills gap hasn’t done enough to increase the cyber workforce. Indeed, the vast majority of cyber professionals (95%) believe the skills gap has not improved over the past few years, and nearly half (44%) believe it has gotten worse, according to research from Information Systems Security Association (ISSA) and analyst firm Enterprise Strategy Group (ESG), a TechTarget division. How big is the gap? Cyberseek reported there are around 1.1 million people employed in cybersecurity in the U.S., but over 700,000 unfilled positions are currently available. Worldwide, the cyber workforce shortfall is approximately 3.5 million people, according to Cybersecurity Ventures. Meanwhile, as organizations compete against each other to acquire the scarce talent available, cybersecurity salaries keep escalating, meaning that organizations can’t afford to hire as many cybersecurity workers. The existing workforce is asked to take on more work, which in turn causes burnout, the ISSA study found. This article is part of Download this entire guide for FREE now! The result is that companies, government agencies, educational institutions and other organizations have weaker security in place than they should, putting all of their employees, customers and constituents at increased risk of data breaches, privacy violations, financial fraud and other adverse consequences. Bridging this vast gap requires understanding why the cybersecurity skills shortage exists and persists. This article explores that and proposes several ways that IT leaders and their organizations can address the underlying problems. Many factors have come together to cause the cybersecurity skills gap. Here are the top five causes: There’s no way to bridge the cybersecurity skills gap overnight, but organizations can start making progress today by doing the following three things: Cybersecurity outlook 2022: Consultants cite 5 trends Top 10 cybersecurity best practices to protect your business 5 tips for building a cybersecurity culture at your company Cybersecurity governance: A path to cyber maturity This SD-WAN vendor comparison chart is a useful starting point to evaluate information about deployment options, pricing, … Cisco Live returned as an in-person event this year and customers responded positively, with 16,000 showing up to the Mandalay … Use this guide to Cisco Live 2023 — a five-day in-person and online conference — to learn about networking trends, including … Policymakers want federal data privacy legislation limiting businesses’ ability to collect data on individuals and banning … Public, private, hybrid or consortium, each blockchain network has distinct pluses and minuses that largely drive its ideal uses … The 2023 trends that are reshaping the risk management landscape include GRC platforms, maturity frameworks, risk appetite … IT should understand the differences between UEM, EMM and MDM tools so they can choose the right option for their users. Learn … Internet Explorer mode lets users view legacy IE websites not supported by other browsers, which can increase productivity and … Implementing MDM in BYOD environments isn’t easy. IT should communicate with end users to set expectations about what personal … Azure management groups, subscriptions, resource groups and resources are not mutually exclusive. Businesses can — and often do … Amazon CodeGuru reviews code and suggests improvements to users looking to make their code more efficient as well as optimize … Establishing sound multi-cloud governance practices can mitigate challenges and enforce security. Review best practices and tools… The strategy will focus on ensuring closer collaboration on cyber security between government and industry, while giving software… As 5G adoption accelerates, industry leaders are already getting ready for the next-generation of mobile technology, and looking … Comms tech providers tasked to modernise parts of leading MENA and Asia operator’s existing networks, including deploying new … All Rights Reserved, Copyright 2000 – 2023, TechTarget
Vesuvius, a UK-based molten metal flow engineering company issued an alert on February 6, 2023, which stated it was “currently managing a cyber incident, [which] has involved unauthorized access to our systems.” The London Stock Exchange-listed ceramics manufacturer did not give any information on the nature and scope of the incident, the systems impacted, or the identity of the attacker. “Immediately upon becoming aware of unauthorized activity on our networks, we have taken the necessary steps to investigate and respond to the incident, including shutting down affected systems. We are working with leading cyber security experts to support our investigations and identify the extent of the issue, including the impact on production and contract fulfillment,” the company said in a statement. “We are taking steps to comply with all relevant regulatory obligations in light of the information that emerges from our ongoing investigations.” Shares in Vesuvius fell 3.8% in early trading on February 6, security analyst Graham Cluley reported. This incident is the latest of a series of cyber-attacks targeting UK companies, with Royal Mail hit in January and Ion, a trading software provider, in early February.
Companies are in desperate need of cybersecurity talent—and are willing to pay up for it. To help up-and-coming cybersecurity talent land jobs in the industry, cybersecurity and digital skills training company ThriveDX and NightDragon announced in late July the launch of the world’s first job search and career platform solely focused on cybersecurity jobs, the Cyber Talent Hub. Cybersecurity salaries typically range from $85,000 to $130,000 per year, according to the New England Institute of Technology, but research done by tech and digital recruiting firm Mondo shows that many of these jobs pay well into the $200,000s and up. “We often see that cybersecurity skills carry a significant salary premium in some cases on the order of $10,000, $15,000, or more” than other technical roles, Will Markow, vice president of applied research–talent at Emsi Burning Glass, previously told Fortune. Globally there are 3.5 million unfilled jobs, according to Cybersecurity Ventures. And in the U.S. alone, there are about 1 million cybersecurity workers, but there were around 715,000 jobs yet to be filled as of November 2021, according to a report by Emsi Burning Glass (now Lightcast), a market research company. “It takes a village to address an immense industrywide challenge such as the cybersecurity skills gap,” Dave DeWalt, founder and managing director of investment firm NightDragon, said in a statement. The Cyber Talent Hub, which has a goal to “attract, retain, foster, and continuously develop cyber talent,” is hosted by corporate and educational sponsors including Carahsoft, Exclusive Networks, Ingram Micro, Jacobs, Kyndryl, Liberty Mutual Insurance, Mandiant, Marsh, and educators including New York University, the University of Chicago, the University of Michigan, and the University of Wisconsin. “Solving the most critical cybersecurity challenges starts with attracting, developing, and retaining the right people and providing them with the best-in-class training and technology to do their jobs best,” Brian O’Donnell, Carahsoft vice president of cybersecurity solutions, said in a statement. “With the threat landscape continuing to expand both in sophistication and frequency, the time has never been better for us to join forces with other industry leaders to shape this first-of-its-kind talent hub and increase our pipeline of exceptional tech talent that is ready and able to tackle the challenges ahead.” The platform is mutually beneficial: Cybersecurity professionals will have access to job postings, and companies will have access to a pool of qualified applicants—some of whom will come directly from participating university programs. The Cyber Talent Hub will host people who are trained and interested in cybersecurity careers, and then match them with employer partners who are looking to hire. “There is a growing global urgency to present new routes that enable access to employment opportunities and skill building avenues,” Barbara Massa, executive vice president and chief of business operations at cybersecurity firm Mandiant, said in a statement. “Tackling the cybersecurity skills gap as a collective group of industry leaders, employers, and educational institutions opens up a whole new diverse talent pool.” The Cyber Talent Hub also includes access to cybersecurity upskilling training by ThriveDX. In February, the company announced it had secured a $100 million growth-funding round to expand its cybersecurity training and upskilling offerings. “With this, we’ll make a significant impact in closing the cybersecurity skills gap and opening up the opportunity of entering the digital industry to learners from all backgrounds,” Dan Vigdor, founder and co-CEO of ThriveDX, said in a statement. See how the schools you’re considering fared in Fortune’s rankings of the best master’s degree programs in nursing, computer science, cybersecurity, psychology, public health, business analytics, data science, doctorate in education, and part-time, executive, full-time, and online MBA programs.
However if you choose to provide personal data to Rio Tinto through this website (for example, by sending us an email), we will process that personal data to answer your query and if relevant, to manage our business relationship with you or your company. We won’t process that personal data for other purposes except where required to meet our legal obligations or otherwise as authorised by law and notified to you. If you choose to subscribe to our media releases or other communications, you can unsubscribe at any time (by following the instructions in the email or by contacting us). With your consent, our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive. As some data privacy laws regulate IP addresses and other information collected through the use of cookies as personal data, Rio Tinto’s processing of such personal data needs to comply with its Data Privacy Standard (see Part 1 of our Privacy Policy), and also applicable data privacy laws.
With the exception of the use of cookies (explained below), Rio Tinto generally does not seek to collect personal data through this website. However if you choose to provide personal data to Rio Tinto through this website (for example, by sending us an email), we will process that personal data to answer your query and if relevant, to manage our business relationship with you or your company. We won’t process that personal data for other purposes except where required to meet our legal obligations or otherwise as authorised by law and notified to you. Part 1 of this Privacy Policy contains the Rio Tinto Data Privacy Standard, which provides an overview of Rio Tinto’s approach to personal data processing. There is additional information in the appendices to the Data Privacy Standard, including information about disclosures, trans-border data transfers, the exercise of data subject rights and how to make complaints or obtain further information relating to Rio Tinto’s processing of your personal data. If you choose to subscribe to our media releases or other communications, you can unsubscribe at any time (by following the instructions in the email or by contacting us at digital.comms@riotinto.com).
With your consent, our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive. As some data privacy laws regulate IP addresses and other information collected through the use of cookies as personal data, Rio Tinto’s processing of such personal data needs to comply with its Data Privacy Standard (see Part 1 of this Privacy Policy), and also applicable data privacy laws. These Cookies are used to provide a better user experience on the site, such as by measuring interactions with particular content or remembering your settings such as language or video playback preferences. These Cookies allow us to analyse site usage in order to evaluate and improve its performance. They help us know how often you come to our site and when, how long you stay and any performance issues you experience whilst you are on our site. These Cookies are used by advertising companies to inform and serve personalised ads to your devices based on your interests. These Cookies also facilitate sharing information with social networks or recording your interactions with particular ads.
Practically every security professional has run across “the defender’s dilemma” sometime in their career. It goes like this: “Defenders have to be right every time. Attackers only need to be right once.” The idea that attackers have all the advantages and that defenders must be passive and wait for something to respond to is practically an axiom of cybersecurity. It is also a lie. Basing a security strategy around the defender’s dilemma harms your security program. Starting with an incorrect premise leads to bad decisions. You may waste money on products, services or capabilities you don’t truly need or underinvest in the ones you do. Your security staff becomes overwhelmed, demoralized and has trouble delivering good outcomes.
Defenders rightly expect attackers to lie and cheat to achieve their goals, but sometimes we forget that lying and cheating can work both ways.
If you believe the lie of the defender’s dilemma, there are other lies you have to believe as well because the defender’s dilemma relies upon them. Let’s look at each of these lies in detail and discuss strategies you can use to negate their harmful effects and turn them into advantages for your team. The defender’s dilemma implies that your security team is purely passive, sitting around waiting for attacks to happen. But thinking in terms of “defense” and “offense” is a false dichotomy. The shows that by consistently detecting and responding to threat actor activity quickly enough to stop attacks in their tracks, you can impose cost on that actor, turning defense into offense. By concentrating your detection development efforts on the top half of the pyramid, you may not be able to prevent attacks entirely, but you will make actors work harder to be successful. That changes the economics of their attacks and also buys you valuable time to respond. Your defenses must operate around the clock, while attackers can carefully choose the timing of their attacks to occur on evenings, weekends or holidays. That doesn’t mean humans always have to be engaged for everything, though. Automation and SOAR technology can turn IR playbooks into an automated response. Driving an incident to containment within seconds or minutes of detection and collecting basic IR data along the way improves time-to-containment and significantly decreases reliance on off-hours staffing. Consider also what each side is doing in between attacks. While threat actors plan their next attacks, your team should not be sitting idle. Use the time between incidents to level up group capabilities and individual skills. Learn from past incidents to improve detection and playbooks. Take classes or learn new skills. Use threat hunting to identify new detection or IR techniques. What you might have fallen prey to yesterday could be something you detect and interdict tomorrow.
The David Glass Technology Center, headquarters to Walmart Global Tech, in Bentonville, Ark. (Bradley Barth/SC Media) The following is the Foreword and Part 1 of a three-part series revealing key highlights from Walmart Global Tech’s Media Day, compiled from a series of on-site tours, fireside chats, panels, roundtables and one-on-one interviews. Bookended by security personnel in front and back, we were warned in no uncertain terms before entering Walmart’s East Data Center facility: Any attempt to bring an electronic device into the building would result in our immediate expulsion. The caution was understandable. We were, after all, the first-ever visitors who were not a Walmart employee or vendor partner to step foot in this building, where the retail giant’s precious data is collected and processed. This was serious business for the $572.8 billion Fortune 1 company, who invited a small gaggle of reporters to Walmart headquarters in Bentonville, Arkansas, for Walmart Global Tech’s (WGT) inaugural media day. Before the day was over, we also were treated to a tour of the on-site security operations center (SOC) and a forensics lab — both located in the David Glass Technology Center, the main headquarters for WGT, Walmart’s internal technology and business services division. The event also served as an opportunity to talk to WGT’s top cyber and IT executives about their efforts to innovate as a security and tech leader in a manner that can scale with the retailer’s ongoing world dominance. With roughly 10,500 stores, plus various eCommerce websites under 46 banners in 24 countries, Walmart is not only king in the retail space — it also operates in the health and financial sectors, and has its own manufacturing, distribution and logistics operations to account for. So why the sudden willingness to offer the world an inside glimpse of its security operations? According to senior vice president and global CISO Jerry Geisler, it’s all about Walmart’s desire to prove to customers and clients that the company is working hard to earn their trust. As an omnichannel retailer, Walmart is aware of how the lines between digital and physical commerce have blurred. “With my teams, when we’re thinking about digital trust, of course were thinking end-to-end. We’re thinking everywhere we would potentially interact with that customer, when and where they would share data with us, and then how we use that data,” Geisler said. “How is it that we use or protect the data that our customers choose to entrust us with? And more so: How we’re potentially using emerging tech… because we want to enable the business, and part of that enablement is ensuring that we don’t have disruptive events that erode trust.” The first sight that caught our eye as we left the reception lobby and marched through the David Glass Technology Center were three trampolines sitting side by side in a cavernous interior space. Wow — is this the most fun place to work or what? OK, so actually this was not an office perk, but rather the work of merchandisers who are constantly experimenting with products that ultimately wind up in the stores. And it’s not unusual to see all sorts of unique items being tested on site. There’s always something going on at the Walmart campus, and that’s certainly true on the technology side of things. The data center: Despite being connected via an intermediary passageway, the East Data Center is technically inside a completely separate building from the DWTC, requiring a stringent security check-in process. Only about 1,000 people per year set foot inside (and typically an NDA is involved), but never anyone from the media — until this day. First stop: the C-Floor server room, home to highly sensitive and invaluable threat data leveraged by the incident response team and OneLab forensics teams (other corporate data is stored on the A- and B-Floors). This area featured multiple protections against potential physical harm, including a floor-to-ceiling caged partition, leak detection cables and sticky anti-contamination doormats to reduce electrostatic discharge and loose dust particles (“You’ll be working in your socks before you know it,” remarked tour leader Kevin McCoin, distinguished architect, systems engineering, referring to the shoe-stealing sticky mats). The floor was elevated three feet above the concrete base to allow for better air circulation flow, helping to conduct heat from the hot servers outside and cool air back in. Moving further inside, we were escorted into a long corridor featuring the critical infrastructure plant facilities designed to keep the servers operating through a series of pumps, motors and industrial controls. There’s a mission statement on wall in this area: to “provide data center capability and operate data centers in a manner that sustains a highly available and uninterrupted business operation.” Different sections of this facility are fully segregated so that if a problem occurs in one section, the others are not affected. The goal is nothing short of 100 percent uptime, and multiple redundancies are the key. If one particular mechanism or system experiences downtime, Walmart relies on built-in automation and AI/machine learning to switch to one of the redundancies, thus maintaining operational stability and continuity. We next were ushered over to the B-Floor’s private cloud server room for a fleeting glimpse inside, although we were only allowed to peek from just outside. Just like on the C-Floor, the room works on a grid system — like a big game of Battleship — to help facility workers know exactly where to go to if a problem arises. Walmart has made news lately for pursuing a hybrid cloud computing strategy that is increasingly relying on its own private cloud, while mixing in public cloud offerings and edge nodes for ultimately flexibility in what cloud-based resources it uses. The SOC: Including this one, Walmart actually operates three SOCs around the world (with the other two in Reston, Virginia, and Bangalore, India). Inside the main hub, the walls were adorned with large screens displaying timely cyber news media articles, the latest vulnerabilities sorted by company and product, summaries of zero-day exploits, and other vital info. Just outside, a hanging whiteboard noted the number of days since the last significant security incident. However, it was completely wiped clean — perhaps in anticipation of the media’s arrival? Walmart’s SOC processes roughly 6 trillion points of telemetry and monitors approximately 3 million IP addresses in its network, plus roughly 167,000 public and private GitHub repositories. This requires a tremendous amount of automated monitoring correlation, detection and response mechanisms to aid the various teams that collaborate on security operations. Inside a conference room, the heads of these teams laid out for the media a fictionalized scenario in which an imaginary, financially motivated cyber actor sent fake browser updates to Walmart associates in an attempt to get them to open a malicious file infected with a RAT, infostealer or Cobalt Strike file — an intermediary step for a ransomware attack. It starts with threat intelligence team who creates reports based on the latest available commercial feeds as well as its own collection of TTPs, IOCs and other data points gathered via frameworks like MITRE ATT&CK. The threat hunting team uses this intelligence to proactively sniff out threat actors that might be using these identified techniques, and they coordinate with the anomalous endpoint behavior team to spot rare or unusual activity that is indicative of a possible threat. As Vice President of Security Operations Jason O’Dell explained, the corporate philosophy is: “Rare isn’t always bad, but bad should always be rare.” And although threat actors are getting better at hiding their malicious traffic, “something’s gonna stand out,” said Vernon Habersetzer, senior enterprise expert, security incident management. If an alert is generated through either hunting or through traditional detection and response, the SOC analyst team is on hand to analyze a potential threat and then either take action, elevate to incident response or declare a false positive. From these analysis results, Walmart can then create custom detections for future protection. There’s also an engineering team that maintains and stewards the 6 trillion datapoints; a data assurance team that spearheads data loss prevention (they weren’t part of the simulation); and an incident response team that handles containment and threat eradication, much of which is automated if Walmart’s systems detect flagged behavior. Finally, there’s a red team, which is tasked with attacking the organization throughout the year to see “how all the controls put in place… stack up,” noted Harold Ogden, red team senior director. Recently, Walmart made the strategic move to move the red team — which had been operating as a more segregated entity — in-house in order to create a more collaborative purple teaming environment. (For more on this, see SC Media’s video interview with Jason O’Dell.) The forensics lab. The tools and machines found in WGT’s hardware forensics lab environment evoke, in essence, a living museum environment that showcases the chronology of device repair and data recovery. This is where malfunctioning or damaged devices and drives end up when the company needs to salvage data from them for reasons ranging from legal discovery to security investigations to personal file restoration. Altogether, the forensics teams fulfills more than 3,000 various requests per year. Inside the room were soldering stations, microscopes, ultrasonic wire bonders, X-ray machines capable of peering into the 10 different layers of smartphones, and a clean room when a contaminant-free working environment is needed. Several monitors displayed extreme close-ups of chips and circuits from various electronics currently under examination (or perhaps placed there simply as a visual demonstration for us). As hardware changes, improves and gets smaller, the equipment used to examine it must evolve as well. Over the years, Walmart has found that it’s ideal to handle such tasks internally, rather than rely on a third party, which presents complications related to chain of custody, data privacy and expense, explained Wayne Murphy, distinguished architect, systems engineering, and hardware recovery expert. Indeed, that just as Walmart realized there were advantages to setting up its own distribution and manufacturing operations, Walmart has resolved to become a self-reliant corporation when it comes to data collection, cybersecurity and forensics. Considering its vast resources and infrastructure, Walmart probably could form its own managed IT and cyber services company if it so desired. And at this point, would it even be surprising if they did? Stay tuned for Part 2 of SC Media’s Walmart Global Tech Media Day coverage, featuring the retailer’s latest cyber innovations and initiatives. As director of community content at CyberRisk Alliance, Bradley Barth develops content for SC Media online conferences and events, as well as video/multimedia projects. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.
SC Staff SiliconAngle reports that Fortinet has introduced more offerings under its Security Fabric for OT line aimed at bolstering operational technology environments’ security defenses. Steve Zurier One of bugs was a critical vulnerability that could potentially launch an RCE attack, the other a high-severity vulnerability that could execute a denial-of-service attack.
Bloomberg View columnist Barry Ritholtz looks at the people and ideas that shape markets, investing and business. On this week’s episode of IDEA GENERATION, Scooter Braun takes us on a journey from his days as a college dropout and party promoter in Atlanta, to becoming one of the most successful music executives on the planet. From his time as manager of Justin Bieber and Asher Roth, to his part in acquiring Big Machine Records, to selling his own company for $1 billion, Braun has built one of the most impressive resumes in music. And it all started with one idea. Japanese Unions Seek Biggest Pay Rise in 25 Years for Workers Colombian Oil Field Kidnapping Ends as Dozens of Hostages Freed Sorry, Fed, Most US Mortgage Rates Were Locked in During Pandemic Lows Fed Says More Rate Hikes Are Needed to Curb Inflation US Service Sector Expands More Than Forecast Suggesting Hiring Success Amazon Pauses Construction on Second Headquarters in Virginia as It Cuts Jobs The Exhibit Reality TV Show Pitting Artist Against Artist Is No Masterpiece Twitter Revenue, Earnings Fell About 40% in December, WSJ Says Alphabet Must Negotiate If Contract Staff Unionize, Labor Board Official Rules US-Sanctioned Huawei Makes a Show of Force at Mobile Conference Biden’s About-Face on DC Crime Bill Shows Democrats on Defensive Biden Had Cancerous Skin Lesion Removed Wealthy NYC Family Feuds Over $258 Million Madison Avenue Sale NYC TikTok Dating Diary Chronicles Love in the Time of Inflation The Exhibit Reality TV Show Pitting Artist Against Artist Is No Masterpiece Toblerone Is Barred From Using the Iconic Swiss Mountain on Its Logo Video Roundup: Opinion’s Must-See Footage of the Week A Postmortem of the Pandemic Murder Wave How Democrats Got Away From ‘Third Way’ Politics Yellowstone Backers Wanted to Cash Out—Then the Streaming Bubble Burst How Countries Leading on Early Years of Child Care Get It Right Female Execs Are Exhausted, Frustrated and Heading for the Exits Biden Gives Medal of Honor to Trailblazing Special Forces Member California Weighs $360,000 in Reparations to Eligible Black Residents. Will Others Follow? Panic Over Metals for EVs Goes All the Way to Automakers’ C-Suites Rivian Tells Staff EV Output May Be 24% More Than Forecast What Do You Want to See in a Covid Memorial? Share Your Design Ideas New Jersey’s Murphy Defends $10 Billion Rainy Day Fund as State’s Economy Slows What Led to Europe’s Deadliest Train Crash in a Decade This Week in Crypto: Ukraine War, Marathon Digital, FTX AI Hype Comes to Crypto What’s a ‘Britcoin’? (Podcast) Sarah Jacob Subscriber Benefit Subscribe UK engineering company Vesuvius Plc said it’s managing a cyber-security incident involving unauthorized access to its systems. The molten metal flow control firm has shut down affected systems and initiated steps to assess the scale of the attack, it said in a statement on Monday. The shares fell as much as 3.1% in early trading in London.
Ideas are the global currency of the 21st century. But how do you come up with, execute, operationalize and replicate one? The answers are what separates successful creative influences from everyone else. Bloomberg Business of Sports lets you follow the money in the world of sports, reporting on trades, salaries, endorsements, contracts and collective bargaining. The show takes listeners inside the business end of the sports world, and explains what it means to fans and their pocketbooks. Follow Bloomberg reporters as they uncover some of the biggest financial crimes of the modern era. This documentary-style series follows investigative journalists as they uncover the truth. Credit Suisse First Boston Will Have Goldman Sachs-like Partners Westlake to Take Over Servicing of American Car Center’s Leases Sorry, Fed, Most US Mortgage Rates Were Locked in During Pandemic Lows Fed Says More Rate Hikes Are Needed to Curb Inflation US Service Sector Expands More Than Forecast Suggesting Hiring Success Amazon Pauses Construction on Second Headquarters in Virginia as It Cuts Jobs Bed Bath & Beyond’s Tanking Stock Puts Hedge Fund Rescue at Risk Alphabet Must Negotiate If Contract Staff Unionize, Labor Board Official Rules US-Sanctioned Huawei Makes a Show of Force at Mobile Conference John Malone and Charter Directors Agree to $87.5 Million Settlement Biden’s About-Face on DC Crime Bill Shows Democrats on Defensive Biden Had Cancerous Skin Lesion Removed Wealthy NYC Family Feuds Over $258 Million Madison Avenue Sale NYC TikTok Dating Diary Chronicles Love in the Time of Inflation The Exhibit Reality TV Show Pitting Artist Against Artist Is No Masterpiece Toblerone Is Barred From Using the Iconic Swiss Mountain on Its Logo Video Roundup: Opinion’s Must-See Footage of the Week A Postmortem of the Pandemic Murder Wave How Democrats Got Away From ‘Third Way’ Politics Yellowstone Backers Wanted to Cash Out—Then the Streaming Bubble Burst How Countries Leading on Early Years of Child Care Get It Right Female Execs Are Exhausted, Frustrated and Heading for the Exits Biden Gives Medal of Honor to Trailblazing Special Forces Member California Weighs $360,000 in Reparations to Eligible Black Residents. Will Others Follow? Rivian Tells Staff EV Output May Be 24% More Than Forecast Emergency Workers in Ohio Train Derailment Lacked Crucial Hazmat Data What Do You Want to See in a Covid Memorial? Share Your Design Ideas New Jersey’s Murphy Defends $10 Billion Rainy Day Fund as State’s Economy Slows What Led to Europe’s Deadliest Train Crash in a Decade This Week in Crypto: Ukraine War, Marathon Digital, FTX AI Hype Comes to Crypto What’s a ‘Britcoin’? (Podcast) A screenshot from the ION website. William Shaw Subscriber Benefit Subscribe The National Cyber Security Center, part of UK intelligence agency Government Communications Headquarters, is part of the growing number of government bodies examining the cyberattack on ION Trading UK. The NCSC joins the Financial Conduct Authority, the Prudential Regulation Authority and the US Federal Bureau of Investigation in seeking information about the incident, according to people familiar with the matter, who aren’t authorized to speak publicly.
We’re taking a look at the cybersecurity companies that launched products and partner program updates, made key executive changes, raised funding or announced acquisitions in January. While plenty of cybersecurity companies have been among the tech industry vendors recently announcing layoffs, many companies in the security market had happier news to announce in kicking off 2023. In January, major moves by cybersecurity companies included executive changes, such as CrowdStrike’s hiring of two C-level executives from rival endpoint security vendor SentinelOne. [Related: Okta Lays Off 5 Percent Of Staff] Meanwhile, a number of cybersecurity vendors announced channel-friendly products, such as Arctic Wolf, while others unveiled updates to their partner programs, including Palo Alto Networks. A few raised funding, including Snyk’s funding round from ServiceNow, while NetSPI was among the handful of cybersecurity companies to announce an acquisition in spite of the uncertain economic environment. What follows are details on 10 of the cybersecurity companies we’re following that made moves in January. Kyle Alspach is a Senior Editor at CRN focused on cybersecurity. His coverage spans news, analysis and deep dives on the cybersecurity industry, with a focus on fast-growing segments such as cloud security, application security and identity security. He can be reached at kalspach@thechannelcompany.com.