Author: rescue@crimefire.in

Let Cybersecurity Dive’s free newsletter keep you informed, straight from your inbox.

A growing number of major businesses in the U.S. and abroad are cutting budgets in the uncertain economic environment. A number of high-profile companies, including Amazon, Microsoft, Alphabet and others have announced thousands of job cuts in recent weeks. The layoffs come after the Federal Reserve repeatedly hiked rates to cool off rising inflation. 
The Neustar report, based on the responses of 304 senior-level professionals across the U.S., Europe, the Middle East and Africa found that 4 in 5 executives believe the C-suite and board of directors at their organizations understand the existing threat levels. But more than two-thirds of respondents agreed that constraints on their budgets would limit their ability to respond to these threats. 
The majority of respondents, 60%, said the most current risk is the rising sophistication of attacks, but more than half are also wary of the rising number of attacks. 
Part of the long-term risk facing companies is in many cases they have converted to long term hybrid work, where employees only come into the office a few days a week and work from home the remainder of the week. The more geographically widespread deployment of workers has made it more challenging to secure the workplace from outside threats. 
Morales said companies are increasingly turning to managed service providers in order to provide cloud-based security. 
The study, which was conducted during fall 2022, reflects some issues raised by cybersecurity providers about customer spending decisions. In November, Palo Alto Networks reported a number of customers were giving potential security deals more scrutiny.
Companies have also started to consolidate the number of security vendors they work with, in part to reduce complexity, but saving costs has also been a factor. 
Get the free daily newsletter read by industry experts
Physical keys with cryptographic protocols can deliver higher levels of assurance, but organizations shouldn’t conflate resistance with infallibility.
Rates continue to soar, but Marsh research shows the pace of increases is slowing. 
Subscribe to Cybersecurity Dive for top news, trends & analysis
Get the free daily newsletter read by industry experts
Physical keys with cryptographic protocols can deliver higher levels of assurance, but organizations shouldn’t conflate resistance with infallibility.
Rates continue to soar, but Marsh research shows the pace of increases is slowing. 
The free newsletter covering the top industry headlines

source

Click here to see Canada’s most comprehensive listing of projects in conceptual and planning stages
Click here to see Canada’s most comprehensive listing of projects in conceptual and planning stages
In early January, the Liquor Control Board of Ontario (LCBO) made a public announcement that a cybersecurity incident on the checkout page of its online sales website may have revealed customers’ names, email and mailing addresses, Aeroplan numbers, LCBO account passwords, and credit card information.
A new year’s message that hits so close to home might shake Canadian business owners and their employees from their complacency. 
A survey of 1,000 Canadian employers conducted by consultancy Terranova Security, in collaboration with research company Ipsos, revealed a surprisingly low level of concern about data theft at work.  
“Only 40 per cent of employees say they work in a company where cyber security awareness training is mandatory. Forty-four per cent haven’t participated in any cyber security training, and a third indicated that their company doesn’t offer any relevant training at all.”
Perhaps these companies are not fully aware of the legal and business risks they run by being so casual.
As Mitch Koczerginski, Lyndsay Wasser and Carol Lyons of McMillen LLP write, data protection and cybersecurity in Canada are governed by a complex legal and regulatory framework.
“Failure to understand this framework and take active steps to reduce risks (or the impact of such risks when they materialize) can have serious legal and financial consequences for an organization.”
Under Schedule 1 of the federal legislation called the Personal Information Protection and Electronic Documents Act (PIPEDA), public and private organisations are required to safeguard personal information under their control.
This includes the designation of an individual or individuals accountable for the collection of personal information. They must administer appropriate safeguards to protect against loss or theft, unauthorized access, disclosure, copying use or modification. The more sensitive the information, the higher level of security is required.
That means more than just locked filing cabinets. With more employee and client information now on computers or stored in the cloud, Koczerginski, Wasser and Lyons suggest organizational actions like security clearances, limiting access to a “need-to-know” basis, and measures that include passwords and encryption.
Aside from reputational damage and potential fines, Canadian companies and entities have been subject to a number of sometimes lengthy and costly class actions related to unauthorized access to, or disclosure of, personal information by employees.
Outside attacks are also an increasing risk and can be quite sophisticated. The cyber attacker could pose as a trusted vendor, client or employee requesting payment of an outstanding invoice via wire transfer. False texts from what appears to be a managerial superior can open the door to fraud and data theft.
Dependence solely on commercial property insurance is clearly a mistake.
Alexandra Selfridge, partner with legal practice Procopio based in California, writes cybercrime losses are unlikely to be covered under conventional commercial property policies. More frequently, the necessary coverage is available through specific cyber underwritings.
Even so, although specific cyber insurance costs have reportedly stabilized in recent months, they are still increasing by over 50 per cent year-over-year and can carry restrictive clauses.
“Not all policies are equal,” says Selfridge.
“Cybersecurity is an area that requires a multi-disciplinary approach with input from a variety of experts,” write the McMillan authors.
“Organizations should conduct an audit of their existing cybersecurity status, including: an evaluation of, who and what is connected to their systems and networks; what is running on their systems and networks; and whether they have technology in place to prevent most breaches, rapidly detect breaches that do occur, and minimize the damage of such breaches.” To find answers, engaging a cybercrime investigator would be a good decision.
“The cybercrime investigator is at the forefront of the fight against financial crimes, undertaking an array of intelligence collection and investigative tasks,” writes Paul Wright, senior adviser of forensic technology and investigations at Accuracy. “This involves using multiple analytical platforms, investigative tools, open-source intelligence, and other tools, which are constantly evolving. Empowering the investigator with the right tools to automate, collate and grade intelligence will significantly aid the quality and efficiency of investigations.”
John Bleasby is a Coldwater, Ont.-based freelance writer. Send comments and Legal Notes column ideas to editor@dailycommercialnews.com.
Your comment will appear after review by the site.
Melanie Joly, minister of foreign affairs, recently visited the College of Carpe…
John Tory’s final budget as Toronto mayor includes boosts to several housing pro…
Digital twinning is being increasingly used in the automotive, health care, syst…
MONTREAL — A former SNC-Lavalin vice-president found guilty of bribing foreign o…
After years of designing and planning, Hydro One’s Celtic Tiger Tunnel Boring Ma…
The accompanying table records the 10 largest construction project starts in Can…
The Progressive Contractors Association of Canada (PCA) is concerned the project…
The short-term might not look pretty. The mid-term is pretty good. The long-term…
Digital twinning is being increasingly used in the automotive, health care, syst…
Arbitration has become an increasingly popular method to resolve commercial disp…
TORONTO — Ontario’s Home Construction Regulatory Authority (HCRA) has announced…
CINCINNATI, OHIO — Ontario’s Priestly Demolition (PDI) has announced the majorit…
OTTAWA — Prime Minister Justin Trudeau says he’s pushing Canada’s immigration sy…
TORONTO The Ontario government has announced a new Hydrogen Innovation Fund that…
  Concrete industry stakeholders leading the drive for certification Bri…
OHSWEKEN, ONT. — Ontario and the federal government are investing in a project t…
© 2023 ConstructConnect Canada, Inc. All rights reserved. The following rules apply to the user of this site: Master Subscription Agreement, Terms and Conditions of Acceptable Use, Copyright Notice, Accessibility and Privacy Statement

source

source

Searching for your content…
In-Language News
Contact Us
888-776-0942
from 8 AM – 10 PM ET
News provided by
Oct 17, 2022, 12:10 ET
Share this article
Record-setting year for cybersecurity job postings signals need for innovative approaches
WASHINGTON, Oct. 17, 2022 /PRNewswire/ — Employer demand for cybersecurity professionals continues to strain talent availability according to new data from CyberSeek™, the cybersecurity workforce analytics platform developed in partnership by the National Initiative for Cybersecurity Education at NIST, Lightcast and CompTIA. 

For the 12-month period ending in September 2022, employers listed 769,736 openings for cybersecurity positions or jobs requiring cybersecurity skills. Employer demand for cybersecurity workers grew 2.4 times faster than the overall rate across the U.S. economy. Nine of the 10 top months for cybersecurity job postings in the past 10 years have occurred in 2022.
"The data should compel us to double-down on efforts to raise awareness of cybersecurity career opportunities."
“The data should compel us to double-down on efforts to raise awareness of cybersecurity career opportunities to youth and adults, especially during Cybersecurity Career Awareness Week which is an international campaign to inspire individuals to explore the variety of types of cybersecurity-related roles that are needed in both the public and private sectors,” said Rodney Petersen, Director of the National Initiative for Cybersecurity Education (NICE).

Despite a slight pullback in hiring activity in the most recent months from the record volumes of earlier this year, total cybersecurity job postings for Q3 2022 tracked 30% higher than the same period in 2021 and 68% higher than 2020. The supply-demand ratio¹ held steady at 65, indicating approximately 65 cybersecurity workers in the labor market – the vast majority already employed, for every 100 cybersecurity job postings.
The new CyberSeek data shows that requirements for cybersecurity skills for specific occupations have increased dramatically in the last 12 months. The cybersecurity profession continues to expand into specialized fields, such as penetration tester and threat analyst. There is a similar expansion of cybersecurity skills requirements in adjacent positions such as auditor (+336%), software developer (+87%), cloud architect (+83%) and technical support engineer (+48%).
“The CyberSeek data reaffirms the critical importance of feeder roles and thinking more creatively about on-ramps and career pathways,” said Ron Culler, vice president cyber learning officer, CompTIA. “It is clear from the CyberSeek data that cybersecurity’s importance and impact reaches all levels of the tech workforce. We see this trend continuing and are committed to ensuring that cybersecurity professionals are prepared for the current and future challenges this will bring.”
“Demand for cybersecurity talent has been accelerating for years, and employers are showing no signs of taking their foot off the gas,” said Will Markow, vice president of applied research at Lightcast. “That’s why it is more important than ever to build robust talent pipelines to ensure a safer digital world. We can’t accept leaving holes in our cybersecurity defenses simply because we don’t have enough trained workers to plug them.”
In addition to comprehensive data on the supply and demand of cybersecurity workers at the national, state and metro levels, CyberSeek features an interactive career pathway that shows key jobs within cybersecurity, common transition opportunities between them, and detailed information about the salaries, credentials, and skillsets associated with each role. To provide actionable next steps CyberSeek provides a training provider tab for users to connect directly to organizations providing training, education and industry-recognized certifications. Visit www.cyberseek.org to learn more. For information about the project partners NICE, Lightcast and CompTIA, please see the project partner page on the CyberSeek site.
¹ A comparison of the number of available cybersecurity workers relative to employer demand in a particular location, displayed as a percentage.
Media Contact
Steven Ostrowski
CompTIA
[email protected] 
+1 630-678-8468
SOURCE CyberSeek
More news releases in similar topics
Cision Distribution 888-776-0942
from 8 AM – 9 PM ET

source

With each passing year, the cybersecurity threat landscape continues to worsen. That reality makes cybersecurity analysts some of the most sought-after technology professionals in the world. And there are nowhere near enough of them to meet the demand. At last count, there were over 3.5 million unfilled cybersecurity jobs worldwide — and that number is still growing.
The situation means that it’s a great time to become a cybersecurity analyst. What’s more, the skyrocketing demand means it’s possible to start a lucrative freelance career in the field and take complete control over your professional future. Here’s a start-to-finish guide on how to do exactly that.
The first step on the path to becoming a freelance cybersecurity analyst is to acquire the necessary skills. For those without an existing technology background, the best place to start is with a cybersecurity bootcamp. They’re designed to get newcomers up to speed with basic cybersecurity concepts and skills in the shortest possible time.
A great place to start your search for the right course is Bootcamps.org. They maintain an active directory of both free and paid bootcamp programs in a variety of technology fields, including cybersecurity. Depending on your preexisting familiarity with computing concepts, you may also wish to enroll in a more generalized computing bootcamp to get started.
Your goal is to emerge from these programs with a working knowledge of the following concepts:
The next thing you’ll need to do is to earn one or more cybersecurity certifications to demonstrate your abilities to would-be employers. The best approach is to begin with a general cybersecurity certification. You can always earn a more specialized certification later in your career after you gain experience and figure out which aspects of the job you excel at. The most popular general cybersecurity certifications include:
Earning any one of the above certifications will give you the credentials you need to qualify for thousands of already-existing open positions. At the time of this writing, there are over 200,000 active job listings for holders of the above certifications on LinkedIn, Indeed, and Simply Hired alone. In other words — you’ll be ready to join the ranks of professional cybersecurity analysts the moment you’ve earned one of them.
Even though it’s possible to get some cybersecurity analyst jobs with nothing but the right certifications and an artfully-worded resume — that will only get you so far. Although it’s reasonable to take on an entry-level cybersecurity position to gain some experience at this stage, there are also some other strategies you can use to speed up the process.
One of them is to explore resources like TryHackMe.com. It’s a site with real-world hacking simulations that you can use to get some hands-on experience with the kinds of situations you’ll face as a cybersecurity analyst. It’s an excellent way to build some experience without any risk.
Another strategy you should consider is to attend as many hackathons as you can. Those will give you a front-row seat to see how the best of the best in cybersecurity approach their work. And, they make for excellent networking opportunities that you’ll need to prepare yourself to go freelance later.
At this stage, you should also set yourself up with accounts on all of the major cloud providers like Google, Amazon AWS, and Microsoft Azure. This will allow you to build technology stacks on each platform and familiarize yourself with their settings and features. The majority of businesses in the world today have at least some exposure to one or more of those platforms. Understanding them from a cybersecurity perspective will improve your marketability as a freelance cybersecurity analyst.
When you feel comfortable enough in your skill set and experience level to consider transitioning into freelance roles, you should start small. This means taking on some paid cybersecurity jobs through sites like Fiverr and Upwork. You should begin by offering your services in specific areas that your existing experience supports. So, if you feel comfortable conducting penetration testing of a particular app or platform, start there.
The idea is for you to establish yourself as a reliable service provider on those sites. Although it may not seem like you’re getting far — after all, freelance sites aren’t where the real money is — you’ll be building up a reputation for quality work. When you’ve done that, you can parlay that reputation into more lucrative work.
Once you’ve got enough experience and have a solid resume of small freelance cybersecurity jobs under your belt, you’ll be ready to turn your hard work into a standalone freelance business. The first step toward doing that is to think up a business name. You’ll want a name that’s not already in use, with an available domain name to match. When you have one, reserve the domain name and register for a tax ID with the relevant authorities where you’re planning to work.
Next, you’ll want to design a website to serve as a calling card for your business. Since you’ll be marketing your skills and reputation as a cybersecurity analyst, the site doesn’t need to be anything more than a professional-looking portal with your business name, basic information, and contact details. You can choose a ready-made template if you don’t have the design skills to do the job yourself.
Then, you’ll want to set up your home office with everything you’ll need to work full-time. This means having a dedicated comfortable space with a desk and computer, and all of the relevant office supplies. It’s also a good idea to sign up for a business phone app so you’ll have a professional communications system for your customers to contact you.
At this point, you’re ready to begin soliciting work as a freelance cybersecurity analyst. This is the time when all of the networking you’ve done through hackathons and other events, as well as through your freelance portal jobs, will pay off. You should begin by crafting an announcement of your new business to send out to all of the contacts you’ve collected.
As you do this, be sure to let everyone know exactly what types of cybersecurity jobs you’re equipped to handle. You should also make it clear how potential clients can contact you and request quotes for your services. If you’ve done everything right, you should start to get inquiries in short order. From there, all you have to do is your best work — and it won’t be long until you have enough steady customers that you can quit your day job and go freelance for good.
The simple fact is, the sheer volume of open cybersecurity jobs — and the countless more that will appear in the next few years — make your odds of success as a freelance cybersecurity analyst quite high. As long as you’re competent, confident, and willing to continue to learn your trade as you work, you’ll never run out of opportunities. Your reward for all of that is a well-paid career with a schedule that you control — and doesn’t that sound like a dream come true?
Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.

source

I’ve been in the tech industry for 25 years, almost all in cybersecurity. I’ve held security leadership positions for well over a decade, including the 18 months as head of security for an API platform with more than 20 million users.
I’ve had a successful career in information security, and I’ve done it without a college degree.
I’m just not convinced of the value of a degree for cybersecurity jobs. To be sure, some who go to school before embarking on cybersecurity careers may benefit from the education and training. But many others merely find themselves saddled with student debt, just to learn material that’s often outdated or may not even be relevant to the job.
At the end of the day, with enough passion, raw intelligence, and hard work, anyone can be a successful cybersecurity professional, whether they have a degree or lack a background in IT and computer science.
Cybersecurity hiring historically has focused on a narrow candidate pool — people with the usual academic credentials, job experience, security certifications, and specific technical security skill sets. But as the demand for cybersecurity professionals keeps increasing, it is clear that the industry must get more creative in the hunt for talent.
The question on every CISO’s mind is how. Here are four ideas.
Mandating at least a bachelor’s degree for a cybersecurity job (or any tech industry job, for that matter) is obsolete thinking. Skills and personality traits like desire, curiosity, love of learning, calmness under pressure, and ambition are what really matter.
I go back to my own experience. I gave community college a try, because it’s what was expected, but I was never a good student because I wasn’t interested in the material.
My college turned out to be my first computer job where I spent time on the help desk, as a desktop engineer, as a systems engineer, and eventually left as a network engineer. What I learned during my four years there gave me the foundational knowledge to move to the next job/level.
I loved all technology and wanted to learn as much as I could but couldn’t decide if I wanted to be on the network or systems side. I wound up in security because it was an area that allowed me to get involved in all aspects of tech.
Now, years later, I lead a combined security and IT operations team with more than 30 members, focusing on building a modern security program that supports the needs of a fast-growing business.
Instead of chasing unicorns, companies should mine not only other areas of the IT department but completely different parts of the business for people with adjacent skills that could make them great cybersecurity pros.
Someone with a librarian’s background, for example, could bring the strong detail orientation needed for security compliance work. A former military member may possess the grace under fire needed for hectic work in the security operations center (SOC).
Looking harder at candidates who don’t fit the typical cybersecurity specialist mold necessitates a more aggressive move toward upskilling and reskilling existing employees. And beyond its benefit as a source of talent, looking inward rather than outward for help also could provide protection against the threat of recession and possible hiring freezes. Which leads to our third point…
If someone has the natural skills to succeed in cybersecurity but has never even seen a SOC, who cares? Skills can be taught. That’s why cybersecurity training sessions and boot camps exist.
Companies should invest in formalized training programs for individuals with nontraditional security backgrounds. They should be trained upfront and continually provided with additional training opportunities just like the rest of your team.
The beauty of DevOps and DevSecOps is that they shift some security responsibility from dedicated security teams in operations to the development side, with the idea being that security should be baked in throughout the application development process.
This provides a fresh opportunity for more people throughout the organization to take on roles as security champions, security ambassadors, security advocates — pick your term. And it lessens the pressure on companies to hire for security team positions and increases the incentive to get creative in looking internally for these champions.
By following these four steps, companies can find people who have the aptitude and passion for security and who can be made into top notch professionals with a little bit of training and mentoring.
The industry has been doing the same thing over and over — hunting for the usual suspects — and it’s time for new approaches.
Copyright © 2023 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG.

source

By Jess Weatherbed
If you buy something from a Verge link, Vox Media may earn a commission. See our ethics statement.
T-Mobile has revealed the company’s second major breach in less than two years, admitting that a hacker was able to obtain customer data, including names, birth dates, and phone numbers, from 37 million accounts. The telecom giant said in a regulatory filing on Thursday that it currently believes the attacker first retrieved data around November 25th, 2022, through one of its APIs.
T-Mobile says it detected malicious activity on January 5th and that the attacker had access to the exploited API for over a month. The company says it traced the source of the malicious activity and fixed the API exploit within a day of the detection. T-Mobile says the API used by the hacker did not allow access to data that contained any social security numbers, credit card information, government ID numbers, passwords, PINs, or financial information.
T-Mobile has begun notifying customers whose information may have been obtained
In a announcing the breach, T-Mobile omitted that the breach impacted 37 million accounts and that it had gone undetected for over a month. Instead, the statement expressed the company had “shut it down within 24 hours” as soon as its teams had identified the issue. T-Mobile has started to notify customers whose information may have been obtained in the breach.
“Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time,” the company said in the filing. “There is currently no evidence that the bad actor was able to breach or compromise our systems or our network.”
T-Mobile has disclosed eight hacks since 2018, with previous breaches exposing customer call records in January 2021, credit application data in August 2021, and an “unknown actor” accessing customer info and executing SIM-swapping attacks in December 2021. In April last year, the hacking group Lapsus$ stole T-Mobile’s source code after purchasing employees’ credentials online.
/ Sign up for Verge Deals to get deals on products we’ve tested sent to your inbox daily.
The Verge is a vox media network
© 2023 Vox Media, LLC. All Rights Reserved

source

Getty Images/iStockphoto
The need for cybersecurity professionals has never been greater. Given the ever-expanding roles of technology, data and AI in the enterprise, the need to protect, detect and remediate against cyber attacks is of existential importance across every sector.
At the same time, organizations of all kinds are grappling with the much-discussed cybersecurity talent shortage. A wide variety of opportunities abound, and the field needs a diverse array of talents and skills.
As an aspiring or current practitioner weighing possible career options, consider the following eight cybersecurity roles.
Seniority: Entry-level to midlevel
The security administrator is an operational role overseeing an organization’s security on a day-to-day basis and troubleshooting and triaging problems as they arise. Typical tasks might include the following:
Seniority: Entry-level to senior-level
The security operations center (SOC) analyst role involves uncovering potential cyber attacks by monitoring for unusual digital activity. SOC analysts use traditional log monitoring, as well as more advanced AI-based tools, that alert to suspicious behavior.
Many cybersecurity professionals’ first jobs are in the SOC, and an entry-level analyst could go on to hold any number of positions in the field.
While junior SOC analysts’ responsibilities are operational in nature — reviewing and processing alerts from security tools to weed out false alarms and escalate potential red flags — senior SOC analysts shoulder more advanced responsibilities. These might include the following:
Regardless of seniority, a SOC analyst needs an eye for detail, the ability to troubleshoot and an interest in threat research.
Seniority: Entry-level to senior-level
As the term suggests, digital or computer forensics involves retroactively investigating confirmed security incidents, such as data breaches. Digital forensic engineers — also known by titles such as cyber forensic investigators and computer forensic analysts — seek to uncover and understand the scope of attacks, who perpetrated them and how.
A digital forensic engineer’s responsibilities may include the following:
To be successful in this role, a digital forensic engineer must have the following:
While many digital forensic engineer, analyst and investigator roles require significant experience, related entry-level positions do exist. In some cases, for example, junior technicians may need only a bachelor’s degree and relevant technical skills to get started in digital forensics.
Seniority: Entry-level to senior-level
The IT auditing role involves evaluating an organization’s security practices and technological infrastructure to assess the following:
After assessing an organization’s risk profile, an IT auditor makes formal recommendations for improvement to key stakeholders. Other key responsibilities of an IT auditor include developing, implementing and updating the audit framework.
IT auditors need strong interpersonal skills and the ability to build relationships across their organizations; the ability to interpret and implement security frameworks; and an interest in meeting regulatory requirements effectively and efficiently.
Seniority: Midlevel to senior-level
The application security engineering role focuses on protecting an organization’s applications from attackers throughout the software development lifecycle and the application lifecycle. Appsec engineers may work in standalone teams or as integrated members of DevSecOps teams.
An appsec engineering position typically involves the following:
Today’s appsec engineers may also oversee API security and recommend best security practices for third-party application use.
Seniority: Midlevel to senior-level
Network security engineers aim to minimize network security vulnerabilities without sacrificing uptime. They need technical skills, the ability to troubleshoot problems as they arise and extensive knowledge of common and emerging cyber threats.
A network security engineer’s responsibilities typically include the following:
Today’s network security engineers may manage infrastructure in traditional on-premises, cloud or hybrid environments.
Seniority: Midlevel to senior-level
Also known as ethical hackers, pen testers work to proactively uncover enterprises’ security vulnerabilities by modeling attacker behavior. Pen testers try to breach networks and systems by exploiting known and unknown technical vulnerabilities and by engaging in social engineering. Their goal is to uncover security weaknesses before malicious hackers do.
Necessary skills include the following:
Pen testers may work for dedicated in-house teams or for third-party firms that serve multiple organizations.
Seniority: Senior-level
The security architect role overlooks the entire security posture of an organization. It includes the following responsibilities:
For security architects who are managers — leading teams of security engineers — people and communication skills are also important.
Part of: Getting started in cybersecurity
Cybersecurity needs new talent now more than ever, but landing that first job without a computer science degree can still be difficult. Here are five tips for getting in the door.
Cybersecurity is an exciting and increasingly important field with a wealth of career opportunities. Explore eight cybersecurity roles and the skills, talent and experience required.
Resumes help candidates leave an impression on potential employers. But did you know one resume often isn’t enough? Learn this and other tips for creating a cybersecurity resume.
It’s difficult to navigate a career in cybersecurity, especially with all the varying roles. A veteran CISO offers advice on how to find your niche in the security industry.
Cisco Viptela SD-WAN integration with Cisco+ Secure Connect brings cloud-based security to remote workers and easier …
Extreme Networks extends its SD-WAN network fabric to the edge to unify wired, wireless and WAN networking for simpler network …
Hybrid access as a service from a startup helped a global company secure optimized connectivity over home broadband connections. …
Technology products remain a mixed inflationary bag as server prices increase, storage costs decline and equipment delivery lead …
In its pursuit of big tech companies, the FTC theorizes their dominance is based on acquisition of nascent companies — a theory …
Two upcoming Supreme Court cases could significantly change how Section 230, which protects social media platforms from liability…
Internet Explorer mode lets users view legacy IE websites not supported by other browsers, which can increase productivity and …
Implementing MDM in BYOD environments isn’t easy. IT should communicate with end users to set expectations about what personal …
Dell joined Microsoft in cutting 5% of its workforce due to slowing PC sales. The company said the action will better position it…
Workloads with rigid latency, bandwidth, availability or integration requirements tend to perform better — and cost less — if …
Utilities and manufacturers are examples of industries using distributed cloud computing in private facilities to collect and …
If your cloud-based workloads and applications need to move back on premises, you’ll need a plan. Start your reverse migration …
Only days away from the eyes of the comms world turning to Barcelona, comms tech firms team with leading Spanish operator to demo…
UK’s leading telco switches on dedicated internet of things frameworks for businesses across the UK, allowing them to keep smart …
People are interested in STEM careers but many feel underqualified, while some don’t even know what counts as a STEM job, IBM …
All Rights Reserved, Copyright 2000 – 2023, TechTarget

Privacy Policy
Cookie Preferences
Do Not Sell or Share My Personal Information

source

Cyber Security Market Report 2022: Sector to Reach $657.02 Billion by 2030 at a 12.8% CAGR  Yahoo Finance
source

Tony Fyler
@more__hybrid
fyler@hybrid.co
Make sure your passwords are secure when you log in.
Nearly 35,000 Paypal users are being contacted after the company suffered a major data breach.
Unlike the recent high-profile ransomware attacks on organizations like The Guardian newspaper and the UK’s Royal Mail, the Paypal attack was significantly more mechanistic in nature. It appears to have been an automated attack, with bots using credential lists to carry out credential stuffing attacks, which “successfully” left users’ personal data exposed for the harvesting.
Credential stuffing attacks are particularly artless affairs – they’re more or less literally a guessing game where bots run the numbers constantly until or unless they’re detected and stopped, or until they hit the correct username and password combinations. It’s worth saying though that the bots rarely start from a clear blue sky – usually, they have lists of pairs to try, which in themselves are sourced from previous data leaks or breaches.
If you continually re-use the same username and password for several online accounts, credential stuffers are your personal Hell – which is why every cybersecurity awareness training course should come with a section on the importance of using something like a password manager, to disincentivize password re-use and make this kind of attack significantly more difficult to carry out.
If you’ve made lots of Paypal transactions in the last handful of days though, don’t panic – the Paypal data breach took place over two days in early December – December 6-8 in fact.
Paypal said nothing.
The company knew it had happened more or less immediately, and took steps to mitigate the attack.
It still said nothing.
By December 20^th, practically a calendar month ago, Paypal had completed its own investigation, confirming that over 30,000 accounts had been accessed using perfectly accurate, valid credentials, garnered by the credential stuffing bot attack method.
It took until January 19^th for Paypal to start writing to users whose credentials were compromised in early December. During the 48 hours of the attack, hackers had access to users’ full names, dates of birth, postal addresses, social security numbers, and tax identification numbers. It’s entirely possible they also had access to the credit and debit card details linked to nearly 35,000 users’ Paypal accounts.
PayPal says it took “timely action” to block the unauthorized access to its users’ accounts, but that rather misses the point. If the hackers had access for anything up to 48 hours, they probably still have all the details, which can be sold on or used for their own nefarious purposes.
The notification asserts that the attackers have not attempted — or at least did not manage to perform — any transactions from the PayPal accounts to which they had access.
That’s hardly surprising – if you suddenly gain access to someone’s home address, social security number, and potentially the details of several credit cards, you’re not about to blow it buying a yacht via Paypal. The reward from such an attack tends to come from the data sale value, rather than the direct use of the credentials.
It took the e-payment site almost a full calendar month to begin the process of notifying its users of the extent of the breach.
Now, as a result of Paypal’s admittedly swift action to lock out the hackers using the legitimate credentials to gain access to the user data, affected users will be required to change their passwords immediately, and will receive two years of free identity monitoring from Equifax.
That’s useful inasmuch as the details taken could be fraudulently used for all sorts of financing and the identity monitoring can help prevent such uses, but the question of why Paypal delayed its notification process for a full month remains one that should be of concern not just to the victims of this attack, but to potential victims everywhere – which is all of us.
The Guardian ransomware hack, which compromised the details of staff at one of the UK’s most-read newspapers, was not confirmed by the paper as being a ransomware attack until three weeks later – and then by email to all the staff whose details had been breached.
In the UK’s Royal Mail ransomware attack, the organization publicly quibbled about whether it was a ransomware attack even though it had received a ransom note.
Now Paypal, one of the world’s leading e-payment systems, has waited almost a full month between concluding its own investigation into a data breach and beginning the process of alerting the compromised users to the breach.
The recent dumping of thousands of Twitter users’ data onto hacker forums for free – after there were significant attempts to monetize the sale of the data — is another case where the gap between a breach and the affected users becoming significantly aware of the breach could be argued to be far too long.
The corporate culture of keeping breaches under wraps until either they have been dealt with or until the immediate threat appears to have passed clearly serves the potential victims extremely poorly.
It follows a tradition in software companies, where bugs are not widely reported until there’s a viable solution or patch to them, thereby minimizing the public panic and mistrust of everyday personal – and business – software. There’s an argument that this is valid, although a more rapid bug reporting process would normalize the understanding of quite how often software is released with bugs, errors or weaknesses still intact, and allow buyers to choose their next software package more carefully.
But when their staff or their users have their data exposed to hackers, companies would seem to have a moral, if in no sense a legal responsibility, to let people know as soon as possible, so that the chances of their details being used for criminal purposes are minimized.
In the case of the Paypal data breach, the company is focusing strongly on getting users to employ strong and different passwords (usually at least 12 characters in length, an increase from the 8 of recent years), and adopting multi-factor authentication to make these attacks harder to successfully carry out.
While this is all sound cybersecurity advice, it should not overshadow the delayed notification normality in the corporate culture around data breaches.
 
Tony Fyler
@more__hybrid
fyler@hybrid.co
17 February 2023
16 February 2023
16 February 2023

source