Category: Uncategorized

UPDATED 09:00 EST / AUGUST 02 2022
by Maria Deutscher
Cybrary Inc., a startup with a popular cybersecurity training platform, today announced that it has raised $25 million in funding to support growth initiatives.
The Series C funding round was led by existing Cybrary backers BuildGroup and Gula Tech Adventures. The startup has raised a total of $48 million from investors since launching in 2015.
College Park, Maryland-based Cybrary provides a training platform that enables users to learn cybersecurity skills such as how to remediate a ransomware attack. The platform provides access to a catalog of courses and other educational resources. It also offers cloud-based training environments that enable users to tackle simulated cyberattacks.
The startup offers two versions of the platform. One is designed for individuals, while the other is used by enterprise cybersecurity teams to hone their breach prevention and response skills.
The enterprise version of Cybrary’s platform includes a tool that enables companies to assess their cybersecurity teams’ familiarity with different hacking tactics. The platform can, for example, determine if a firm is not sufficiently prepared to address a ransomware attack. Companies can consult the insights surfaced by Cybrary to determine how they should prioritize internal cybersecurity training efforts. 
As part of its feature set, Cybrary provides cloud-based training environments that help users learn how to detect software vulnerabilities. The platform also promises to help users learn related skills. Cybrary provides training on how to prioritize application vulnerabilities based on severity, apply patches and assess the impact of a hacking attempt.
For companies with more advanced requirements, the startup provides what it calls scenario-based training. Cybrary’s scenario-based training features enable cybersecurity personnel to train for specific breach scenarios. A software-as-a-service company, for example, could use the platform to ensure that it can effectively respond to cyberattacks that target its publicly facing cloud applications. 
Cybrary’s approach is gaining significant traction. On occasion of its funding round, the startup disclosed today that its platform has helped train more than 3 million cybersecurity professionals since launch.
“Our continued investment in Cybrary is a testament to our belief in the important work they’re doing to address the current cyber skills gap and how they plan to evolve their training programs in the future,” said BuildGroup co-founder and Managing Partner Jim Curry.
Cybrary will use the new funding to support its engineering, sales and marketing efforts. The startup also plans to grow its threat intelligence group. The group helps Cybrary detect when new hacking tactics emerge and update its cybersecurity training materials accordingly.
Click here to join the free and open Startup Showcase event.
We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.
Click here to join the free and open Startup Showcase event.
MWC 2023 moves beyond consumer and deep into enterprise tech
Carrier equipment maker Ericsson lets go 8,500 employees
Apple reportedly planning second-generation mixed reality headset for 2025
Report: Justice Department plans lawsuit to block Adobe’s $20B Figma acquisition
Galaxy Digital finalizes $44M acquisition of crypto self-custody platform GK8
Meta releases LLaMA to democratize access to large language AI models
MWC 2023 moves beyond consumer and deep into enterprise tech
INFRA – BY DAVE VELLANTE . 11 HOURS AGO
Carrier equipment maker Ericsson lets go 8,500 employees
INFRA – BY MARIA DEUTSCHER . 1 DAY AGO
Apple reportedly planning second-generation mixed reality headset for 2025
APPS – BY MARIA DEUTSCHER . 1 DAY AGO
Report: Justice Department plans lawsuit to block Adobe’s $20B Figma acquisition
POLICY – BY MARIA DEUTSCHER . 1 DAY AGO
Galaxy Digital finalizes $44M acquisition of crypto self-custody platform GK8
BLOCKCHAIN – BY KYT DOTSON . 1 DAY AGO
Meta releases LLaMA to democratize access to large language AI models
AI – BY MIKE WHEATLEY . 1 DAY AGO
Forgot Password?
Like Free Content? Subscribe to follow.

source

“Cybersecurity is much more than a matter of IT.” ― Stephane Nappo.
As we progress in our digitalization, the chances of becoming a target to damaging cyberattacks increases. While there is no way to stop the occurrence, staying vigilant and adopting a holistic security approach is key to surviving the attacks. The evolving threat landscape today emphasizes the need to analyze and dive deep into the core of cybersecurity, its evolution, and its role in preventing cyberattacks. So, what is cybersecurity, and why is it so important today? This article will discuss everything you must know about cybersecurity: what it is all about, its importance and benefits, the best career opportunities in the domain, and more.
Cybersecurity is popularly defined as the practice of implementing tools, processes, and technology to protect computers, networks, electronic devices, systems, and data against cyberattacks. It is adopted by individuals and enterprises to limit the risks of theft, attack, damage, and unauthorized access to computer systems, networks, and sensitive user data. Since its inception in the 1970s, cybersecurity has undergone constant evolution. Today, cybersecurity is no longer restricted to the practice of only protecting computers but also individuals against malicious cyberattacks. The main purpose of cybersecurity is to prevent the leak of sensitive data while simultaneously ensuring cyber resilience to respond and recover from cyberattacks with lesser damage.
As cyberattacks become more innovative and complex, the scope and domains expand to encompass several disciplines. Based on its application areas, cybersecurity can be broadly classified into six distinct types:
To understand cybersecurity better, it is important to know more about various cybersecurity threats and their damaging repercussions on businesses and individuals. While there can be various motives behind cyberthreats, the primary rationale seems to be financial gain. The major types of cybersecurity threats that are widely prevalent today include the following:

With evolving cybercrimes causing havoc to enterprises and individuals, cybersecurity is increasingly important. Cybersecurity is essential to protecting individuals and businesses against diverse cyberthreats (as discussed above). It strengthens an organization’s defense posture and is critical in mitigation and response. The benefits of cybersecurity are not only limited to data protection but also extend to employing cyber-resilience approaches to help organizations recover from a cyberattack as quickly as possible.
As the world continues to rely heavily on technology, online cybersecurity defenses must evolve to cope with advanced cyber threats. While there is no one-size-fits-all solution, adhering to cybersecurity best practices can limit the occurrence of catastrophic cyber attacks. Here are a few recommendations for maintaining good cyber hygiene.
Cybersecurity challenges today have become synonymous with digitalization. Let’s look at some recent challenges the cybersecurity industry faces today.
Cybersecurity is a fast-paced domain and projects huge career growth potential in the future. With cyberattacks growing in leaps and bounds, the number of entry-level, mid-level, and advanced job positions in various cybersecurity domains will rise. The demand for Information Security Analysts alone is expected to grow 35 percent from 2021 to 2031. (U.S. Bureau of Labor Statistics, 2022). One can explore entry-level job roles such as “Information Security Specialists,” “Digital Forensic Examiners,” etc., and consider mid-level or advanced roles such as “Security Engineer,” “Security Architect,” etc., as per proficiency levels and interests.
While cybersecurity professionals are required to have a bachelor’s degree in computer science, additional certifications can prove to be beneficial in enhancing their expertise and landing high-paying jobs. EC-Council offers cybersecurity certifications in various cybersecurity domains to enable professionals to transition to excellence. Candidates leverage hands-on learning to acquire deep knowledge of various cybersecurity aspects, from ethical hacking to cyber forensics, and make an excellent career progression with expert guidance. Some of the renowned certifications by EC-Council include:
Statista. (2022, August 3). Annual number of ransomware attacks worldwide from 2016 to first half 2022 (in millions). https://www.statista.com/statistics/494947/ransomware-attacks-per-year-worldwide
Statista. https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/
U.S. BUREAU OF LABOR STATISTICS. Information Security Analysts. https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm
Vailshery, L. (2022, November 22). Number of IoT connected devices worldwide 2019-2021, with forecasts to 2030. https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/
© 2022 EC-Council
© 2022 EC-Council

source

We use some essential cookies to make this website work.
We’d like to set additional cookies to understand how you use GOV.UK, remember your settings and improve government services.
We also use cookies set by other sites to help us deliver content from their services.
You can change your cookie settings at any time.
Departments, agencies and public bodies
News stories, speeches, letters and notices
Detailed guidance, regulations and rules
Reports, analysis and official statistics
Consultations and strategy
Data, Freedom of Information releases and corporate reports
Minister of State announces £18.9 million investment in NI’s Cyber Security industry.
The UK Government has announced £18.9 million investment in NI’s Cyber Security industry, including £11 million Government funding through the New Deal for Northern Ireland, to develop a pipeline of cyber security professionals in NI as well helping businesses and startups develop new opportunities.
The investment, announced by Minister of State for Northern Ireland, Steve Baker MP, will see the creation of a new Cyber-AI Hub at the Centre for Secure Information Technologies (CSIT) in Belfast, creating jobs and supporting the research and development of AI-enabled cyber security projects.
Following the launch, Minister Baker visited NVIDIA, one of the companies benefiting from the close collaboration at CSIT, to learn more about the work being done in their Belfast
R&D centre to enhance the security and performance of NVIDIA’s networking solutions. The company, a global leader in AI, will engage with the new hub on collaborative research into AI-based cyber threat intelligence.
The funding will help ensure a pipeline of world-class cyber professionals, with the creation of a Doctoral training programme and Masters bursaries helping to deliver on the Government’s pledge of 5000 cyber professionals in NI by 2030, as well as supporting the Government’s £2.6bn National Cyber Strategy.
An additional £3.3 million from the Engineering and Physical Sciences Research Council will support the delivery of the next phase of the UK’s Innovation and Knowledge Centre at CSIT as it continues linking industry, government and academic expertise to promote economic growth.
With £4.6 million from project partners, the funding builds on NI’s impressive track record of attracting investment in its Cyber Security sector, ahead of Belfast hosting the UK’s flagship cyber security event, CyberUK 2023 in April.
This funding will help to create jobs and strengthen Northern Ireland’s economy, ensuring NI continues to lead the way in cyber security.
We have world-class talent and expertise in NI, and the Government is committed to developing cyber security professionals, here and across the UK.
The funding will have an immediate positive impact on NI’s cyber sector, and with Belfast hosting the UK’s leading cyber security conference in April, I’m looking forward to seeing NI’s deserved recognition as a global cyber security hub.
Northern Ireland’s cyber security firms play a huge role in the UK’s thriving and world-leading tech industry.
We’re investing millions so people across Northern Ireland can gain the skills for exciting careers helping people and businesses defend against cyber threats.
This funding boost will have a hugely positive impact on the cyber security sector locally, nationally and globally.
Investing in a Doctoral Training Programme is vital for the future of our society. We are investing in the skills of the next generation of leaders in cyber security, as well as progressing the Northern Ireland economy.
Over the last 15 years, Queen’s University has helped to put Northern Ireland on the map for digital innovation. We are proud of the work that takes place through the Centre for Secure Information Technologies (CSIT) and are looking forward to further developing cutting-edge research through the broader Belfast Region City Deal-funded Global Innovation Institute.
For the past 13 years the Centre for Secure Information Technologies has played a key role in helping the UK to respond to emerging cyber security threats. It is also at the heart of a thriving innovation ecosystem in Northern Ireland involving more than 100 companies and providing 2,300 people.
Together with the Cyber-AI hub this additional funding announced today will build on this success to promote further growth and support further cutting edge research that will benefit us all.
Cyber-AI Hub will see the creation of a UK Government Northern Ireland based cyber engagement lead, joining DSIT colleagues in Northern Ireland. This role, similar to positions in other regions in the UK, will engage directly with the Northern Ireland cyber sector to support the delivery of the government’s national cyber security and levelling up strategies as well as exploring opportunities for further UK government funded innovation and skills initiatives.
The funding will also allow for the continuation of the NI Cyber Security Snapshot by QUB. This will highlight opportunities and challenges for the Northern Ireland Cyber Security sector to be identified on a regular basis, further enabling growth in the sector.
New Deal for Northern Ireland
Cyber-AI Technologies Hub
CSIT Doctoral Training Programme
Masters Bursaries
NI Cyber Security Snapshot
CyberUK 2023
CSIT Innovation and Knowledge Centre
In 2008, the  Institute of Electronics, Communications and Information Technology (ECIT)  was chosen by the  Engineering and Physical Sciences Research Council (EPSRC)  and  Innovate UK  to host The Centre for Secure Information Technologies (CSIT), one of only seven UK  Innovation and Knowledge Centres (IKCs).
IKCs are a key component of the UK’s approach to the commercialisation of emerging technologies through creating early stage critical mass in an area of disruptive technology. They are able to achieve this through their international quality research capability and access to companion technologies needed to commercialise research.
Sharing will open the page in a new tab
Don’t include personal or financial information like your National Insurance number or credit card details.
To help us improve GOV.UK, we’d like to know more about your visit today. We’ll send you a link to a feedback form. It will take only 2 minutes to fill in. Don’t worry we won’t send you spam or share your email address with anyone.

source

or call jsbacContact
or call jsbacContact
By 2025, nearly half of cybersecurity leaders will change jobs, 25% for different roles entirely due to multiple work-related stressors, according to Gartner, Inc. 
“Cybersecurity professionals are facing unsustainable levels of stress,” said Deepti Gopal, Director Analyst, Gartner. “CISOs are on the defense, with the only possible outcomes that they don’t get hacked or they do. The psychological impact of this directly affects decision quality and the performance of cybersecurity leaders and their teams.”

Given these dynamics as well as the massive market opportunities for cybersecurity professionals, talent churn poses a significant threat for security teams. Gartner research shows that compliance-centric cybersecurity programs, low executive support and subpar industry-level maturity are all indicators of an organization that does not view security risk management as critical to business success. Organizations of this type are likely to experience higher attrition as talent leaves for roles where their impact is felt and valued.
“Burnout and voluntary attrition are outcomes of poor organizational culture,” said Gopal. “While eliminating stress is an unrealistic goal, people can manage incredibly challenging and stressful jobs in cultures where they’re supported.”
Humans Are the Chief Cause of Security Incidents
Gartner predicts that by 2025, lack of talent or human failure will be responsible for over half of significant cyber incidents. The number of cyber and social engineering attacks against people is spiking as threat actors increasingly see humans as the most vulnerable point of exploitation.
A Gartner survey conducted in May and June 2022 among 1,310 employees revealed that 69% of employees have bypassed their organization’s cybersecurity guidance in the past 12 months. In the survey, 74% of employees said they would be willing to bypass cybersecurity guidance if it helped them or their team achieve a business objective.
“Friction that slows down employees and leads to insecure behavior is a significant driver of insider risk,” said Paul Furtado, VP Analyst, Gartner.
To confront this rising threat, Gartner predicts that half of medium to large enterprises will adopt formal programs to manage insider risk by 2025, up from 10% today. A focused insider risk management program should proactively and predictively identify behaviors that may result in the potential exfiltration of corporate assets or other damaging actions and provide corrective guidance, not punishment.
“CISOs must increasingly consider insider risk when developing a cybersecurity program,” said Furtado. “Traditional cybersecurity tools have limited visibility into threats that come from within.”
Gartner clients can read more in “Predicts 2023: Cybersecurity Industry Focuses on the Human Deal.”
Learn more about the top priorities for security and risk leaders in 2023 in the complimentary Gartner ebook 2023 Leadership Vision for Security & Risk Management Leaders. 
Gartner Security & Risk Management Summit 
Gartner analysts will present the latest research and advice for security and risk management leaders at the Gartner Security & Risk Management Summits, February 27-28 in Dubai, March 28-29 in Sydney, June 5-7 in National Harbor, MD, July 26-28 in Tokyo and September 26-28 in London. Follow news and updates from the conferences on Twitter using #GartnerSEC.
About Gartner for Information Technology Executives
Gartner for Information Technology Executives provides actionable, objective insight to CIOs and IT leaders to help them drive their organizations through digital transformation and lead business growth. Additional information is available at www.gartner.com/en/information-technology.
Follow news and updates from Gartner for IT Executives on Twitter and LinkedIn. Visit the IT Newsroom for more information and insights. 
Meghan Rimol DeLisi
Gartner
Meghan.Rimol@Gartner.com
Catherine Howley
Gartner
Catherine.Howley@Gartner.com
Newsroom

View all press releases

Reset
March 01 2023
February 28 2023
February 14 2023

Learn More
Learn More
Access the Infographic
Access the Infographic
Gartner, Inc. (NYSE: IT) delivers actionable, objective insight to executives and their teams. Our expert guidance and tools enable faster, smarter decisions and stronger performance on an organization’s mission critical priorities. To learn more, visit gartner.com.
©2023 Gartner, Inc. and/or its affiliates. All rights reserved.
©2023 Gartner, Inc. and/or its affiliates. All rights reserved.
Clients receive 24/7 access to proven management and technology research, expert advice, benchmarks, diagnostics and more. Fill out the form to connect with a representative and learn more.
jsbacContactjsbacContact
8 a.m. – 7 p.m. ET
8 a.m. – 5 p.m. GMT
Monday through Friday

By clicking the "Submit" button, you are agreeing to the Gartner Terms of Use and Privacy Policy.
By clicking the "" button, you are agreeing to the Gartner Terms of Use and Privacy Policy.

source

Entrepreneur Jon Miller’s first foray into what would become his career in cybersecurity was attending hacker conventions at age 16. In high school, he was hired to do consulting work as a “penetration tester”—a role that involves testing a company’s security and then helping to fix the breach. Later, working as a hacker for Internet Security Systems, he met Ryan Smith, who was a vulnerability researcher at the firm: basically, prodding at systems like Windows to find out how the software could be exploited. Two years ago, the pair launched Halcyon, a ransomware defense software that helps companies prevent cyberattacks and equips them with defensive software, which is a novel development in cybersecurity tech. 
That “offense to defense” strategy is exactly what Bob Ackerman, founder of AllegisCyber Capital, looks for when he incubates and invests in early-stage cybersecurity startups. Ackerman explained that he seeks out founders that have spent their entire careers in cyber, and particularly have come out of the NSA or the Israeli equivalent, Unit 8200. “All of the innovation in cyber is actually paced by the offense,” he explained. “When you get to seed, there’s no revenue, there’s no product, and there’s no customers, so you’re really relying on [the founding team’s] domain expertise.”
Cybersecurity stands out from other sectors as especially technical and specialized—and right now it’s booming. As Fortune previously reported, the global cybersecurity market is expected to reach $403 billion by 2027—making the compound annual growth rate 12.5% from 2020 to 2027.  VCs are searching for brilliant founders, and they’re often recruited to build tech with little to no business experience. (Many of the startups VCs have their eye on, or have invested in themselves, are incubated in cybersecurity foundries that recruit alums of national intelligence agencies to build cyberdefense tech.) VCs are looking to spot ideas that are differentiated and have a clear market application. “What you have to try to decipher is whether the problem that this business is solving is a feature, or is it truly a business?” says Maverick Ventures investor Matt Kinsella.
For this list, we asked the top VCs in cybersecurity to nominate startups. We asked them for names outside their portfolios, but read all the way to the bottom for some picks inside their portfolios.
Famed venture investor Ted Schlein likes R2C, a San Francisco–based software security startup. The company works with Semgrep technology, which functions as “spell-check for code” and is used by companies like Slack, Dropbox, and GitLab. Semgrep software is unique because it can search through huge volumes of code to find specific lines, which helps companies prevent data breaches and protect against attacks. R2C built a software around Semgrep that makes the technology more accessible and easier for companies to use and build the most up-to-date version of Semgrep. 
R2C was founded in 2017 by Drew Dennison, Isaac Evans, and Luke O’Malley. In July 2021, the startup raised $27 million in a series B round led by Felicis, with participation from Sequoia and Redpoint, bringing their total funding to $40 million. 
Ten Eleven Ventures investor Mark Hatfield pointed to ransomware defense startup Halcyon as a company to watch. Halcyon is an A.I. ransomware prevention software that both detects attacks before they happen and has designed a mechanism to defend against attacks while they are happening. Miller explained that what makes Halcyon unique is the technology’s ability to help software recover from an ongoing attack in real time. “You still have to deliver protection, but resiliency essentially has gone unfocused” in the cybersecurity industry, explained CEO and founder Jon Miller. “These are the best-funded attackers in history. You have to be adaptable and realize that you’re going to get pushed over at some point,” he said. “The question is how do you recover from [the attack] quickly, and reduce the impact from two months or two weeks down to five minutes.”
Founded in 2021 by Miller and CTO Ryan Smith, the company raised $20 million in seed funding from backers such as Syn Ventures. The company is currently in the midst of a another fundraising round.
A.I. is exploding in popularity as chatbots and machine learning-powered products roll out across industries. Yet with A.I. innovation comes the next generation of A.I.-powered cyberattacks. HiddenLayer, the startup nominated by Syn Ventures’ Jay Leek, aims to address the rise in machine-learning cyberattacks with its software. 
The Austin-based A.I. cybersecurity startup operates a security platform that detects and prevents cyberattacks using machine learning. HiddenLayer’s product suite includes monitoring technology to survey software for attacks and security and reporting measures. In July 2022, the startup raised $6 million from backers including Ten Eleven Ventures and Secure Octane. The company was founded by Christopher Sestito, Tanner Burns, and James Ballard. 
Investor Chenxi Wang, founder of cybersecurity fund Rain Capital, likes startup Graphiant. Graphiant was launched this year by CEO Khalid Raza and CTO Stefan Olofsson, who previously founded networking technology startup Viptela, which was acquired by Cisco in 2017 for $610 million. Graphiant uses a platform that helps businesses securely manage corporate networks. “Users must cross a digital wilderness the enterprise doesn’t control or have visibility into to access resources—paths across this digital wilderness change by the minute,” Raza wrote when launching the company. “Our goal is to solve enterprises’ challenges, connecting resources, clouds, and applications across this digital wilderness,” he added.
In December 2020, the startup raised $33.5 million in funding led by Sequoia and Two Bear. “Network security is built into the infrastructure in that Graphiant allows encryption all the way to the edge, reducing threat surface and delivering data security and privacy along with fast and dynamic connectivity,” explained Wang. 
Cyberattacks are a company’s worst nightmare—so you better believe they’re willing to pay up for technology that prevents them. That’s why Iren Reznikov, investor at S Ventures, likes startup Noname. API security technology, which helps different software and hardware features to communicate, addresses data breaches such as those faced by Peloton, Facebook, and LinkedIn. In December 2021, Noname raised $135 million in Series C funding at an over $1 billion valuation after emerging from stealth in December 2020. Noname’s investors include Georgian, Lightspeed, Cyerstarts, and Forgepoint. “With API attacks on the rise, Noname delivers a complete end-to-end platform for discovery and monitoring of APIs, runtime protection, and API testing,” Reznikov said. 
Startup Wiz, recommended for the list by NightDragon managing director Morgan Kyauk, has made headlines recently for good reason: the cloud security startup, which launched in 2020, scaled from $1 million to $100 million in annual recurring revenue in just 18 months. In October 2021, the company raised $250 million in Series C funding a $6 billion valuation. Wiz’s cloud security platform identifies potential security holes across a company’s network. 
The company was founded in January 2020 by Assaf Rappaport, Yinon Costica, Ami Luttwak, and Roy Reznik, who previously built the company Adallom, which sold to Microsoft for $320 million. Kyauk explained that he is particularly impressed by Wiz because they are dominating an established cloud security market, which includes competitors like Palo Alto Networks and Check Point. “[Wiz] was able to come in and out-execute the legacy incumbent vendors from a go-to-market and distribution perspective,” he said. “Now, they’re the market leader within this space and some of these incumbents are now trying to play catch up,” he added. 
Finally, putting your money where your mouth is does actually speak volumes. So we also asked our VCs to highlight one portfolio company they are particularly excited about. Here’s what they said:
Bob Ackerman of AllegisCyber pointed to Dragos as a startup that is a prime example of founders using the “offense to defense” strategy in the development of cybertechnology. In 2021, Dragos raised $200 million in Series D funding at a valuation of $1.7 billion. Dragos secures industrial control systems like electrical grids, petrochemical facilities, and other critical infrastructure. The company was founded by CEO Robert Lee, chief data scientist Justin Cavinee, and CTO Jon Lavender in 2016 and was incubated in Maryland-based cybersecurity foundry DataTribes. 
Iren Reznikov of S Ventures highlighted Noetic Cyber. The company launched in 2021 with $20 million in total funding, including a new Series A round lead by Energy Impact Partners and including existing investor Ten Eleven Ventures. The company was founded by CEO Paul Ayers, CPO Allen Rogers, and Chief Architect Allen Hadden The platform “provides an easy way to identify and close coverage gaps in the cyber posture of an enterprise,” explained Reznikov. “As investors, we were impressed with Noetic’s strong platform capabilities and coverage for the modern tech stack,” she added. 
Mark Hatfield of Ten Eleven Ventures nominated startup Interpres, a security defense surface platform. In December 2022, the company launched with $8.5 million in seed funding from Hatfield’s Ten Eleven Ventures. Interpres was founded by CEO Nick Lantuh, Mike Jenks, Ian Roth, and Michael Maurer. The company “helps companies turn the chaos of their defense surface into something elegantly engineered and tailored to the company’s particular threat profile,” wrote Hatfield. “With intelligence from the platform, security teams can take a threat-informed perspective to understand exactly what their current tools can detect and defend against, and then consistently and iteratively improve their security posture.”
Ted Schlein of Ballistic Ventures nominated misinformation mitigation startup Alethea from his portfolio. The startup’s machine learning platform analyzes and detects misinformation and social media manipulation across the internet.  In November 2022, the company raised $10 million in Series A funding from Ballistic Ventures. The company was founded in 2019 by Lisa Kaplan. 
Matt Kinsella, investor at Maverick Ventures, recommended behavioral biometrics startup BioCatch, which he described as a unique approach to identity security. The technology developed by BioCatch monitors users’ individual behavioral patterns on their device to detect when there is fraud. The company last raised $145 million in 2020 in a Series D round. The company was founded by Avi Rugemen, Benny Rosenbaum, and Uri Rivner. BioCatch was founded in 2011 and launched in 2020, yet Kinsella emphasized that he thinks the startup will be “one to watch” in 2023 as it gains traction.
Learn how to navigate and strengthen trust in your business with The Trust Factor, a weekly newsletter examining what leaders need to succeed. Sign up here.
© 2023 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information | Ad Choices 
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.
S&P Index data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. Terms & Conditions. Powered and implemented by Interactive Data Managed Solutions.

source

Image via Unsplash
Event security remains an ever-growing concern. Public events have been the targets in the past, meaning security leaders have tightened event safety procedures. Large events, such the Super Bowl, often require additional security to keep entertainment, staff and guests safe throughout the event. However, large events can also become targets for phishing and other cyberattacks. As security leaders plan and enforce an event’s physical safety measures, an event should prepare an equally thorough cybersecurity plan. 
Rafal Los, Head of Services GTM at ExtraHop, shared his thoughts on stadium cybersecurity ahead of the Super Bowl:
“As with any big public events, hackers will exploit the event to try and drive users to click on or open malicious links or items. Phishing using Super Bowl themed content will likely be prevalent. Hackers count on people getting caught up in the hype of the sporting event to let their guard down and click on something that looks like it came from a friend or other trusted source, with some tie-in to the event. The inevitable goal is one of the same few — get you to divulge your credentials to something like Office 365 or your bank or install malware or ransomware on your computer.”  
“Always be vigilant, and especially during big events where you’re emotionally involved and want to be part of the hype/group. Always be skeptical of something that comes into your inbox or texts, or even pops up on a web page. Skepticism and knowing attackers are constantly out to get you is key.”
“Event security professionals can cut down on this type of attack by ensuring they’ve monitored their brands carefully and are actively defending against typo-squatting attacks, and monitoring web traffic at their events (where possible) for malicious content and links.”

You must have JavaScript enabled to enjoy a limited number of articles over the next 30 days.
Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company. Interested in participating in our Sponsored Content section? Contact your local rep.
ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe. 
The John F. Kennedy Center for the Performing Arts is home to some of the nation’s largest events, from the Kennedy Center Honors to the Mark Twain Prize and high-caliber theatrical and symphonic performances.
 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 
Copyright ©2023. All Rights Reserved BNP Media.
Design, CMS, Hosting & Web Development :: ePublishing

source

Many cybersecurity professionals, if not all, have experienced that “after the breach” feeling — the moment you realize you’ll have to tell your customers their personal information may have been compromised because one of your vendors had a data breach.
Such situations also involve spending significant amounts of time and resources fixing a problem caused by a third party. No matter how well you clean things up, the reputational hit to your organization will continue to cost you in lost business down the road.
The fact is, the consequences of failing to properly manage third-party risk are far too costly to ignore.
Ransomware attacks, data breaches and widespread IT outages ranked this year as the most significant risk concerns for companies worldwide. More than seven in ten organizations fear third parties have too much control over customer data, including needlessly broad permissions and authorization. Of the 44% of organizations that reported a data breach last year, 75% said the breach stemmed from a third party’s excessive privileged access.

While managing third-party cyber risk is essential to maintaining customer trust, it’s also increasingly important for organizations looking to purchase cyber insurance policies. All it takes is an accidental email containing personal information sent to the wrong customer, and the basic standards for a data breach have been met. Add the various state and federal data laws and costs associated with remediation, and it becomes clear why every organization could benefit from cyber insurance.
As more contracts between businesses contain cyber insurance clauses, it’s important to consider the impact security standards have on obtaining a policy. To put it plainly, the better your security standards are, the better your rates, especially at a time when cyber insurance premiums are soaring.
Cyber insurance providers want to see that you have high standards of security before they issue a policy, so effective third-party risk management could mean the difference between potential insurers offering you a good rate or deeming you ineligible for coverage.
An organization’s ability to handle third-party cyber risk proactively depends on its risk management strategies. According to Forrester, 70% of enterprise decision-makers agree that third-party risk is a business priority, but about 69% use manual processes in their third-party risk programs.

source

Here are three of the worst breaches, attacker tactics and techniques of 2022, and the security controls that can provide effective, enterprise security protection for them.
Ransomware as a service is a type of attack in which the ransomware software and infrastructure are leased out to the attackers. These ransomware services can be purchased on the dark web from other threat actors and ransomware gangs. Common purchasing plans include buying the entire tool, using the existing infrastructure while paying per infection, or letting other attackers perform the service while sharing revenue with them.
In this attack, the threat actor consists of one of the most prevalent ransomware groups, specializing in access via third parties, while the targeted company is a medium-sized retailer with dozens of sites in the United States.
The threat actors used ransomware as a service to breach the victim’s network. They were able to exploit third-party credentials to gain initial access, progress laterally, and ransom the company, all within mere minutes.
The swiftness of this attack was unusual. In most RaaS cases, attackers usually stay in the networks for weeks and months before demanding ransom. What is particularly interesting about this attack is that the company was ransomed in minutes, with no need for discovery or weeks of lateral movement.
A log investigation revealed that the attackers targeted servers that did not exist in this system. As it turns out, the victim was initially breached and ransomed 13 months before this second ransomware attack. Subsequently, the first attacker group monetized the first attack not only through the ransom they obtained, but also by selling the company’s network information to the second ransomware group.
In the 13 months between the two attacks, the victim changed its network and removed servers, but the new attackers were not aware of these architectural modifications. The scripts they developed were designed for the previous network map. This also explains how they were able to attack so quickly – they had plenty of information about the network. The main lesson here is that ransomware attacks can be repeated by different groups, especially if the victim pays well.
“RaaS attacks such as this one are a good example of how full visibility allows for early alerting. A global, converged, cloud-native SASE platform that supports all edges, like Cato Networks provides complete network visibility into network events that are invisible to other providers or may go under the radar as benign events. And, being able to fully contextualize the events allows for early detection and remediation.
Attacks on critical infrastructure are becoming more common and more dangerous. Breaches of water supply plants, sewage systems and other such infrastructures could put millions of residents at risk of a human crisis. These infrastructures are also becoming more vulnerable, and attack surface management tools for OSINT like Shodan and Censys allow security teams to find such vulnerabilities with ease.
In 2021, two hackers were suspected of targeting radiation alert networks. Their attack relied on two insiders that worked for a third party. These insiders disabled the radiation alert systems, significantly debilitating their ability to monitor radiation attacks. The attackers were then able to delete critical software and disable radiation gauges (which is part of the infrastructure itself).
“Unfortunately, scanning for vulnerable systems in critical infrastructure is easier than ever. While many such organizations have multiple layers of security, they are still using point solutions to try and defend their infrastructure rather than one system that can look holistically at the full attack lifecycle. Breaches are never just a phishing problem, or a credentials problem, or a vulnerable system problem – they are always a combination of multiple compromises performed by the threat actor,” said Etay Maor, Sr. Director of Security Strategy at Cato Networks.
The third attack is also a ransomware attack. This time, it consisted of three steps:
1. Infiltration – The attacker was able to gain access to the network through a phishing attack. The victim clicked on a link that generated a connection to an external site, which resulted in the download of the payload.
2. Network activity – In the second phase, the attacker progressed laterally in the network for two weeks. During this time, it collected admin passwords and used in-memory fileless malware. Then on New Year’s Eve, it performed the encryption. This date was chosen since it was (rightfully) assumed the security team would be off on vacation.
3. Exfiltration – Finally, the attackers uploaded the data out of the network.
In addition to these three main steps, additional sub-techniques were employed during the attack and the victim’s point security solutions were not able to block this attack.
“A multiple choke point approach, one that looks horizontally (so to speak) at the attack rather than as a set of vertical, disjointed issues, is the way to enhance detection, mitigation and prevention of such threats. Opposed to popular belief, the attacker needs to be right many times and the defenders only need to be right just once. The underlying technologies to implement a multiple choke point approach are full network visibility via a cloud-native backbone, and a single pass security stack that’s based on ZTNA.” said Etay Maor, Sr. Director of Security Strategy at Cato Networks.
It is common for security professionals to succumb to the “single point of failure fallacy”. However, cyber-attacks are sophisticated events that rarely involve just one tactic or technique which is the cause of the breach. Therefore, an all-encompassing outlook is required to successfully mitigate cyber-attacks. Security point solutions are a solution for single points of failure. These tools can identify risks, but they will not connect the dots, which could and has led to a breach.
According to ongoing security research conducted by Cato Networks Security Team, they have identified two additional vulnerabilities and exploit attempts that they recommend including in your upcoming security plans:
While Log4j made its debut as early as December of 2021, the noise its making hasn’t died down. Log4j is still being used by attackers to exploit systems, as not all organizations have been able to patch their Log4j vulnerabilities or detect Log4j attacks, in what is known as “virtual patching”. They recommend prioritizing Log4j mitigation.
Security solutions like firewalls and VPNs have become access points for attackers. Patching them has become increasingly difficult, especially in the era of architecture cloudification and remote work. It is recommended to pay close attention to these components as they are increasingly vulnerable.
To reduce the attack surface, security professionals need visibility into their networks. Visibility relies on three pillars:
Once an organization has complete visibility to the activity on their network they can contextualize the data, decide whether the activity witnessed should be allowed, denied, monitored, restricted (or any other action) and then have the ability to enforce this decision. All these elements must be applied to every entity, be it a user, device, cloud app etc. All the time everywhere. That is what SASE is all about.
Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.

source

Employer demand for cybersecurity professionals continues to strain talent availability, according to new data from CyberSeek.

For the 12-month period ending in September 2022, employers listed 769,736 openings for cybersecurity positions or jobs requiring cybersecurity skills. Employer demand for cybersecurity workers grew 2.4 times faster than the overall rate across the U.S. economy. Nine of the 10 top months for cybersecurity job postings in the past 10 years have occurred in 2022.
Despite a slight pullback in hiring activity in the most recent months from the record volumes of earlier this year, total cybersecurity job postings for Q3 2022 tracked 30% higher than the same period in 2021 and 68% higher than 2020. The supply-demand ratio held steady at 65, indicating approximately 65 cybersecurity workers in the labor market – the vast majority already employed, for every 100 cybersecurity job postings.
Data shows that requirements for cybersecurity skills for specific occupations have increased dramatically in the last 12 months. The cybersecurity profession continues to expand into specialized fields, such as penetration tester and threat analyst. There is a similar expansion of cybersecurity skills requirements in adjacent positions such as auditor (+336%), software developer (+87%), cloud architect (+83%) and technical support engineer (+48%).
“The CyberSeek data reaffirms the critical importance of feeder roles and thinking more creatively about on-ramps and career pathways,” said Ron Culler, VP cyber learning officer, CompTIA. “It is clear from the CyberSeek data that cybersecurity’s importance and impact reaches all levels of the tech workforce. We see this trend continuing and are committed to ensuring that cybersecurity professionals are prepared for the current and future challenges this will bring.”
“Demand for cybersecurity talent has been accelerating for years, and employers are showing no signs of taking their foot off the gas,” said Will Markow, VP of applied research at Lightcast. “That’s why it is more important than ever to build robust talent pipelines to ensure a safer digital world. We can’t accept leaving holes in our cybersecurity defenses simply because we don’t have enough trained workers to plug them.”

source

The scale of cyberattacks that organizations face today means autonomous systems are becoming a critical component of cybersecurity. This forces us to question the ideal relationship between human security teams and artificial intelligence (AI): What level of trust should be granted to an AI program, and at what point do security teams intervene in its decision-making?
With autonomous systems in cybersecurity, human operators are raising the bar of their decision-making. Instead of making an increasingly unmanageable number of “microdecisions” themselves, they now establish the constraints and guiderails that AI machines should adhere to when making millions of granular microdecisions at scale. As a result, humans no longer manage at a micro level but at a macro level: Their day-to-day tasks become higher-level and more strategic, and they are brought in only for the most essential requests for input or action.
But what will the relationship between humans and AI look like? Below, we dissect four scenarios outlined by the Harvard Business Review that set forth possibilities for varied interaction between humans and machines, and explore what this will look like in the cyber realm.
In this scenario, the human is, in effect, doing the decision-making and the machine is providing only recommendations of actions, as well as the context and supporting evidence behind those decisions to reduce time-to-meaning and time-to-action for that human operator.
Under this configuration, the human security team has complete autonomy over how the machine does and does not act.
For this approach to be effective in the long-term, sufficient human resources are required. Often this would far exceed what is realistic for an organization. Yet for organizations coming to grips with the technology, this stage represents an important steppingstone in building trust in the AI autonomous response engine.
Most decisions are made autonomously in this model, and the human only handles exceptions, where the AI requests some judgment or input from the human before it can make the decision.
Humans control the logic to determine which exceptions are flagged for review, and with increasingly diverse and bespoke digital systems, different levels of autonomy can be set for different needs and use cases.
This means that the majority of events will be actioned autonomously and immediately by the AI-powered autonomous response but the organization stays “in the loop” for special cases, with flexibility over when and where those special cases arise. They can intervene, as necessary, but will want to remain cautious in overriding or declining the AI’s recommended action without careful review.
In this case, the machine takes all actions, and the human operator can review the outcomes of those actions to understand the context around these actions. In the case of an emerging security incident, this arrangement allows AI to contain an attack, while indicating to a human operator that a device or account needs support, and this is where they are brought in to remediate the incident. Additional forensic work may be required, and if the compromise was in multiple places, the AI may escalate or broaden its response.
For many, this represents the optimal security arrangement. Given the complexity of data and scale of decisions that need to be made, it is simply not practical to have the human in the loop (HitL) for every event and every potential vulnerability.
With this arrangement, humans retain full control over when, where, and to what level the system acts, but when events do occur, these millions of microdecisions are left to the machine.
In this model, the machine makes every decision, and the process of improvement is also an automated closed loop. This results in a self-healing, self-improving feedback loop where each component of the AI feeds into and improves the next, elevating the optimal security state.
This represents the ultimate hands-off approach to security. It is unlikely human security operators will ever want autonomous systems to be a “black box” – operating entirely independently, without the ability for security teams to even have an overview of the actions it’s taking, or why. Even if a human is confident that they will never have to intervene with the system, they will still always want oversight. Consequently, as autonomous systems improve over time, an emphasis on transparency will be important. This has led to a recent drive in explainable artificial intelligence (XAI) that uses natural language processing to explain to a human operator, in basic everyday language, why the machine has taken the action it has.
These four models all have their own unique use cases, so no matter what a company’s security maturity is, the CISO and the security team can feel confident leveraging a system’s recommendations, knowing it makes these recommendations and decisions based on microanalysis that goes far beyond the scale any single individual or team can expect of a human in the hours they have available. In this way, organizations of any type and size, with any use case or business need, will be able to leverage AI decision-making in a way that suits them, while autonomously detecting and responding to cyberattacks and preventing the disruption they cause.

About the Author
As VP of Product at Darktrace, Dan Fein has helped customers quickly achieve a complete and granular understanding of Darktrace’s product suite. Dan has a particular focus on Darktrace email, ensuring that it is effectively deployed in complex digital environments, and works closely with the development, marketing, sales, and technical teams. Dan holds a bachelor’s degree in computer science from New York University.

Copyright © 2023 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG.

source