Careers & People

News & Commentary
Bridging the Cybersecurity Talent Gap
Shelley Westman, Principal, Cybersecurity, at EYCommentary
There's no one surefire way of fixing the problem, which endangers everyone's security. There are, however, several options we should try.
By Shelley Westman Principal, Cybersecurity, at EY, 5/25/2018
Comment0 comments  |  Read  |  Post a Comment
Growing Job Pressures Increase Risk of Burnout for Cybersecurity Professionals
Jai Vijayan, Freelance writerNews
A new Trustwave survey shows information security executives and practitioners are under increasing pressure from trying to keep up with threats and compliance mandates.
By Jai Vijayan Freelance writer, 5/23/2018
Comment1 Comment  |  Read  |  Post a Comment
The State of Information Sharing 20 Years after the First White House Mandate
Paul Kurtz, CEO & Cofounder, TruSTAR TechnologyCommentary
Finally! Actionable guidance for ISACs and enterprises on what threat intel to share, how to share it, and which key technologies will automate redaction and protect privacy.
By Paul Kurtz CEO & Cofounder, TruSTAR Technology, 5/22/2018
Comment0 comments  |  Read  |  Post a Comment
Dark Reading Conference Call for Speakers Closes Friday
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Don't be shy, security practitioners. Share your best practices at our 2nd annual INsecurity Conference, to be held Oct. 23-25 in Chicago.
By Sara Peters Senior Editor at Dark Reading, 5/21/2018
Comment0 comments  |  Read  |  Post a Comment
What Israel's Elite Defense Force Unit 8200 Can Teach Security about Diversity
Lital Asher-Dotan, Senior Director, Security Research and Content, CybereasonCommentary
Unit 8200 doesn't follow a conventional recruiting model. Technical knowledge isn't a requirement. The unit values traits that emphasize problem-solving and interpersonal skills, and it uses hiring processes that build female leaders.
By Lital Asher-Dotan Senior Director, Security Research and Content, Cybereason, 5/21/2018
Comment1 Comment  |  Read  |  Post a Comment
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrustCommentary
It's time to "do the right thing" when it comes to gender in the hiring and promotion of women in cybersecurity. Four women (and a man named John) offer practical solutions for shifting the balance.
By John De Santis CEO, HyTrust, 5/16/2018
Comment7 comments  |  Read  |  Post a Comment
Taming the Chaos of Application Security: 'We Built an App for That'
Caleb Sima, Founder, Badkode VenturesCommentary
Want to improve the state of secure software coding? Hide the complexity from developers.
By Caleb Sima Founder, Badkode Ventures, 5/15/2018
Comment0 comments  |  Read  |  Post a Comment
The New Security Playbook: Get the Whole Team Involved
John Commentary
Smart cybersecurity teams are harnessing the power of human intelligence so employees take the right actions.
By John "Lex" Robinson Cybersecurity Strategist at Cofense, 5/11/2018
Comment0 comments  |  Read  |  Post a Comment
20 Signs You Are Heading for a Retention Problem
Joshua Goldfarb, Co-founder & Chief Product Officer, IDDRACommentary
If you don't invest in your best security talent, they will look to burnish their resumes elsewhere. Here's why.
By Joshua Goldfarb Co-founder & Chief Product Officer, IDDRA, 5/9/2018
Comment3 comments  |  Read  |  Post a Comment
Millennials, Women May Bridge Cyber Talent Gap
Dark Reading Staff, Quick Hits
Younger generations, particularly women, could be the answer to a cybersecurity skill shortage expected to reach 1.8 million unfilled roles by 2020.
By Dark Reading Staff , 5/9/2018
Comment1 Comment  |  Read  |  Post a Comment
We're Doing Security Wrong!
Gary Freas, Cybersecurity and Risk Management SMECommentary
When you simply heap technology onto a system, you limit your hiring pool and spread your employees too thin. Focus on your people instead.
By Gary Freas Cybersecurity and Risk Management SME, 5/4/2018
Comment0 comments  |  Read  |  Post a Comment
Automation Exacerbates Cybersecurity Skills Gap
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Three out of four security pros say the more automated AI products they bring in, the harder it is to find trained staff to run the tools.
By Ericka Chickowski Contributing Writer, Dark Reading, 5/2/2018
Comment1 Comment  |  Read  |  Post a Comment
'Zero Login:' The Rise of Invisible Identity
Sarah Squire, Senior Technical Architect at Ping IdentityCommentary
Will new authentication technologies that recognize users on the basis of their behaviors finally mean the death of the despised password?
By Sarah Squire Senior Technical Architect at Ping Identity, 4/27/2018
Comment1 Comment  |  Read  |  Post a Comment
Diversity: It's About Inclusion
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Unrealistic entry-level job requirements, black-hoodie hacker image problems are among the 'uncomfortable conversations' needed to remedy cybersecurity's diversity gap.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 4/25/2018
Comment5 comments  |  Read  |  Post a Comment
Latest News from RSAC 2018
Dark Reading Staff, News
Check out Dark Reading's updated, exclusive coverage of the news and security themes that dominated RSA Conference 2018 in San Francisco.
By Dark Reading Staff , 4/25/2018
Comment0 comments  |  Read  |  Post a Comment
Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Booz Allen survey shows most organizations' answer to the security skills shortage may be unsustainable.
By Sara Peters Senior Editor at Dark Reading, 4/19/2018
Comment2 comments  |  Read  |  Post a Comment
2018 RSA Conference: Execs Push Cooperation, Culture & Civilian Safety
Sara Peters, Senior Editor at Dark ReadingNews
On the keynote stage, execs from Microsoft and McAfee introduced a new Cybersecurity Tech Accord.
By Sara Peters Senior Editor at Dark Reading, 4/17/2018
Comment0 comments  |  Read  |  Post a Comment
Majority of Men Think Women Have Equal Opportunity to Advance in Cybersecurity Career
Jai Vijayan, Freelance writerNews
Not so fast, say women.
By Jai Vijayan Freelance writer, 4/17/2018
Comment0 comments  |  Read  |  Post a Comment
Stripping the Attacker Naked
Martin Dion, VP EMEA Services, Kudelski SecurityCommentary
How cyber threat intelligence can help you gain a better understanding of the enemy and why that gives security teams the upper hand.
By Martin Dion VP EMEA Services, Kudelski Security, 4/6/2018
Comment5 comments  |  Read  |  Post a Comment
How Security Can Bridge the Chasm with Development
Caleb Sima, Founder, Badkode VenturesCommentary
Enhancing the relationships between security and engineering is crucial for improving software security. These six steps will bring your teams together.
By Caleb Sima Founder, Badkode Ventures, 4/5/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
More Than Half of Users Reuse Passwords
Curtis Franklin Jr., Senior Editor at Dark Reading,  5/24/2018
Is Threat Intelligence Garbage?
Chris McDaniels, Chief Information Security Officer of Mosaic451,  5/23/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11471
PUBLISHED: 2018-05-25
Cockpit 0.5.5 has XSS via a collection, form, or region.
CVE-2018-11472
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has Reflected XSS during Login (i.e., the login parameter to admin/index.php).
CVE-2018-11473
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login parameter to users/registration).
CVE-2018-11474
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. A password change at admin/index.php?id=users&action=edit&user_id=1 does not invalidate a session that is open in a different browser.
CVE-2018-11475
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. A password change at users/1/edit does not invalidate a session that is open in a different browser.