Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Careers & People
Page 1 / 2   >   >>
Could Automation Kill the Security Analyst?
Commentary  |  6/4/2020  | 
Five skills to ensure job security in the Age of Automation.
10 Tips for Maintaining Information Security During Layoffs
Slideshows  |  6/2/2020  | 
Insider cyberthreats are always an issue during layoffs -- but with record numbers of home-office workers heading for the unemployment line, it has never been harder to maintain cybersecurity during offboarding.
Companies Fall Short on Mandatory Reporting of Cybercrimes
News  |  6/2/2020  | 
Understaffed and under fire, companies fail to report cybercrimes even when they are legally obligated to notify authorities, results of a new survey show.
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Commentary  |  6/1/2020  | 
Without the right tools and with not enough cybersecurity pros to fill the void, the talent gap will continue to widen.
Cloud Security Architect Proves Hardest Infosec Role to Fill
Quick Hits  |  5/27/2020  | 
Nearly 70% of businesses struggle to recruit, hire, and retain cybersecurity talent, and many link security incidents to lack of skills.
Q&A: Eugene Kaspersky on Tourism, the Pandemic, and Cybersecurity
News  |  5/26/2020  | 
The CEO and co-founder of eponymously named security vendor has launched a new travel accelerator program amid the COVID-19 crisis.
Security & Trust Ratings Proliferate: Is That a Good Thing?
News  |  5/22/2020  | 
Phishing ratings, security ratings, human-ness ratings -- we are looking at a future filled with grades of security and trustworthiness. But there is a downside.
The Need for Compliance in a Post-COVID-19 World
Commentary  |  5/21/2020  | 
With the current upheaval, business leaders may lose focus and push off implementing security measures, managing risk, and keeping up with compliance requirements. That's a big mistake.
Digital Transformation Risks in Front-end Code
Commentary  |  5/20/2020  | 
Why making every front-end developer a DevSecOps expert will lead to a more holistic approach to web and native application security.
Is Zero Trust the Best Answer to the COVID-19 Lockdown?
Commentary  |  5/20/2020  | 
Enterprises need to recognize that remote access and other pandemic-related security challenges cannot be fixed with buzzwords or silver-bullet security tools.
Long-Term Remote Work: Keeping Workers Productive & Secure
Commentary  |  5/19/2020  | 
The pandemic has changed how we get work done. Now, data security must catch up.
7 Security Pros: What My Nontraditional Background Brings to the Job
Slideshows  |  5/19/2020  | 
Job experience and degrees outside of the cybersecurity or IT world can provide invaluable diversity of thinking and problem-solving.
Cybersecurity Extends Far Beyond Security Teams & Everyone Plays a Part
Commentary  |  5/19/2020  | 
Security isn't about tools or technology; it's about establishing a broad, fundamental awareness and sense of responsibility among all employees.
Compliance as a Way to Reduce the Risk of Insider Threats
Commentary  |  5/14/2020  | 
Several key resources and controls can help reduce overall risk by providing guidance on proper control implementation, preventative measures to deploy, and an emphasis on organizationwide training.
Ensuring Business Continuity in Times of Crisis
Commentary  |  5/14/2020  | 
Three basic but comprehensive steps can help you and your organization get through adversity
The Problem with Automating Data Privacy Technology
Commentary  |  5/13/2020  | 
Managing complex and nuanced consumer rights requests presents a unique challenge for enterprises in today's regulated world of GDPR and CCPA. Here's why.
How Unconventional Professional Backgrounds Can Strengthen a Cybersecurity Team
News  |  5/13/2020  | 
Getting over the cybersecurity skills gap takes creativity, flexibility, and a willingness to go "off-script" when it comes to picking out candidates.
The Modern SOC Demands New Skills
Commentary  |  5/12/2020  | 
Automation and other technologies are improving the organizational structure of the security operations center. This is ultimately for the better, but it means that roles will change too.
Companies Struggle for Effective Cybersecurity
News  |  5/8/2020  | 
The money companies are spending on cybersecurity tools doesn't necessarily result in better security, a new survey shows.
Stay-at-Home Students Offered Lessons to Boost Cybersecurity
News  |  5/4/2020  | 
Stuck at home with a primary- or secondary-school student? Organizations from professional training groups to national governments are teaming up to offer virtual cybersecurity training for teens -- in some cases, for free.
The Cybersecurity Hiring Conundrum: Youth vs. Experience
Commentary  |  5/4/2020  | 
How working together across the spectrum of young to old makes our organizations more secure.
Things Keeping CISOs Up at Night During the COVID-19 Pandemic
Commentary  |  4/30/2020  | 
Insights from discussions with more than 20 CISOs, CEOs, CTOs, and security leaders.
5 Big Lessons from the Work-from-Home SOC
Commentary  |  4/28/2020  | 
Accustomed to working in the same room, security teams now must find ways to operate effectively in the new remote reality.
COVID-19 Quarantine: A Unique Learning Opportunity for Defenders
Commentary  |  4/27/2020  | 
Use these spare moments at home to master new skills that will help protect your organization and enhance your career.
Find Your Framework: Thinking Fast and Slow
Commentary  |  4/24/2020  | 
Economist Daniel Kahneman's classic book has lessons for those in security, especially now.
How the Dark Web Fuels Insider Threats
Commentary  |  4/23/2020  | 
New decentralized, criminal marketplaces and "as-a-service" offerings make it easy for employees to monetize their knowledge and access to enterprise networks and systems.
Demand for Cybersecurity Jobs Declines But Still Outperforms Other Sectors
News  |  4/23/2020  | 
While companies are cutting back on plans to hire, cybersecurity and the technology industry as a whole are doing better than the general economy.
Making the Case for Process Documentation in Cyber Threat Intel
Commentary  |  4/22/2020  | 
Standard language and processes, not to mention more efficient dissemination of findings and alerts all make documenting your security processes a must
Is COVID-19 Intensifying the Need for Security Staffing?
Commentary  |  4/21/2020  | 
Overall, security practitioners should find themselves in a better working situation than many other professionals. However, we are not immune.
Remote Access Makes a Comeback: 4 Security Challenges in the Wake of COVID-19
Commentary  |  4/20/2020  | 
As companies continue to support increasing numbers of work-from-home employees, the pressure to secure access and reduce risk has never been greater.
'Look for the Helpers' to Securely Enable the Remote Workforce
Commentary  |  4/17/2020  | 
CISOs and CIOs, you are our helpers. As you take action to reassure your company, your confidence is our confidence.
5 Things Ransomware Taught Me About Responding in a Crisis
Commentary  |  4/16/2020  | 
What happened in Atlanta is worth studying because it was one of the earliest cases of a major city ransomware attacks and because it came out the other side stronger and more resilient.
How Company Cultures Dictated Work-from-Home Readiness
Commentary  |  4/14/2020  | 
Companies large and small are discovering just how prepared they were for all employees to work remotely
10 Ways to Spot a Security Fraud
Commentary  |  4/10/2020  | 
There is no shortage of people presenting themselves as security experts. Some of them truly are. The others...
No STEM, No Problem: How to Close the Security Workforce Gap
Commentary  |  4/9/2020  | 
Those who work well with others, learn quickly, and possess a proactive mindset toward the work can make great employees, even if their backgrounds aren't rooted in cybersecurity.
Mature DevOps Teams Are Secure DevOps Teams
Quick Hits  |  4/7/2020  | 
New research shows the relationship between mature DevOps processes, secure applications, and happy developers.
9 Security Podcasts Worth Tuning In To
Slideshows  |  4/7/2020  | 
Recommendations for podcasts discussing news, trends, guidance, and stories across the cybersecurity industry.
A Day in The Life of a Pen Tester
News  |  4/2/2020  | 
Two penetration testers share their day-to-day responsibilities, challenges they encounter, and the skills they value most on the job.
Prioritizing High-Risk Assets: A 4-Step Approach to Mitigating Insider Threats
Commentary  |  4/2/2020  | 
Sound insider threat detection programs combine contextual data and a thorough knowledge of employee roles and behaviors to pinpoint the biggest risks.
Why All Employees Are Responsible for Company Cybersecurity
Commentary  |  4/1/2020  | 
It's not just the IT and security team's responsibility to keep data safe -- every member of the team needs to be involved.
Securing Your Remote Workforce: A Coronavirus Guide for Businesses
Commentary  |  3/30/2020  | 
Often the hardest part in creating an effective awareness program is deciding what NOT to teach.
COVID-19: Getting Ready for the Next Business Continuity Challenge
Commentary  |  3/25/2020  | 
What comes after you've empowered your remote workforce in the wake of the coronavirus pandemic? Dealing with a large portion of that workforce getting sick at the same time.
From Zero to Hero: CISO Edition
Commentary  |  3/23/2020  | 
It's time for organizations to realize that an empowered CISO can effectively manage enterprise risk and even grow the business along the way.
Achieving DevSecOps Requires Cutting Through the Jargon
Commentary  |  3/19/2020  | 
Establishing a culture where security can work easily with developers starts with making sure they can at least speak the same language.
What the Battle of Britain Can Teach Us About Cybersecurity's Human Element
Commentary  |  3/18/2020  | 
During WWII, the British leveraged both technology and human intelligence to help win the war. Security leaders must learn the lessons of history and consider how the human element can make their machine-based systems more effective.
4 Ways Thinking 'Childishly' Can Empower Security Professionals
Commentary  |  3/16/2020  | 
Younger minds -- more agile and less worried by failure -- provide a useful model for cyber defenders to think more creatively.
What Cybersecurity Pros Really Think About Artificial Intelligence
Slideshows  |  3/13/2020  | 
While there's a ton of unbounded optimism from vendor marketing and consultant types, practitioners are still reserving a lot of judgment.
Working from Home? These Tips Can Help You Adapt
Commentary  |  3/12/2020  | 
COVID-19 means many people are doing their jobs from outside the confines of the office. That may not be as easy as it sounds.
Back to the Future: A Threat Intelligence Journey
Commentary  |  3/12/2020  | 
Threat intelligence needs the problem solvers, the curious ones, the mission seekers, the analytical minds, the defenders, and the fierce -- whatever their gender.
Gender Equality in Cybersecurity Could Drive Economic Boost
Quick Hits  |  3/11/2020  | 
If the number of women in cybersecurity equaled the number of men, the US would see an economic gain up to $30.4 billion, research shows.
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/5/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic
Kelly Jackson Higgins, Executive Editor at Dark Reading,  6/2/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13864
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links.
CVE-2020-13865
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes.
CVE-2020-11696
PUBLISHED: 2020-06-05
In Combodo iTop a menu shortcut name can be exploited with a stored XSS payload. This is fixed in all iTop packages (community, essential, professional) in version 2.7.0 and iTop essential and iTop professional in version 2.6.4.
CVE-2020-11697
PUBLISHED: 2020-06-05
In Combodo iTop, dashboard ids can be exploited with a reflective XSS payload. This is fixed in all iTop packages (community, essential, professional) for version 2.7.0 and in iTop essential and iTop professional packages for version 2.6.4.
CVE-2020-13646
PUBLISHED: 2020-06-05
In the cheetah free wifi 5.1 driver file liebaonat.sys, local users are allowed to cause a denial of service (BSOD) or other unknown impact due to failure to verify the value of a specific IOCTL.