To keep pace with rapid industry changes, including the major vulnerabilities that crop up with alarming regularity, cybersecurity education needs to get more agile, say Hack The Box's Trevor Nelson and Emma Brothers. They discuss how cybersecurity education delivery must continue to evolve.
Many people enter the cybersecurity field with foundational skills, such as knowledge gleaned from college courses, and giving them "practical skills, to be ready go out on the job floor and be ready to do something - that takes a little bit of something extra," says ITProTV co-founder Don Pezet.
In an organization, people are the ones who develop and sustain organizational strategy. Talented people are discovering that it's possible to leave a toxic environment so they can breathe and thrive. Marco Túlio Moraes explores how to retain both talent and strategy.
Michael Lines is working with ISMG to promote awareness of the need for cyber risk management, and the CyberEdBoard is posting draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself." This chapter - the last in the series - is titled "Building an Effective Defense."
If you were a nation with legions of hackers at your disposal, seeking to sidestep crippling international sanctions, would you look to ransomware to fund your regime? That question is posed by new research that finds state-sponsored North Korean hackers haven't stopped their ransomware experiments.
As the Russia-Ukraine war continues, cybersecurity officials say the risk of attack spillover - and perhaps the direct targeting of critical infrastructure sectors outside Ukraine - remains high. The memo for CISOs is clear: Remain prepared.
Does it ever feel like you can't fight that REvil/Sodinokibi ransomware feeling anymore? Victims might be all out of love with attacks launched under the banner of the group, which is tied to more than $200 million in losses, but despite repeated disruptions, REvil keeps returning - at least in name.
Two signs that the tide may finally, if slowly, be turning on ransomware: The number of victims who choose to pay continues to decline, while the amount they pay - when they choose to do so - recently dropped by one-third, reports ransomware incident response firm Coveware.
Don't stockpile cryptocurrency in case your organization falls victim to ransomware-wielding attackers and opts to pay a ransom. This might seem obvious to anyone aware of the volatility in Bitcoin's value, but some organizations reportedly used to employ this incident response strategy.
Security orchestration, or SOAR - Security Orchestration, Automation and Response, as it is known to some - is still an area in development, so there are misconceptions about its scope of use and effectiveness for a SOC team. Claudio Benavente discusses the top five security orchestration myths.
David Pollino, former CISO of PNC Bank, joins two editors at ISMG to discuss what organizations can do to harden their cybersecurity defenses, how we need to think about our adversaries differently in today's threat landscape and how the "Great Resignation" is affecting cybersecurity.