With the current threats to cyber stability around the world, there’s never been a greater urgency for cybersecurity professionals than now. Organizations are investing more time, money and talent to detecting and mitigating cyberattacks. The result is a boom in demand for skilled cybersecurity professionals. What’s the best way to break into cybersecurity when you have no experience in the field? It depends on where you are in your career, what you want to do and where you see your future. If you thrive on solving problems, are driven to help people and are excited at the prospect of working in a constantly evolving field, you already have a lot in common with today’s cybersecurity workforce. You don’t need an
- Oct 13,
The cybersecurity community grew by 11% over the past year to 4.7 million professionals around the globe, but so did the skills gap. In fact, the gap widened at the faster pace of 25%, leading to 3.4 million vacancies, according to (ISC)² research. (ISC)² CEO Clar Rosso shared these statistics during her opening remarks at Security Congress, taking place this week in Las Vegas. She said no single solution exists to close the gap. As (ISC)² has argued in the past, closing the gap will take a multipronged approach that involves attracting people from outside the industry, working with academia, and looking within organizations to find people in other departments with skills adaptable to cybersecurity. But how do you bring
Oct 12,The approach to cybersecurity historically has revolved around self-interest. It’s time to change that to think about the collective, according to Ciaran Martin, founder of the U.K.’s National Cyber Security Centre. “We're all interested in cybersecurity because we're professionals, but we're all interested in it for ourselves, for our own financial and economic and other interests,” Ciaran said in a keynote he delivered to open the second day of (ISC)²’s Security Congress 2022. The event is taking place this week in Las Vegas. Understandably, everyone wants to protect their families and organizations, Ciaran said. But to get cybersecurity right, he argued, it has to be approached with a sense of community. “So as well as it being about protecting ourselves,
Oct 11,In a thought-provoking presentation during Security Congress, Walmart’s chief security architect challenged cybersecurity professionals to take a more scientific approach to their work. Ira Winkler urged organizations to implement comprehensive behavioral cybersecurity programs that use statistical analysis to understand human actions. With this approach, he argued, you can better address bad habits that contribute to security vulnerabilities. It also allows you to learn and address the needs and wellness of cybersecurity teams. Too often, he says users get wrongly blamed for security issues. “If you have a user that creates harm, the harm is a result of a poorly designed system,” he said. Organizations run awareness programs that seek to change behavior through entertainment by, for instance, showing users funny
Oct 11,When an organization suffers a ransomware attack, how well they can respond comes down to preparedness. An up-to-date, comprehensive incident response plan (IRP) can make a big difference, said Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea. Joseph spoke about ransomware response on Monday as part of the annual (ISC)² Security Congress, taking place through Wednesday in Las Vegas. To illustrate the importance of being prepared when responding to an attack, Joseph walked his audience through an experience he had with a client. The company’s security team was notified of an attack by the hackers through email and text. In response, the company activated its response plan and called Joseph to help them with recovery and investigation. The
Oct 10,