Cybercrime may have less of a gender issue than cybersecurity, LastPass gives attack update, CISA warns on Royal ransomware gang while WHSmith and DISH Network count the cost after both suffer cyber attacks. Study: Gender No Barrier To Participating In “Meritocratic” Cybercriminal Community If the cybersecurity industry is struggling to achieve gender parity, it could learn some lessons from its criminal flipside. A study from Trend Micro suggests that the cyber underground “provides an open environment for individuals of any gender to find employment or a side business”. Its analysis suggested gender was not a barrier to finding work as a cybercriminal, while a text analysis suggested at least 30 percent of underground forum participants may be women. The work
- Mar 07,
We are continuing the popular bi-monthly CPE credit quiz as we transition from InfoSecurity Professional to our new web-based content platform. The first (ISC)² News and Insights CPE Credit Quiz of 2023 is now live. Every two months, we publish a 10-question quiz with questions based on some of our editorial content from that period. Successfully passing the quiz results in two CPE credits being automatically added to your total. Readers of our former bi-monthly magazine InfoSecurity Professional will know that each issue included a quiz, allowing members to earn CPE credits by passing the quiz, verifying they had read that issue. As we have now transitioned from the bi-monthly magazine to an on-going web-based content platform to better support members
Mar 06,Major U.S. government and corporate breaches, the White House enforces TikTok ban and the NCSC issues zero trust guidance. Here are the latest threats and advisories for the week of March 3, 2023. Threat Advisories and Alerts NCSC Publishes Guidance on Zero Trust Security The U.K. National Cyber Security Centre has published guidance on how companies can leverage zero trust security. The article explains why some systems can’t integrate into a zero trust network. Organizations can get around this issue by building a mixed estate using a zero trust proxy or a managed virtual private network (VPN). ZK Java Web Framework Flaw Is Being Actively Exploited A high-severity flaw (CVE-2022-36537) affecting the ZK Framework has been added to the U.S.
Mar 03,By Joe Fay China is ‘most active, and most persistent threat’ as government pinpoints need for a bigger and more diverse cybersecurity workforce to meet the long-term challenge. The Biden administration has unveiled its long-awaited cybersecurity strategy, effectively putting the country on a permanent cyberwar footing, with the Federal government adopting zero trust while demanding tech providers take more responsibility for securing their products and tackling cyberthreats. “Voluntary” approaches to securing critical infrastructure will be stiffened with regulation, tailored to individual sectors. The Federal government will also root out insecure legacy systems from its own estate, while building up its own cyber defense and offense capabilities. The strategy noted a state of inequality in responsibility for tacking cybersecurity threats. For
Mar 03,By Dave Cartwright, CISSP The mysterious world of cybersecurity can sometimes be wildly misrepresented on-screen, causing challenges for professionals charged with educating colleagues and other users. Movie and TV screenwriters have been known to play fast and loose with the facts. Any car involved in an accident, no matter how minor, explodes in a hideous fireball. Everyone can find an on-street parking space right outside their house. Whenever text appears on a computer screen there’s a clicky-beepy sound for each letter that appears. No wonder, then, that the role and actions of cybersecurity can sometimes be even more wildly misrepresented and exaggerated on-screen. Today we are taking a look at our favorite five examples of where cybersecurity was misrepresented in
Mar 03,