Blog

By Tunde Ogunkoya, Consulting Partner, Africa, at DeltaGRiC Consulting (Pty) ltd. Tunde will be hosting the session Open Source; Pathway to Being or Not Being the VulN Victim at (ISC)² SecureJohannesburg 2017 on 5th October, 2017. The use of Open Source Software (OSS) has come a long way from when developers and organisations tried to avoid it. Today Open Source has become a go-to saving grace within most DevOps teams under pressure to roll out new functionality and features ahead of competition. Unfortunately, levels of vulnerability have grown with the trend as DevOps remain largely unaware of the risks or rely on inadequate testing regimes.   Legacy Applications written in languages such as Fortran or Cobol are being phased out for

Pardon our absence on the blog this past week. Hurricane Irma had plans of her own, but we’re back in business and ready to break down the top security headlines for the week of September 11, 2017: The fear of foreign hacking is not just related to elections or national security. England is worried about World Cup information. The silver lining of Equifax is that cybersecurity stocks are up. So I guess that’s a win? Password123 is still not a good idea, but could relaxing password policy increase security? The Hill has questions about the Equifax hack. Still waiting on those answers… Has the answer been in front of us all the time? Could IT be the answer to filling

For years, many in the United States have viewed the traditional four year degree as the only path to a successful career. In late July, a new bill was introduced on the Hill that recognizes the need to change that mindset -- the New Collar Jobs Act. What exactly is a “new collar” job? According to IBM, the original advocate for building new collar career skills, new collar jobs are “roles in some of the technology industry’s fastest growing fields — from cybersecurity to digital design — that require technical training or some postsecondary education but not necessarily a four-year degree.” With the projected workforce shortage of 1.8 million by the year 2020, it is encouraging to see a growing

Name: Tom MusgraveTitle: Security EngineerEmployer: Warner Bros.Location: Burbank, California, U.S.A. Degree: BA HonsYears in IT: 17Years in cybersecurity: 16Cybersecurity certifications: CISSP, CCSP, GCIH, CCNA, CCNP Security   How did you decide upon a career in cybersecurity? After leaving university, and a false start selling parrots for Harrods in Knightsbridge, I needed a change in direction. I joined a web design company as a junior IT engineer and reveled in the role. I then joined the new Cisco TAC support center in Milton Keynes. I was fortuitously recruited to the security team and thoroughly enjoyed troubleshooting all manner of VPN, Firewall and general networking problems. I love solving problems and implementing the security layer over already difficult network layer was a great challenge. I had no qualms in making cybersecurity

Spying, stealing, defacing. It’s been a busy week. These are the top security headlines for the week of August 28, 2017: The U.S. Navy says there’s no evidence of a cyber attack in the crash of the USS John S. McCain – but hypothetically, this is how it would work. Reuters reports cyber spies are using malware to target India and Pakistan – including decoy clickbait with Reuters reports. Yes, you read that right. Hurricane Harvey is a once in a 1,000 years disaster, but be careful before you donate. Scammers are registering domains to collect “donations” for bogus organizations. Have you ever wondered what happened to that old malware? CSO has a “Where are they now?” Ransomware is so

(ISC)² webcasts are a great source for insight into all areas of security. From the Internet of Things to malware and compliance, the topics vary. Here are the top 10 (ISC)² webcasts for 2017 so far as ranked by cybersecurity professionals:   Part 1: Future of SIEM - Why Static Correlation Fails Insider Threat Detection Hackers stealing credentials and operating in your corporate network…disgruntled employees collecting customer lists and design materials for a competitor...malware sending identity information back to random domains…these common threats have been with us for years and are only getting worse. Most organizations have invested large amounts in security intelligence, yet these solutions have fallen short. Simply put, security intelligence and management, in the form of legacy