Inadequate cybersecurity staffing is the second-largest barrier faced by state governments in their attempts to overcome cybersecurity challenges, according to a newly released Deloitte study. Insufficient budget was the biggest barrier reported, and interestingly, the lack of availability of cybersecurity professionals was cited as the fifth largest barrier. Inadequate staffing has been a prevalent issue for years. (ISC)2’s 2019 Cybersecurity Workforce Study estimates the shortage of needed skilled professionals is more than 4 million worldwide. This creates challenges for CISOs as they focus on protecting their organizations. The Deloitte study, which is based on responses from 51 U.S. states and territories, says that even as the CISO position “has evolved into a mature and respected role,” CISOs still “struggle with

A Playing Field Without Any Boundaries Have you ever been assigned the task of asset security in an organization? At first glance, asset security seems pretty simple, almost boring. After all, what’s the big deal tracking some laptops and mobile phones. However, once you dive into the details of what an asset is, you may quickly find yourself with the feeling that the entire earth has become overtaken by quicksand. The asset security responsibilities of an information security professional can be so vast, as to leave one feeling that they have no firm footing. Assets are anything that imparts value to an organization. Such a broad definition would place assets everywhere, both inside and outside of any company, and depending

We’re sure you have heard this before: the rate of technological change is accelerating. It is unpredictable and unprecedented. As the World Economic Forum acknowledges, the fourth industrial revolution brings “developments in previously disjointed fields such as artificial intelligence and machine learning, robotics, nanotechnology, 3D printing and genetics and biotechnology [that] are all building on and amplifying one another.” This unprecedented disruption of society by technology introduces many changes in the workforce as well. In the words of the World Economic Forum “more than a third of the desired core skill sets of most occupations will be comprised of skills that are not yet considered crucial to the job today.” The key to surviving and exceling the digital future of

One weak link in a chain is all that’s needed to topple a cyberdefense. Sometimes this comes down to an errant line of code in a hastily developed API, inadequate penetration testing, or old, unpatched, exploitable code hidden deep within a legacy system. But more often than not, it’s because of the actions of an individual – a single person who clicks on a malware payload within a phishing email, or who allows someone to physically access a workplace unchallenged, or whose work-from-home office features a Wi-Fi router that was never properly secured. Effective cybersecurity demands a zero trust platform. Based on the whitepaper entitled Proactive Cybersecurity Beyond COVID-19: Understanding the Technical and Human Challenges in an Interconnected World, this

by Anastasios Arampatzis During the COVID-19 public health crisis, cyber criminals took advantage of people’s growing need for information about the pandemic to launch an increased number of attacks against healthcare providers. The exponential growth of these cyberattacks is posing a considerable threat to civil society, government institutions, and most particularly, the healthcare sector. Despite a wake-up call following the WannaCry crisis, healthcare cybersecurity still lags. As a result, in this time of emergency, cyberattacks may not only have an economic and reputational cost, they may also have an impact on human life. To help healthcare organizations focus on the delivery of mission critical services, cyber volunteer initiatives have emerged to provide free assistance to healthcare organizations. Although this support