Tag: answers | Page 3

Top 10 Cybersecurity Interview Questions and Answers

January 8, 2021/in Mobile Security

Interviewing for a job in information security can be daunting. There are so many topics candidates are expected to know: DNS monitoring, distributed denial-of-service attacks and data leakage are some of the basics. Job applicants should also be familiar with terms such as encryption, decryption, firewalls and penetration testers — the security pros who work on red teams.

But, according to experts we interviewed, memorizing hundreds of terms is not the ticket to a successful interview for a cybersecurity job. The best candidates have a sense of what they want to accomplish in the security field and can demonstrate a sincere interest in and concern for how cybersecurity has become a front-burner issue for businesses.

Simone Petrella, founder and CEO at CyberVista, said she can tell in a matter of minutes if there’s a serious candidate in front of her. “If they say they are interested in security because it’s the hot field and they want to make money, I know they are not serious,” Petrella said. “Candidates need to show they’ve done some research and have some sense of what aspect of security interests them.”

David Wolpoff, CTO at Randori, pointed to similar telltale attributes of a successful security job candidate.

“A mantra I’ve picked up from previous teams is passion, capacity and smarts,” Wolpoff said. “You’re not going to stay current and grow if your only learning time is 9 to 5 — the security space is too big.” That’s especially true for aspiring red team applicants. “To become a really awesome hacker, you have to be willing to dig in and learn everything.”

In short, come to the interview ready to talk about yourself and why security matters. Newbies are expected to have a general sense of the field. Know terms like cryptography and show you understand the difference between a vulnerability and an exploit. On the other hand, midcareer professionals and people going for more advanced positions, such as CISO or chief security strategist, must demonstrate knowledge gained through certifications such as CISSP, Certified Information Security Manager and Offensive Security Certified Professional (OSCP) — or show that they are working on those certifications.

So-called soft skills,…

Source…

What to look out for in cybercrime in 2021? New report has some answers

December 6, 2020/in Internet Security

After such a tumultuous year, internet security company ESET shared a report on what we should look out for in the 2021 digital world.

ESET’s new report, “Trends in Information Security 2021: Confidence in a Time of Uncertainty” reveals four main challenges expected to affect consumers and businesses in 2021.

Trend 1: Accepting a new reality at work

Coronavirus has led to remote work, which relies on technology more than ever before. Working from home has partly benefited employees, however, it has also left corporate networks and organizations more vulnerable to attack.

ESET’s Security Specialist, Jake Moore, commented that “we have all learned that teleworking can benefit organizations; however, I do not think we will continue to work remotely five days a week in the future. As more and more of our work and home life goes digital, cybersecurity will remain the key to safe business and continuous work.

Trend 2: Ransom with a twist – pay or data will be leaked

Hackers behind ransomware attacks want to find more ways to force victims to pay through intimidation, so the threat for those attacked increases significantly. Extortion and threats may not be new techniques, but they are certainly growing trends.

ESET reported that “companies are becoming smarter, implementing additional technologies that thwart attacks and create flexible backup and recovery processes, so bad actors need another plan of action to be able to succeed.

Additionally, ESET anticipates that “thwarted attacks and backup and recovery processes may no longer be sufficient to repel a cyber criminal who demands ransom payment. A new threat technique offers cybercriminals a greater chance of return on investment. This is a trend that we will unfortunately see in 2021. “

Trend 3: Cyber threats are changing

In recent years, hackers have resorted to using more complex techniques to launch more targeted attacks. The information security community has started talking about “file-free malware,” which uses the tools and processes of the operating system and leverages them for malicious purposes. These techniques have gained more power recently, after being used in various cyber espionage campaigns by…

Source…