Tag Archive for: Professionals

High-profile ransomware attacks highlight growing need for cybersecurity professionals

/in




Post Views:
146

The U.S. Bureau of Labor Statistics projects a 31% growth rate for information security analysts from 2019-29, far exceeding the national average for all occupations.
The U.S. Bureau of Labor Statistics projects a 31% growth rate for information security analysts from 2019-29, far exceeding the national average for all occupations.

By TYLER ELLYSON
UNK Communications

KEARNEY – The ransomware attacks against Colonial Pipeline Co. and JBS are the latest on a long list of high-profile cybercrimes targeting businesses in the U.S.

This time, the mysterious criminals managed to temporarily shut down the nation’s largest fuel pipeline and threaten the country’s meat supply, forcing the companies to pay a combined $15.4 million before they could resume normal operations.

These attacks, where criminals take an organization’s data or computer system hostage, are a growing national security concern. As technology advances, so too does the risk to individuals, businesses, school systems, hospitals, infrastructure and governments.

Jacques Bou Abdo
Jacques Bou Abdo

Jacques Bou Abdo, an assistant professor in the University of Nebraska at Kearney’s Department of Cyber Systems, called the most recent incidents “the tip of the iceberg,” noting that most cyberattacks aren’t reported publicly.

“We are now waking up to how real this threat is,” he said.

To stay ahead of hackers and organized crime groups, businesses, organizations and government agencies of all sizes are looking to beef up their digital security and recruit highly trained professionals who can help protect their assets.

That’s led to a huge demand for cybersecurity talent.

“The demand is very, very high, and it’s going to continue to grow in a very exponential way because of what we’re seeing,” said UNK professor Liaquat Hossain, who chairs the department of cyber systems.

Liaquat Hossain
Liaquat Hossain

Currently, there’s a severe shortage of cybersecurity professionals both nationally and globally. A 2020 survey by (ISC)², a nonprofit organization that specializes in cybersecurity training and certification, puts the number of unfilled positions at 359,000 in the U.S. and 3.1 million worldwide.

The U.S. Bureau of Labor Statistics projects a 31% growth rate for information security analysts from 2019-29, far exceeding the national average for all…

Source…

North Korea continues targeting security researchers. Holiday Bear gained access to DHS emails. Charming Kitten is phishing for medical professionals.

/in


By the CyberWire staff

North Korea continues targeting security researchers.

Google’s Threat Analysis Group (TAG) has published an update on a North Korean cyberespionage campaign targeting security researchers. TAG warned in January that a threat actor was messaging researchers on various social media platforms asking to collaborate on vulnerability research. They also set up a watering hole site that posed as a phony research blog, using an Internet Explorer zero-day.

Now, Google says the actor is using a new website and social media profiles posing as a fake company called “SecuriElite.” TAG writes, “The attacker’s latest batch of social media profiles continue the trend of posing as fellow security researchers interested in exploitation and offensive security. On LinkedIn, we identified two accounts impersonating recruiters for antivirus and security companies. We have reported all identified social media profiles to the platforms to allow them to take appropriate action.” Google also believes the attackers are using more zero-days.

Holiday Bear gained access to DHS emails.

The Associated Press reports that the suspected Russian hackers behind the SolarWinds attack gained access to the emails of former acting Department of Homeland Security Secretary Chad Wolf and other DHS officials. So far it doesn’t appear that classified communications were compromised, but POLITICO says the number of emails stolen was in the thousands. A State Department spokesperson told POLITICO, “the Department takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected. For security reasons, we are not in a position to discuss the nature or scope of any alleged cybersecurity incidents at this time.”

5 Top ICS Cybersecurity Recommendations in the Year in Review

Find out about the major ICS cyber threats, vulnerabilities and lessons learned from our field work in the just released Year in Review report. You’ll discover 5 recommendations to secure your industrial environment and the 4 new threat activity groups we’re tracking.  Read the executive summary. 

Charming Kitten is phishing for medical professionals.

Proofpoint reports that…

Source…

Hub, a productivity platform for technical sales professionals, launches with $1M in funding – TechCrunch

/in


Hub, a productivity platform for technical pre-sales, has formally launched with $1 million in seed funding.

CEO Freddy Mangum and CTO Karl Gainey founded Hub in 2020. The pair both had experience in technical sales and recognized the challenges of using spreadsheets to manage their business.

They researched and surveyed sales engineers at big and small companies alike, discovering that many of these professionals were spending a lot of time doing things like “wrangling data to report to management, forcing individual contributors to enter data into a CRM (customer relationship management) system.

“Performing these kinds of mundane tasks was taking time away from them actually selling,” said Mangum. “We also came to the conclusion that technical sales professionals have been the unsung heroes of sales, behind the scenes driving enterprise.”

So they set about creating a better way for presales, solution architects and sales engineers to manage their day-to-day technical sales activities.

Then COVID hit, and obviously, as Mangum puts it, digital selling became much more real.

“That really accentuated the need for specific commercial tooling,” he said.

San Francisco-based Hub was born. The company describes its offering as a SaaS application that “securely interconnects and complements popular CRM systems and productivity applications.”

As a personalized productivity platform, Hub is designed to help individual contributors manage the sales process. By gaining greater visibility into every step, the goal is to better analyze and do more accurate forecasting so an organization can better “identify investment areas while taking corrective actions in real time,” Mangum said.

“Our tool can help them automate the mundane tasks and put the focus on high-value tasks to actually win more business,” he added.

Image Credits: Courtesy of Hub

Targeting technical sales professionals is an underserved market, according to Mangum, which presents tremendous opportunity.

Investors in the company include Tom Noonan, general partner of Atlanta-based TechOperators (and former chairman and CEO of Internet Security Systems, which was acquired in 2007 by IBM for $1.3…

Source…

80% of cyber professionals say the Computer Misuse Act is working against them

/in


Four in five UK cyber security professionals are worried about breaking the law due to confusion caused by the ageing Computer Misuse Act (CMA).

The 30-year-old legislation is restricting pen-testers and white hat hackers with strict and often out-dated definitions, according to a survey commissioned by teckUK and the CyberUp Campaign.

The survey, which was circulated between 46 respondents representing 11 organisations and some 25,120 employees, found that the legislation was stifling security teams in the UK, with 80% of respondents saying they have been worried about breaking the law when researching vulnerabilities or investigating cyber threat actors.

Around 40% of those surveyed said the CMA has acted as a barrier to them or their colleagues and had even prevented employees from proactively safeguarding against security breaches. Furthermore, 91% of businesses believed that the law puts UK consultancies at a competitive disadvantage with other countries.

Some of the answers also suggested confusion about what counts as a criminal offence under the CMA. In fact, in only three cyber incident examples – ‘web scraping’ (74%), ‘open source internet scanning’ (68%), and ‘default credentials in login panels exposed to the internet’ (74%) – did respondents reach a reasonable level of consensus.

The Computer Misuse Act was enshrined in 1990, long before the internet became the essential tool for businesses it is today. Although it has been updated a number of times, both techUK and the CyberUp Campaign are calling for the government to open a consultation within the industry to put the law through “rapid modernisation”.

“I know from my time in this industry that there are now real concerns among the cyber security community that this law is impeding professionals ability to protect the nation from the ever-evolving range of cyber threats we face, and preventing the sector from establishing its leadership position on the international stage,” Conservative MP Ruth Edwards wrote in the report.

“If ever there was going to be a time to prioritise the rapid modernisation of our cyber legislation, it is now, when our reliance on safe, reliable and resilient digital technologies has…

Source…