Fourth annual global study from ESG and ISSA finds 45 percent state cybersecurity skills shortage has only gotten worse over the past few years. Why has nothing changed?
July 30, 2020
The cybersecurity skills crisis continues to worsen for the fourth year in a row and has impacted nearly three quarters (70 percent) of organizations, as revealed in the fourth annual global study of cybersecurity professionals by the Information Systems Security Association (ISSA) and independent industry analyst firm Enterprise Strategy Group (ESG).
The Cybersecurity and Infrastructure Security Agency (CISA) announced the opening of individual and team registration for the second annual President’s Cup Cybersecurity Competition, which is open to any Federal Executive branch employee, including the Department of Defense and uniformed service members, with a knack for cybersecurity.
A survey by HSB, part of Munich Re, shows a continuing increase in identity theft, cyberattacks and online fraud as criminals steal personal information and millions of dollars.
Multiple maritime and port security agencies announced a collaborative initiative, the “Maritime Security Resilience Alliance” that has unified advancing global Maritime security resilience (physical, cyber, cognitive – disinformation and misinformation) by accelerating information sharing, coordinated response and adoption of best practices supported by education.
The National Cyber Security Centre (NCSC) and KPMG UK have jointly published the first annual Decrypting Diversity: Diversity and Inclusion in Cyber Security report, which aims to set a benchmark for improving the experiences and opportunities for existing and future staff working in the industry.
As the head of information security for a technology company with more than a thousand (now mostly-remote) employees, the COVID-19 pandemic has been — among other adjectives — an educational experience. And while it hasn’t been completely smooth sailing, I believe one of the reasons we were able to transition so quickly to remote work with relatively few hiccups is that we established practices to withstand precisely this type of scenario long before the virus swept through our community.
The results of a global study examining the financial impact of data breaches reveals that the incidents cost companies $3.86 million per breach on average, and that compromised employee accounts were the most expensive root cause.
Get to know James Carder, CSO at LogRhythm, who has more than 19 years of experience working in corporate IT security and consulting for the Fortune 500 and U.S. Government. At LogRhythm, he develops and maintains the company’s security governance model and risk strategies; protects the confidentiality, integrity and availability of information assets; and oversees both threat and vulnerability management as well as the security operations center (SOC). Carder previously led criminal and national security related investigations at the city, state and federal levels, including those involving the theft of credit card information and Advanced Persistent Threats (APT).
As the financial services industry moves toward an ever-greater dependence on technology, we must always keep an eye on the future to ensure that any new technological advancement or implementation delivers the same, if not better, benefits and risk management capabilities. One emerging area that has garnered a lot of attention in recent years is Distributed Ledger Technology (DLT). While DLT holds great promise, there is currently no clear path around how to implement the technology in a way that addresses documented and evolving security risks.