One-fourth of APAC healthcare organizations over the past year paid a ransom to recover encrypted files and systems, and a greater share incurred losses exceeding $1 million to cyberattacks. A survey by cybersecurity firm Claroty found that defenders are understaffed and using outdated technology.
In the drive to build a more diverse workforce, security organizations are progressing in many ways, such as ensuring that required skills in job descriptions are more inclusive, said Ed Parsons of (ISC)². But he added that job recruiters need to "meet underrepresented groups where they are."
Information security is no longer confined to the tech domain, and instead must align with business outcomes, adapted to suit an organizations' risk appetite, said Matt Gordon-Smith, former CISO at Gatwick Airport. Security teams often must balance competing needs and risks.
The Irish government has proposed a number of measures to strengthen the country's top cyber agency's abilities to tackle ransomware and other cyberthreats. The National Security Strategy lays out 18 new action plans intended to augment the National Cyber Security Center's capabilities.
Steve Kerrison, a senior lecturer in cybersecurity at Singapore's James Cook University, recently shared how universities in the Asia-Pacific region are meeting the rising demand for cybersecurity professionals. Meeting the demand starts with understanding the needs of the job market.
The threat landscape continues to deteriorate, and criminals are using new techniques and pulling off devastating attacks. Meanwhile, security leaders are struggling to fill a critical shortage of skilled talent. Rob Clyde shares how ISACA is helping defenders keep up and gain cyber maturity.
Government-imposed rules on incident reporting by organizations impacted by cyberattacks are not new – many sectors have been subjected to them for decades. What is new is that governments are introducing new, more stringent incident reporting rules that will affect a broader set of organizations.
Tell people not to click a link, pat each other on the back, and ride off into the sunset. If only security awareness training was that simple.
The discipline of security awareness training is chock-full of assumptions and misconceptions. As a side-effect, it is often felt that their programs are ineffective and...
The latest edition of the ISMG Security Report discusses how adversaries have a new favorite tactic to circumvent MFA, why vendor Akamai is an appealing target for private equity, and what the industry can do differently to attract more females to leadership roles.
A man in the cybersecurity field is seven times more likely than a woman to have applied for or been offered the job of CISO, according to a new report from Accenture on the need for more inclusion in the workplace. Experts discuss strategies to close the gap and make hiring more inclusive.
Anand Atre began his role as deputy CSO of Crux Informatics soon after the start of the COVID-19 pandemic, and he soon confronted the challenge of how to properly secure a hybrid workforce. He outlines his strategies for cybersecurity and employee education.
A new (ISC)² member pulse survey on remote work policies in 2022 found that cybersecurity professionals who get to choose where to work are the most satisfied, while those being forced back into the office are the least satisfied. The association advises firms to discuss options with employees.
Tasked with heading cybersecurity in the recently created U.K. Department for International Trade, Don Gibson discusses the opportunities and challenges of building a security program from scratch, including the initial pushback he received and his efforts to win "hearts and minds."
Beyond advising the seniormost levels of the business in the strategic use of technology, the need to recruit new cybersecurity professionals often also tops the list of tasks facing today's security leaders, says Rob Hornbuckle, CISO of Allegiant Air.
The gap between cybersecurity workforce demand and the number of skilled workers available to fill those jobs widened during the pandemic. So organizations need to take a multi-pronged approach to attract, reskill and retain employees, says Vishal Salvi, CISO and head of cyber practice at Infosys.