Israel is known for its cyber resilience, but small and medium businesses in the country need to reduce external communication during wartime to reduce their attack surface, said May Brooks-Kempler, director of Cyber Range Solutions and founder and former president of ISC2 Israel Chapter.
Tech firms are making huge investments in generative AI tools, but nearly half of cybersecurity professionals say they have little or no or knowledge of AI, according to ISC2's Cyber Workforce Study 2023, which surveyed 14,865 international security practitioners and decision-makers.
When asked what has changed most since Oct. 7, Chen Shmilo, CEO of Israel's 8200 Alumni Association, said "trust." Trust in leadership has changed, but trust in society and its power to be resilient has been renewed, he said. "In these darkest times, some things might even change for the better."
Generative AI facilitates on-the-job learning, empowering team members to upskill themselves as they work and ultimately strengthening an organization's overall security posture, according to Fabio Fratucello, field chief technology officer, international, at CrowdStrike.
Thousands of North Korean IT workers hid their identities to earn hundreds of millions of dollars in IT contract work from overseas companies to help finance the country's weapons development program, U.S. and South Korean agencies said. Officials said to watch for workers who are camera-shy.
To truly be effective, CISOs must understand their organization's focus and culture. "In understanding the organization and its language, you understand what matters, and then by extension that will drive your security strategy and your security focus," said Helen Rabe, CISO at the BBC.
What kinds of training do security professionals need? The biggest skills gaps are soft skills - 55%, cloud computing - 47%, security controls - 35%, coding skills and software development - both at 30%, says ISACA's State of Cybersecurity 2023 survey of more than 2,000 security leaders globally.
One-fourth of APAC healthcare organizations over the past year paid a ransom to recover encrypted files and systems, and a greater share incurred losses exceeding $1 million to cyberattacks. A survey by cybersecurity firm Claroty found that defenders are understaffed and using outdated technology.
In the drive to build a more diverse workforce, security organizations are progressing in many ways, such as ensuring that required skills in job descriptions are more inclusive, said Ed Parsons of (ISC)². But he added that job recruiters need to "meet underrepresented groups where they are."
Information security is no longer confined to the tech domain, and instead must align with business outcomes, adapted to suit an organizations' risk appetite, said Matt Gordon-Smith, former CISO at Gatwick Airport. Security teams often must balance competing needs and risks.
The Irish government has proposed a number of measures to strengthen the country's top cyber agency's abilities to tackle ransomware and other cyberthreats. The National Security Strategy lays out 18 new action plans intended to augment the National Cyber Security Center's capabilities.
Steve Kerrison, a senior lecturer in cybersecurity at Singapore's James Cook University, recently shared how universities in the Asia-Pacific region are meeting the rising demand for cybersecurity professionals. Meeting the demand starts with understanding the needs of the job market.
The threat landscape continues to deteriorate, and criminals are using new techniques and pulling off devastating attacks. Meanwhile, security leaders are struggling to fill a critical shortage of skilled talent. Rob Clyde shares how ISACA is helping defenders keep up and gain cyber maturity.
Government-imposed rules on incident reporting by organizations impacted by cyberattacks are not new – many sectors have been subjected to them for decades. What is new is that governments are introducing new, more stringent incident reporting rules that will affect a broader set of organizations.
The new...
Tell people not to click a link, pat each other on the back, and ride off into the sunset. If only security awareness training was that simple.
The discipline of security awareness training is chock-full of assumptions and misconceptions. As a side-effect, it is often felt that their programs are ineffective and...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.