It’s become a media narrative that there is a “talent gap” in cybersecurity. The story goes that there are plenty of good paying jobs, but not enough qualified people to do them. On the face of it, there seem to be good reasons. The spate of high profile data leaks and hacks have made security a front and center concern for organizations of all sizes. As the sophistication of these attacks increase, it makes sense that the number of jobs needed would also increases. But Ben Tomhave can’t stand this narrative. He makes the case that this talent gap is actually symptomatic of organizational dysfunction.
The current US government shutdown is a political problem, but one that has real world security implications. We touched on this during the Gestalt IT Rundown last week, but Brian Krebs has an in-depth breakdown of is actually happening behind the scenes.
Managing infrastructure is hard enough. But in today’s world of cloud computing it can be tough to manage constructs that live for seconds instead of persisting. How can you keep a handle on it all. Confidentially, the best way is with Aporeto. Tom Hollingsworth discusses the power of identity management for workloads in this post.
Two-factor authentication is a simple security measure, right? What if you could take that and build on it to the point where it becomes a huge piece of your overall security posture? Tom Hollingsworth takes a look at Cisco’s recent Duo acquisition and how it can be leveraged for more than just a few factors.
Data protection can mean making sure you have adequate copies to ensure integrity and uptime. But after Australia passed the Telecommunications Access and Assistance Bill, requiring encryption backdoors, Preston de Guise wonders if it’s possible maintain the privacy function of data protection.
According to a recent audit, the Army, Navy, and Missile Defense Agency are having some issues with basic security. How bad is it? [I]nvestigators found that many users did not enable multifactor authentication for their accounts Ok, that’s not great. [T]he network was never configured to support multifactor authentication at all. Gulp Investigators found that […]
Cheap, tiny, and full-featured SoCs are great tools for exploring creativity. But those same features also make them great tools to malicious actors. The recent DarkVishnya attacks in Eastern Europe saw them used to gain local access to banking information.
Bruce Schneier digs into some commonly tossed around consumer security tips. He digs into what can actually work, what is flat out bad advice, and what is probably overkill.
Security in networking is a huge undertaking. You have to know what you need to know before you ever start implementation. Orhan Ergun takes a look at some of the important pieces of security in networking, specifically in SD-WAN, to help you figure out where to start before you get started.
The first major security flaw for Kubernetes has been found. It’s a nasty privilege escalation that’s tough to detect. Let the patching begin!