The Biden administration, in addition to using its convening power to cajole big tech to invest more in cybersecurity, also issued an Executive Order in May that sought to leverage the Federal government's purchasing power to drive greater software security. The most visible implementation action so far has been the guidance on security measures for federal agency use of critical software developed by NIST. While not groundbreaking in substance - the guidance amounts to an index of best practices citing previous federal advisories - the list will help federal agency CIOs ensure they have addressed key software supply chain risks.
Cybersecurity frameworks such as ISO 27001, the international framework that defines best practices for an information security management system, can help organizations tackle business risk and enhance overall cyber-defense. In addition to ISO 27001, there are several other frameworks to consider, including the National Institute of Standards and Technology Cybersecurity Framework, which offers in-depth support to help enterprises identify the necessary actions to address and decrease risk.
In this interview with Help Net Security, Daniel Clayton, VP Global Security Services and Support at Bitdefender, talks about the cybersecurity skills shortage gap and the role of automation in improving the work of cybersecurity professionals. If we look at investments in technology driving automation across SOCs, it's still a relatively new concept and tends to be bolted on later to solve for scale, so enterprise budget holders are less invested than security teams are.
The pandemic has changed technology priorities for organizations worldwide finds a report from Omdia on the future of work. The top two enterprise priorities are now cybersecurity and hybrid working, with customer experience, business processes and better empowering frontline workers tied in third place at 49%. Working away from the traditional office will be the new norm finds the report as 58% of employees confirmed they will either be primarily home-based or will adopt a hybrid work style.
A recent AtlasVPN report highlights the companies that have amassed the most security vulnerabilities through the first half of 2021. In the first six months of 2021, Google and Microsoft have "Accumulated the most vulnerabilities," according to Atlas VPN findings based on a recent Telefonica Tech report.
Marlin Hawk released a research report which explores industry trends and insights of CISOs around the world, the challenges they face in a rapidly evolving cybersecurity landscape, as well as their role and place within organizations. It consists of research from CISOs at 400+ of the world's largest companies and direct feedback from Fortune 500 CISOs at organizations like Bank of America, Humana, TD Bank Group, Equifax, Credit Suisse, and BT Security.
Despite office workers being aware of the cybersecurity challenges faced by their employer - especially when it comes to hybrid working - many admit to high risk behavior including sharing passwords, downloading non-work related files and even losing work-owned devices, a BlueFort Security survey reveals. Despite the above, 33 percent of office workers said that they will not be taking any measures or extra precautions when transporting devices with access to company data from remote to office.
Over the past year, CISOs have had to grapple with the challenges of bolstering the security posture, minimizing risks, and ensuring business continuity in the new normal. In this article, we have put together the top cybersecurity priorities for 2021 and beyond that will enable businesses to be fully equipped for future disruptions, without compromising on security.
Just a couple of years of IT experience is all that's necessary to break into the cybersecurity field with this self-paced training. Tech giant Cisco has such a significant share of networking technologies on the market, so the Cisco 210-260 IINS: Implementing Cisco Network Security course is a logical choice for anyone already familiar with the company's systems.
As a result, it's never been more important to attract and develop employees in cybersecurity - and here are a few best practices for doing so. Employee retention will never be a "One-size-fits-all" initiative, which means hiring managers and HR leaders must make the time and investment to understand their employees and the company at large.