CEOs: Cybersecurity Will Be a Major Challenge in the Coming Decade

Cybersecurity concerns remain top of mind for global CEOs as they weigh the challenges their organizations will face in the next five to 10 years. A new report by global management consultancy EY reveals that cybersecurity tops the list of concerns for CEOs, along with income inequality and job loss caused by technology advances. The findings in EY’s 2019 CEO Imperative Study confirm earlier research showing that chief executives view cybersecurity threats as one of their most daunting challenges. Adding to the problem, the EY study reveals that CEOs lack confidence in the C-suite’s ability to address these challenges. Only…

Commit. Plan. Succeed.

With half the year already in the rearview, it’s a great time to reflect on your goals. Is achieving the CISSP, CCSP, SSCP or another elite (ISC)² certification part of your plans? If so, do you have a winning strategy in place? Here are three tips to help you get – and stay – on track as you pursue next steps. Set an exam date. Registering now can keep you motivated and focused on your certification goals. And the sooner you pass the exam, the sooner you’ll prove your cybersecurity expertise to employers and peers! Develop a study plan. Work…

Small Businesses Need New Security Solutions but Aren’t Always Sure Which Ones

Small businesses have a real hunger for new cybersecurity technologies, but they don’t always know what they need, according to a new (ISC)² study. When asked what they would invest in if they had the budget for it, some respondents alluded to “better” and “new” solutions but weren’t exactly sure what they would be. (ISC)²’s Securing the Partner Ecosystem report reveals a concern among small businesses about running outdated technology. A comment from one respondent about what the company needs puts it all in perspective: “Phishing attack awareness, and more malware services that are up to date and cutting edge.”…

The Challenges of Raising User Security Awareness

One of the toughest challenges of cybersecurity is to raise awareness among users. Technology solutions are instrumental in achieving a solid security posture, but they only get you so far. There’s always the risk a user will make a split-second bad decision and open the door to attack. User awareness was the topic of a recent (ISC)² webcast, Delivering Security Awareness that Works. Participants shared their experiences in modifying user behavior and the challenges they face on a daily basis to save users from their own potentially harmful actions. User Risks One theme quickly emerged: Cybersecurity teams must be on…

2019 Security Congress – The Agenda is Live!

You’ve been curious. You’ve waited patiently. And now you’ll know exactly which sessions you can look forward to at our ninth annual Security Congress in Orlando! The full agenda for this conference is now online for you to browse and you won’t want to miss this year’s event. Security Congress will advance a global perspective and vision as our premier conference for thousands of cybersecurity professionals from all over the world. With more than 4,000 attendees expected, 18 tracks, 175 sessions and more than 200 speakers, this will be the biggest program ever. Featured sessions include: A panel discussion on…

Lack of Diligence by Large Enterprises Can Create Vulnerabilities

While large enterprises are highly confident in their cybersecurity defenses, a new (ISC)² study suggests they need to be more diligent in a couple of areas – taking action when told about security vulnerabilities and removing privileges for users who no longer need access to systems. The (ISC)² Securing the Partner Ecosystem study polled respondents from both small businesses and large enterprises. Asked if they’ve alerted enterprise clients to security vulnerabilities they’ve discovered on the enterprise’s systems, 53% of small business respondents said yes. Yet, 35% of large enterprise respondents said nothing is done about these alerts. In response to…

The Parent Trap: Lack of Knowledge Holds Children Back from Cybersecurity Careers

Parents can play an influential role in their children’s choice of careers but when it comes to cybersecurity, most parents have no advice to give. That’s because they really don’t know much, if anything, about the subject. A survey by cybersecurity training provider SANS Institute revealed that 63% of parents in the U.K. can’t answer questions about how to find a job in the cybersecurity field. Almost as many parents (61%) said they have little or no knowledge of any career opportunities in the industry, even though 91% said they have heard of cybersecurity. And despite the high earning potential…

EMEA Skills Gap Puts Cyber Workers at a Disadvantage Against Hackers

A severe cybersecurity skills gap in EMEA (European, Middle East and Africa) is making it hard for cybersecurity staff to cope with their workloads or acquire the skills they need to handle emerging technologies, according to a new report by Symantec. Cybersecurity workers believe they are at a serious disadvantage against attackers. Simply finding the time to learn emerging technologies, such as those related to mobility and cloud, is a challenge for a workforce whose experience as a group ranges from 10 to 30 years, the report says. “Declining skills are highly problematic for cyber security professionals, who are effectively…

EMEA Skills Gap Puts Cyber Workers at a Disadvantage Against Attackers

A severe cybersecurity skills gap in EMEA (European, Middle East and Africa) is making it hard for cybersecurity staff to cope with their workloads or acquire the skills they need to handle emerging technologies, according to a new report by Symantec. Cybersecurity workers believe they are at a serious disadvantage against attackers. Simply finding the time to learn emerging technologies, such as those related to mobility and cloud, is a challenge for a workforce whose experience as a group ranges from 10 to 30 years, the report says. “Declining skills are highly problematic for cyber security professionals, who are effectively…

Small Businesses Not the Weakest Link in the Supply Chain, Study Shows

A new (ISC)2 study suggests that small businesses may get too much attribution for causing security breaches for their large enterprise clients. While it’s true that enterprises have suffered breaches caused by third parties, they are more likely a result of actions by a large partner, not a small business. The Securing the Partner Ecosystem study, which polled respondents both at large enterprises and small businesses, revealed about one third of enterprises (32%) have experienced a breach caused by a third party, but in these cases, large partners are more likely to blame (54%) than small business partners (46%). Only…