How UK Cyber Security Council Is Addressing Cyber Skills Gap

Anna Delaney • June 29, 2022

The UK Cyber Security Council is responsible for running the cybersecurity industry’s Cyber Certified Professional scheme. The council seeks to set the standard for chartered cybersecurity professionals and align with qualifications and certifications in the sector, says council CEO Simon Hepburn.

►

Access Management

Partnering to Secure Industrial Infrastructure

Latest

Leadership & Executive Communication

Okta to Spend $1M Helping Nonprofits Improve Their Security

Michael Novinson • July 1, 2022

Identity titan Okta has awarded $1.02 million in grants to groups focused on linking nonprofits with the talent needed to configure and manage security technology. Nonprofits have limited access to infrastructure and human capital to address their cybersecurity needs, and Okta hopes to change that.

Cyberwarfare / Nation-State Attacks

ISMG Editors: Russia's War Has Changed the Cyber Landscape

Anna Delaney • July 1, 2022

Four ISMG editors discuss important issues, including how Russia's cyber and kinetic wars in Ukraine have changed the cybersecurity landscape, what recent layoffs at cybersecurity firms mean for the industry and how cybercriminals are taking a page out of the white hat hacker playbook

Cybercrime

Ukrainian Cops Arrest Phishing Gang That Stole $3.4 Million

Prajeet Nair • June 30, 2022

Ukrainian authorities arrested nine individuals for the theft of about $3.4 million from 5,000 Ukrainians via more than 400 phishing links. Cybercrime gang members allegedly obtained access to bank accounts under the guise of facilitating social safety net payments from the European Union.

Governance & Risk Management

The Right Way to Change Your Identity Service Providers

Suparna Goswami • June 30, 2022

Markus Kalka, head of security authentication services at Takeda, talks about the challenges of changing identity service providers and shares the experience of consolidating three services into one at his company, a Japanese multinational pharmaceutical.

Email Security & Protection

The Criticality of Reporting Cybercrimes

Anna Delaney • June 30, 2022

For the seventh year in a row, business email compromise produced the largest losses of any type of cybercrime, according to Steve Dougherty of the U.S. Secret Service. He says organizations need to build and maintain relationships with law enforcement agencies before an attack happens.

CISO Trainings

Profiles in Leadership: Rob Hornbuckle

Mathew J. Schwartz • June 30, 2022

Beyond advising the seniormost levels of the business in the strategic use of technology, the need to recruit new cybersecurity professionals often also tops the list of tasks facing today's security leaders, says Rob Hornbuckle, CISO of Allegiant Air.

Endpoint Security

CyGlass Separates From Nominet, Pursues XDR Partnerships

Michael Novinson • June 29, 2022

CyGlass completed a management buyout from Nominet just two years after being acquired and wants to build an EDR stack via partnerships. Board and management changes at Nominet in 2021 resulted in the company returning to its registry roots and gave CyGlass workers the chance to buy the company.

Events

Addressing Misconceptions About Cryptography

Anna Delaney • June 29, 2022

Organizations need to move away from spending money on perimeter security and instead focus on "protecting critical assets using encryption and key management," says Brad Beutlich, of Entrust. "At this point in time, the hackers cannot break encryption technologies," he adds.

Cyberwarfare / Nation-State Attacks

Russian Cyberattack on Ukrainian TV Channels Blocked

Mihir Bagwe • June 29, 2022

Ukraine says it has thwarted multiple Russian misinformation campaigns, including blocking attempts to penetrate the electronic systems of its TV channels on the eve of its Constitution Day holiday. It also flagged social media accounts spreading fake videos.

Cybercrime

FBI: Deepfake Fraudsters Applying for Remote Employment

Prajeet Nair • June 29, 2022

Threat actors are using deepfakes to apply for remote employment at U.S. tech companies in a bid to gain access to corporate financial and customer data, internal databases and proprietary information. Fraudsters used stolen PII to make deepfake videos for personal interviews, says the FBI.

Events

The Future of Corporate Network Security on the Internet

Anna Delaney • June 29, 2022

The emergence of remote working, the cloud, and digital transformation initiatives are prompting companies to look toward replacing traditional on-premises firewalls, say Perimeter 81 co-founder and CEO Amit Bareket and CMO Gily Netzer. They discuss the future of securing hybrid work environments.

Critical Infrastructure Security

Preparing for Retaliatory Attacks From Russia

Anna Delaney • June 29, 2022

"I'm concerned that at some point the Russians are going to launch cyber retaliatory attacks against the United States at election infrastructure and the transportation, financial and energy sectors," says Elvis Chan, supervisory special agent at the San Francisco Division of the FBI.