This Week in Security Funding: Where the Money Went

Posted on April 13th, 2019 by Responsible Cyber

Predictions for cybersecurity investment in 2019 are holding true with funding announcements from four startups. Cybersecurity startups Expanse, Armis, Bitglass, and Tufin announced financial news during a busy week for industry funding, giving a peek into the technology that is top-of-mind for investors. The security market, expected to grow 8.7% and reach $124 billion in […]

Read More

Financial Firms Scrutinize Third-Party Supplier Risk

Posted on April 6th, 2019 by Responsible Cyber

But executives aren’t confident in the accuracy of cybersecurity assessment data received from their vendors, a new study shows. Financial services executives and managers responsible for the corporate checkbook would rather forgo business with a partner that is not serious about cybersecurity than run the risk of a breach, a new report found. Some 97% […]

Read More

6 Essential Skills Cybersecurity Pros Need to Develop in 2019

Posted on April 6th, 2019 by Responsible Cyber

In a time of disruption in the security and tech worlds, cybersecurity professionals can’t afford to become complacent – even in the face of a skills shortage. 1 of 7 Image Source: Adobe Stock (vchalup) It’s definitely a job seeker’s’ market out there in the cybersecurity employment pool. According to an about-to-be released report from […]

Read More

After all the Hard Work, Why Does the Security Gap Still Exist?

Posted on March 30th, 2019 by Responsible Cyber

Why is cybersecurity so hard? We’ve all seen the stats on cybercrime, and the numbers keep ticking upward. More attacks, more data breaches, more business disruption. Organizations are spending hundreds of billions of dollars in cybersecurity, and the problem is getting worse. But still, the good guys keep pushing ahead. I’ve been in cybersecurity for […]

Read More

NDSU Offers Nation’s First Ph.D. in Cybersecurity Education

Posted on March 30th, 2019 by Responsible Cyber

The new program focuses on training university-level educators in cybersecurity. Solutions to the cybersecurity skills shortage tend to focus on those who need training, but a new program from North Dakota State University tackles the issue from a different direction: it offers a focus on cybersecurity education within its computer science Ph.D. program. The goal […]

Read More

Vulnerability management woes continue, but there is hope

Posted on March 28th, 2019 by Responsible Cyber

I remember giving a presentation when I first started working in cybersecurity in 2003 (note: It was called information security back then). I talked about the importance of good security hygiene, focusing on deploying secure system configurations, managing access controls, and performing regular vulnerability scans.  When it came to the Q&A portion of my presentation, […]

Read More

An Argument that Cybersecurity Is Basically Okay

Posted on March 24th, 2019 by Responsible Cyber

Andrew Odlyzko’s new essay is worth reading — “Cybersecurity is not very important”: Abstract: There is a rising tide of security breaches. There is an even faster rising tide of hysteria over the ostensible reason for these breaches, namely the deficient state of our information infrastructure. Yet the world is doing remarkably well overall, and […]

Read More

New MageCart Attacks Target Bedding Retailers My Pillow and Amerisleep

Posted on March 24th, 2019 by Responsible Cyber

Cybersecurity researchers today disclosed details of two newly identified Magecart attacks targeting online shoppers of bedding retailers MyPillow and Amerisleep.Magecart is an umbrella term researchers gave to at least 11 different hacking groups that are specialized in implanting malware code on e-commerce websites with an intent to steal payment card details of their customers silently.Magecart […]

Read More

Congress steers clear of industrial control systems cybersecurity

Posted on March 14th, 2019 by Responsible Cyber

Rule number one about legislation affecting the cybersecurity of industrial control systems (ICS) is that no one talks about legislation affecting the cybersecurity of ICS. At least it seems that way based on a number of attempts to get industry stakeholders to talk on the record about the prospects in the 116th Congress for any […]

Read More

Consolidation: Why there should be big acquisition announcements at RSA

Posted on March 14th, 2019 by Responsible Cyber

Blackberry became a bigger player in cybersecurity with its recent acquisition of Cylance. In the past year, Palo Alto made several acquisitions, including the recently announced Demisto deal, to improve its security offerings and is expected to make more. With the RSA Security Conference on the horizon, will there be more consolidation announcements? Will this […]

Read More