Threats from API and application vulnerabilities increased in 2022, but ransomware, human error and hygiene continue to pose the greatest threats to organizations, according to findings from CyberTheory's 2022 Performance Study. CyberTheory's Steve King shares how education can make a difference.
Tell people not to click a link, pat each other on the back, and ride off into the sunset. If only security awareness training was that simple.
The discipline of security awareness training is chock-full of assumptions and misconceptions. As a side-effect, it is often felt that their programs are ineffective and...
Beyond advising the seniormost levels of the business in the strategic use of technology, the need to recruit new cybersecurity professionals often also tops the list of tasks facing today's security leaders, says Rob Hornbuckle, CISO of Allegiant Air.
The UK Cyber Security Council is responsible for running the cybersecurity industry’s Cyber Certified Professional scheme. The council seeks to set the standard for chartered cybersecurity professionals and align with qualifications and certifications in the sector, says council CEO Simon Hepburn.
Human error is the most common portal for cybersecurity breaches. So it stands to reason that human talent is the most valuable defense against attacks.
But how can organisations reduce risk by making humans the strongest link in the cyber defense line?
View this UK & EU Leadership Session lead by the Tech...
The focus on automation, tooling and reactive responses to cyber threats can no longer stand alone against an increasingly sophisticated threat landscape, where attackers are also employing advanced tools to successfully breach even the most protected networks and systems. What is needed is a human-led approach to...
In 2021, the supply of cybersecurity professionals increased across the globe, with the exception of the Asia-Pacific region and some parts of Europe, says (ISC)² CEO Clar Rosso. She discusses factors behind the workforce gap and how a diverse team can improve resolution of cybersecurity problems.
Microsoft launched a four-year campaign on Thursday with community colleges in the U.S. aimed at recruiting hundreds of thousands of people into the field of cybersecurity. The goal is to fill an expected shortfall of 250,000 workers in cybersecurity, which Microsoft says means rising risk.
For today’s business, security is a teamwide effort and should involve everyone at your organization, not just IT. All it takes is one slightly out-of-date computer or a reused password for a cybercriminal to gain access to your company's most sensitive data.
Is your security risk management handled only by IT?...
Of all the areas under his direction - business continuity, GRC, data governance - third-party risk is the most challenging, says Peter Gregory, senior director of cyber GRC at GCI General Communications Inc. "Their breach is my breach," he says, offering mitigation advice.
Accreditation organization CREST has concluded an investigation into whether NCC Group employees cheated on its penetration-testing exams, finding that the cybersecurity business's training materials violated its rules. It says NCC Group has agreed to overhaul its processes and demonstrate compliance.