Cybersecurity’s Hiring Spree Requires a Recruiting Rethink
Look for people with key traits like a willingness to learn, an analytical ‘hacker mindset’ when discovering the unknown, creativity, and attention to detail.
Look for people with key traits like a willingness to learn, an analytical ‘hacker mindset’ when discovering the unknown, creativity, and attention to detail.
LockBit is now the #1 ransomware gang worldwide. LockBit 3.0 — aka ‘LockBit Black’ — delivers advanced features such as disabling Defender to evade detection.
How to get started? Demonstrate the ability to think through problems and explain how you arrive at possible solutions.
Enables MITRE ATT&CK operationalization via CrowdStrike Falcon LogScale support, in addition to current support for Splunk, Microsoft Sentinel, IBM QRadar.
In a recent SC Media column, Michael Mumcuoglu – CEO of CardinalOps, writes that instead of manually identifying gaps in MITRE ATT&CK coverage, it should be automated so that security teams always have a clear
Mudge has a ton of credibility as a former ethical hacker and cyber expert at Google and DARPA. Boards should be wary of rosy reports about security controls.
Deficiencies include uncontrolled internal access to privileged accounts, inability to control bots and disinformation, and lack of a secure SDLC.
Organizations should establish processes to continuously identify, prioritize, and remediate gaps in their security monitoring to detect anomalous activity.
Have SOC personnel monitoring 24×7 for suspicious activity. Patching can’t protect against a supplier being compromised or stolen privileged credentials.
Apart from being up to date on patching, backups, and MFA — monitor 24×7 in the SOC so you can quickly shut down an attack before it reaches your crown jewels.
Automation and MITRE ATT&CK address complexity headaches that SOC teams have in managing their SIEMs – including Splunk, Microsoft Sentinel, and IBM QRadar.
China performs industrial espionnage to obtain technology expertise and also has targeted PII in two of the largest data breaches in history ― OPM and Anthem.