As cybersecurity is becoming more and more popular each day it’s also important to mention that there is a shortage of skilled people within the industry. Many recruiters create specific cybersecurity departments so they can stay competitive and fill the gap. According to the Forbes, it is expected that cybersecurity market will hit $170 billion by 2020 and cybersecurity jobs are expected to reach 6 million by the end of 2019. It’s not a secret that the rapid growth rate of the industry requires a professional approach from some of the best infosec recruiters.
In a recent interview, Karla Jobling from BeecherMadden (a top UK cybersecurity recruiter) reveals that at first cybersecurity companies wanted to hire as many people as possible. However, now they are more concentrated on how to find not many, but just the right people for the right position. It is extremely important for a recruiter to match the candidate’s expectations with the requirement and the corporate culture of the client company.
In 2018 the number of cyber threats is rising every day, but there are still many gaps that needs to be filled in the world of cybersecurity. There is definitely a talent shortage as many people still think that there is no place for women in information security. Currently, women represent only 11 percent of the cybersecurity force worldwide.
As we already hear and read news related to cyber warfare and espionage on a daily basis, maybe it’s the right time for women in cybersecurity to step in and help to solve more related cyber problems. Although some people may say that the lack of interest is the main reason why there isn’t many women in InfoSec there is a huge potential for this to change in the future. We from CyberDB have created a list with some of the top women in cybersecurity so you can learn more about them and their accomplishments. Feel free to check it out!
There are tons of books on our favorite topic, but it’s always impossible to squeeze them all into one cybersecurity book list. On top of that not all of them are good enough to feature them on CyberDB. We have created a list with the must-reads cybersecurity books 2018. Some of them are in print for years, but it’s never too late to read them now. If you think that we have missed something, feel free to contact us and share your recommendations! Without further delay and in no particular order here is our list:
Cyber Security and data privacy have always been a hot topic when we talk about IT. There are many places where people can find interesting news, analysis, comments and get informed about the latest threats and how to deal with them efficiently. From developers to security researchers, software companies to security websites and magazines everyone has an opinion on the subject. It is never easy to distinguish between them and when you search for ‘online security blog/news’ you will get thousands of different results.
The following article will try to give you a starting point for which are the top security blogs to get the latest trends and insights. We hope that the following list will be able to spark your interest and broaden your knowledge on this topic. These bloggers are ready to discover major security tricks, tutorials and solutions to problems that people experience on a daily basis.
Meetups are an amazing way to get together with people who share common interests. Of course, there are many websites that do the same, but nobody except Meetup has done something to help its’ users to meet offline as well. This platform brings individuals together and helps to create communities while having fun at the same time in a non-working environment. As a result, even the simplest ideas may become powerful movements when people are ready to share knowledge and improve their communication skills in real life, but not behind the PC. Most noteworthy, the moto of Meetup is to provide a way to explore your city, build your career and get creative.
Key benefits of Cyber Security Meetups:
- Meetup helps you finding cool groups and events based on your current location
- You can follow the local community or even organize events with a few clicks
- It is a great way to meet people offline
- Easy to advertise on and reach potential customers by promoting an event on Meetup
- The user can distinguish between an ordinary member and an event organizer profiles
- Meetup is useful for both individuals and companies
Therefore, the website can be quite useful for people with similar backgrounds who want to create new contacts and expand their network. It is very important especially among professionals in Information Technology and especially the Cyber Security industry. Cyber Security Meetups are becoming a very popular way for such professionals that usually work and live in the Bay Area. If you are one of them or just have some interest in the Cyber Security here is the list.
According to recent reporting, a suspected nation state hacker group with alleged ties to the Iranian government issued death threats to researchers that had detected their cyber espionage activity. The researchers were checking a server that they believed to be associated with a specific data breach when they received the message “Stop!!! I Kill You Researcher.” According to the same report, the server was apparently attached to the attackers’ command-and-control infrastructure. Active since 2015, the group known as “MuddyWaters” has been observed targeting organizations in Georgia, India, Iraq, Pakistan, Saudi Arabia, Tajikistan, Turkey, and the United States. Recently, MuddyWaters has been observed targeting oil and gas entities in the Middle East. Notably, the group is believed to employ “false flag” operations – similar to what was believed to have been done during the recent Olympics – in which it adopted some of the tactics, techniques, and procedures (TTP) of suspected Chinese hackers to obfuscate the group’s true identity.
On the surface, the threat made against the researchers can be viewed as knee-jerk reaction to being tracked by the private sector. But this does raise the possibility of what hostile actors may resort to in the future. The private sector computer security has been aggressively investigating the activities of suspected nation states actors since 2004 when the first report published the activities of a Chinese state entity. Since that time, several subsequent reports have been provided to the public detailing “advanced persistent threat” operations detailing TTPs and targeting that have ultimately been attributed to specific nation state actors. While the standard public reaction of these governments has been to refute or deny the claims, citing the difficulties in providing adequate evidence that supports attribution, sanctions and alleged retaliatory strikes have been know to occur as a result of these accusations.
Twitter has always been a great place to stay in touch with the latest cybersecurity trends. It is a great way to join professionals and even experts that normally you wouldn’t be able to reach out. You can follow them, read their posts and comments daily and why not even tagging them in your tweets to attract their attention just in a few seconds. Twitter is an open source platform that stimulates people to share knowledge from new technologies or threats to silly pictures and memes about the latest events in the news.
However, there are thousands of profiles that you can follow, but sometimes you just don’t seem to find exactly what you are looking for. The question of which security experts to follow on Twitter is tricky since there are so many professionals out there who keep sharing valuable information and news on a daily basis. What really matters is to decide what is relevant to you and how you are going to use it as your advantage. Once you have decided who to follow you can create your own lists per category containing the best Cyber Security Twitter profiles. This option allows you to see all of the tweets in a simple way and you will make sure that you don’t miss a single tweet from your feed.
We have created a list with some of the best Twitter CyberSecurity accounts so you don’t waste your time in searching – you can follow them right away.
In October 2017, German intelligence officials approached lawmakers and argued for greater legal authority to “hack back” in response to cyber attacks conducted by foreign nation states. The head of Germany’s domestic intelligence agency specifically advocated for the right to be able to destroy data stolen from German servers and relocated to foreign servers in order to mitigate the threat of its misuse. Additionally, the intelligence official expressed the necessity to be able to compromise foreign servers in order to bolster surveillance capabilities that would be leveraged against German cyber targets or extract specific data. Currently, Germany’s foreign intelligence agency does not have the legal to conduct such operations, although it is reputed to have the capability to do so.
Germany, like many other nations, has been a frequent victim of advanced persistent threat (APT) activity suspected of being conducted or directed by foreign governments. A 2017 government report by the domestic intelligence service revealed that Germany was a primary target of cyber spying operations suspected of being conducted by such foreign governments as China, Russia, and Turkey. According to the report, industrial espionage costs German industry billions of euros each year, with small- and medium-sized businesses often the biggest losers.
We keep hearing about the widening skills gap ravaging the Cybersecurity industry. Lack of qualified personnel is slowing its growth and affecting the security level of the customers. But most people outside the industry see these statistics and shrug. The cybersecurity industry is perceived as a very small, elitist segment of the tech market. Even to point of it being a niche industry.
Connected cars are exposed cyber threats. Security vendors are now looking to secure these vehicles in a fast growing sector of the cyber industry- this post is an extract from CyberDB reserach paper regarding this market. To download the complete report, please follow this link