Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history

 Features

by Camellia Chan and May Chng We talk about the skills gap and the lack of talent in the cybersecurity industry, but do we actually grasp just how dire the situation is?  According to Cybersecurity Ventures1, the number of unfulfilled cybersecurity roles stood at an estimated 3.5 million positions in 2022, and is   show more ...

expected to persist into 2025. That’s approximately the population size of Uruguay, and more than Lithuania – to put that into perspective.  What percentage of the cybersecurity workforce is female? The same report found that women held just 25 percent of cybersecurity jobs globally. A clear solution to filling the talent gap is to encourage more women to enter the cybersecurity field because their contributions will not only close the shortage of skilled talent but also add valuable perspectives and dynamics to the industry.  As female leaders of the industry, we have a front-row seat to the challenges women face in joining this industry. Since there are already many amazing female tech leaders sharing their strategies for advancing female involvement in the industry, we’re taking a slightly different route here.   In the hopes of inspiring more to step forward and play a part in this essential industry, we want to answer the ‘Why’. In this article, we share some important contributions that women can and are already making in the cybersecurity landscape.   We Are All in This Together, and a Woman’s Perspective Matters   Just as personalization is the baseline for service-based industries, tailored attacks are the norm for hackers in today’s digital landscape. They exploit our differentiated weaknesses, whether it’s through phishing emails crafted to appeal to specific demographics or targeted malware campaigns aimed at exploiting vulnerabilities unique to certain groups. In such a scenario, having diverse perspectives and understandings of how different attack and victim groups might act is paramount.  Consider the case of the “romcom” cyberattack in October last year. This campaign specifically targeted women, including political leaders, leveraging their interests and personal information to craft convincing phishing emails and social engineering tactics. Such examples underscore the need for a more comprehensive and nuanced approach to cybersecurity, one that takes into account the diverse experiences and vulnerabilities of all potential targets.  Evolving with Hackers, No Longer the ‘Old Boy’s Club’   Do cybercriminals do it better than cyberdefenders? Given the anonymity of hacker forums, it may be accurate to say that skills matter more than gender in the criminal world.   In the ongoing debate over diversity and the inclusion of women in cybersecurity, it’s disheartening to realize that this conversation is still necessary in the 21st century. While we continue to make the case for diversity, hackers operate in the shadows, exploiting our weaknesses with impunity. In the shrouded criminal world of cybercrime, it stands to reason that skills often matter more than gender. Cybercriminals are recruited or operate independently based on their abilities, not their gender.  Perhaps it’s time for the cybersecurity industry to evolve beyond the outdated notion of the “Old Boy’s Club” and embrace a more inclusive and meritocratic approach to recruiting and upskilling talent. By prioritizing skills and diversity of thought over traditional gender norms, we can form a stronger, more cohesive, and more perceptive view of tackling cybersecurity challenges.  Bridging Communications Across the Organization   Within a corporate setting, women are the majority in areas such as human resources, communications, and public relations. In America, 70% is the proportion of female public relations practitioners, according to a 2020 study by Public Relations Society of America2. So is it just an issue of being better suited for certain job scopes? In our opinion, this is a mindset that is slowly changing, and needs to change even quicker.   This status quo is largely due to the perceived skillsets required for the abovementioned job scopes, involving communication, empathy, and relationship-building. Is this confined to women? No. These are attributes that many men possess and can demonstrate at work too. Both men and women often limit themselves, based on these preconceived notions of what roles suit their gender better.   But what happens if individuals from any gender, age, race or background are spread evenly across an organization? We are then able to break free of invisible “Us” and “Them” chains, and work far more seamlessly within an organization. Without unconscious gender barriers between departments, communications and mutual understanding can be created more smoothly, resulting in more efficient output and performance.   This also means leaders must work hard to remove negative stereotypes and experiences that can damage an employee’s early experience in the industry – such as not being taken seriously, being asked to fetch coffees, or anything else that may diminish their abilities as an equal at the table.   A United Workforce Against Cybercrime, At All Times   The importance of gender diversity in cybersecurity cannot be overstated. It’s not just about closing the skills gap or filling vacant positions; it’s about harnessing the full potential of a diverse workforce to confront the ever-evolving threats posed by cybercriminals.    As we strive to build a safer and more secure digital future, let us recognize that a woman’s perspective matters—not just on International Women’s Day, but every day in the fight against cyber threats.  About the Authors:  Camellia Chan and May Chng are the co-founders of hardware cybersecurity and memory storage specialist, Flexxon. Since founding the company in 2007, Camellia and May have grown Flexxon into an international business with offices in Singapore, the US, Malaysia, Taiwan, and Hong Kong. The company holds over 40 patents for its innovative hardware-based cybersecurity solutions that utilize Artificial Intelligence and Machine Learning to proactively detect, respond to, and remediate cyber attacks.  

 Cyber Essentials

Communities have a unique knack for pooling together strengths that frequently slip under the radar. But in the cybersecurity arena, where women’s representation is on the rise, these supportive networks are becoming invaluable. As we gear up to celebrate International Women’s Day on March 8, it’s   show more ...

time to shine a spotlight on the incredible communities that provide unparalleled support to women in cybersecurity.   With this year’s theme, “Inspire Inclusion,” urging us to champion and invest in women, we are propelled towards a future that’s not only fairer but more equitable. What better time to celebrate than now, spotlighting the vibrant communities where women thrive?  They are not just about offering guidance and accelerating the advancement of women in a field dominated by men; they’re about creating environments where acceptance and recognition flourish. They are the backbone of empowerment, ensuring that every woman feels not just included but celebrated in her journey through the cybersecurity landscape. Join The Cyber Express as we embark on a journey to unveil the top 10 communities where women in cybersecurity converge, collaborate, and thrive. So, whether you’re a seasoned professional or a newcomer to the field, we’ve curated a definitive list of communities where you can connect, learn, and evolve alongside like-minded women.  BlackGirlsHack BlackGirlsHack, founded in 2019 by Tennisha Martin, focuses on training to enhance diversity in cybersecurity. It bridges the gap between educational curriculum and industry demands. Emphasizing inclusivity, it envisions a cyber industry with diverse representation, including Black women in technical, leadership, and executive positions.    Despite its name, membership is open to all genders and ethnicities. Martin, also the executive director, leads the organization towards its goal of creating an inclusive and reflective community within the cybersecurity sector, ensuring skills align with industry needs while advocating for underrepresented groups.  WiCyS (Women in Cybersecurity)  Founded in 2013 by Ambareen Siraj, Women in Cybersecurity (WiCyS) operates as a non-profit, initially funded by a National Science Foundation grant to Tennessee Tech University. WiCyS is dedicated to recruiting, retaining, and advancing women in cybersecurity, offering networking, mentorship, and professional development resources.    With a global presence since 2012, WiCyS hosts annual conferences, facilitating connections and knowledge sharing among women in the field. Through its initiatives, WiCyS aims to enhance diversity, inclusion, and equal opportunities in cybersecurity for individuals worldwide.  AWSN (Australia Women in Security Network)  Established in 2014 by Jacqui Loustau, the Australia Women in Security Network (AWSN) is a non-profit aiming to educate and increase the participation of women in Australia’s security sector. Loustau, also serving as the executive director, initiated the group after noticing the lack of women’s representation in cybersecurity events.   With 2,817 members nationwide and chapters in major cities, AWSN facilitates informal gatherings and professional programs to foster connections and support among women in security. Over the past three years, AWSN has equipped over 1,300 professionals with various career-focused initiatives, including mentoring and technical skill development.  Breaking Barriers Women in Cybersecurity (BBWIC) Foundation  Breaking Barriers Women in Cybersecurity (BBWIC) Foundation, originating as a Lean-In Circle in January 2021 by Aastha Sahni, aims to unite women entering the cybersecurity industry. Sahni’s initiative evolved into a non-profit organization under the Canadian Not-For-Profit Act by October 2021 due to a surge in membership and global interest.   BBWIC serves as a supportive network for immigrants to the US and Canada while offering guidance to women worldwide. Their focus lies in leadership development, awareness of opportunities, and providing a safe environment for addressing challenges and fostering overall personality growth through networking, education, and training initiatives.  SIA’s Women in Security  The Security Industry Association’s (SIA’s) Women in Security Forum is a platform that fosters inclusivity and professional development for both women and men. Through various programs, networking events, and professional growth opportunities, the forum aims to support the involvement of women in cybersecurity.   Key initiatives include the SIA Progress Award, recognizing individuals driving progress for women in security, as well as networking events and SECURE Perspectives, a monthly column highlighting successful women in the industry.    Additionally, the forum promotes diversity through initiatives such as an all-women-authored edition of the SIA Technology Insights journal. These efforts contribute to creating an environment where women can thrive and contribute meaningfully to the security industry.  SheHacks KE  SheHacks KE, established in 2016 by Laura Tich, Evelyn Kilel, and Patricia Jerotich, is a nonprofit organization dedicated to providing women in the cybersecurity field with a supportive platform for professional development.   The community, comprising women from various backgrounds and regions across Kenya, aims to address the lack of female representation in cybersecurity workplaces and conferences.   SheHacks KE facilitates interaction, learning, and skill enhancement among women in cybersecurity, fostering an environment where members can collaborate and support one another in their professional endeavors. The initiative seeks to empower women to excel in the cybersecurity industry by creating opportunities for networking, knowledge sharing, and collective growth.  Girls Who Code Cybersecurity Club Girls Who Code is committed to fostering diversity, equity, and inclusivity in the tech sector. They recognize the historical and systemic barriers that have contributed to the gender disparity in computer science. Their focus extends to young women from marginalized backgrounds, including those from minority groups and low-income families, who may have limited exposure or access to computer science education.  Additionally, Girls Who Code values the diversity of identities and experiences, welcoming individuals who identify as female, non-binary, or gender nonconforming into their programs. They prioritize creating an inclusive environment where everyone can participate and contribute to the advancement of technology.  Executive Women’s Forum (EWF)  The Executive Women’s Forum (EWF), founded in 2002 by Joyce Brocaglia, managing director and global practice leader of cybersecurity at Alta Associates, is dedicated to advancing women’s careers in information security, IT risk management, and privacy. The EWF offers thought leadership programs and networking opportunities to its members, aiming to help them build their knowledge and professional networks.   Through partnerships with corporations and collaborations with industry leaders, universities, and the U.S. government, the EWF works to promote diversity, equity, and inclusion within the cybersecurity sector. Its offerings include an annual conference, an online community called EWF CONNECT, a mentoring program (Lift Mentoring Program), regional meetings, forums, and a Women of Influence Round Table for senior executives.   The EWF emphasizes inclusiveness and equal opportunity in its leadership, board, membership, initiatives, policies, and practices. Annual individual membership costs $1250, providing access to various resources and networking opportunities within the community.  FirstBoard.io FirstBoard.io is described as a handpicked network of female tech founders, CXOs, and operating leaders who collaborate to elevate female representation on corporate boards. Established in 2020 by Rita Scroggin, an executive search partner, the platform aims to increase the presence of female technology leaders on boards across various sectors such as cybersecurity, cloud computing, and artificial intelligence.   It strives to achieve this by bridging the gap between qualified female leaders and companies seeking diverse board members. Unlike traditional membership-based models, FirstBoard.io operates on a unique approach, recruiting only board-ready individuals who actively contribute to the organization’s mission without charging any membership fees.  Chief  Chief is a community designed specifically for executive women, offering a platform to connect with VP and C-Suite leaders across various industries and expertise. Founded in 2019 by Lindsay Kaplan and Carolyn Childers, Chief aims to support women executives by providing access to one-on-one executive coaching, powerful peers, and exclusive programming.  The organization welcomes leaders who identify as women, transgender, nonbinary, and gender nonconforming, and its leadership vets applicants for executive seniority to ensure members can receive support from true peers.   With a network spanning 10,000 companies, Chief boasts an impressive roster, with 77% of Fortune 100 companies represented and 40% of Chief members holding positions in their companies’ C-suites. Annual fees for Chief membership range from $5,800 to $10,900, depending on the selected level of access.   The vibrant communities we’ve explored are more than just support systems. They’re launchpads for a future where women in cybersecurity are not just empowered, but architects of the digital landscape. By fostering collaboration, knowledge sharing, and leadership development, these groups are shattering stereotypes and paving the way for a more inclusive and innovative cybersecurity industry.  So, don’t just find your tribe – help build it! Join a community, mentor a newcomer, or even start your own initiative. Every action, big or small, contributes to a future where the brilliance of women in cybersecurity is not a rarity, but the norm.  Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

 Cyber Security News

Source: securityboulevard.com – Author: Marc Handelman Authors/Presenters: Jonas Hielscher. Uta Menges, Simon Parkin, Annette Kluge, M. Angela Sasse Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access.   show more ...

Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel. […] La entrada USENIX Security ’23 – “Employees Who Don’t Accept the Time Security Takes Are Not Aware Enough”: The CISO View of Human-Centred Security – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 compromised

Source: www.databreachtoday.com – Author: 1 Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Governance & Risk Management Cybersecurity Agency Says ‘No Operational Impact’ Chris Riotta (@chrisriotta) • March 8, 2024     The U.S. Cybersecurity and Infrastructure   show more ...

Security Agency says hackers compromised two of its Ivanti gateways. (Image: Shutterstock) The U.S. Cybersecurity and […] La entrada Hackers Compromised Ivanti Devices Used by CISA – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Change

Source: www.databreachtoday.com – Author: 1 3rd Party Risk Management , Fraud Management & Cybercrime , Governance & Risk Management UnitedHealth Group Provides IT Restoration Timeline; AMA Is Not Impressed Marianne Kolbasuk McGee (HealthInfoSec) • March 8, 2024     UnitedHealth Group says   show more ...

e-prescribing functions are back online, and some other key IT systems will be […] La entrada Some Change Healthcare IT Services Will Be Back by Mid-March – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Broke

Source: www.darkreading.com – Author: Becky Bracken, Editor, Dark Reading Source: Roman Samborskyi via Alamy Stock Photo Cybersecurity professionals are finding it more attractive to take their talents to the Dark Web and earn money working on the offensive side of cybercrime. This puts enterprises in a tough   show more ...

spot: cut into profit growth to keep cybersecurity […] La entrada Broke Cyber Pros Flock to Cybercrime Side Hustles – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Corner

Source: www.darkreading.com – Author: Tara Seals, Managing Editor, News, Dark Reading Welcome to CISO Corner, Dark Reading’s weekly digest of articles tailored specifically to security operations readers and security leaders. Each week, we’ll offer articles gleaned from across our news operation,   show more ...

The Edge, DR Technology, DR Global, and our Commentary section. We’re committed to presenting […] La entrada CISO Corner: NSA Guidelines; a Utility SBOM Case Study; Lava Lamps – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Nate Nelson, Contributing Writer Source: Panther Media GmbH via Alamy Stock Photo Amid a steep rise in politically motivated deepfakes, South Korea’s National Police Agency (KNPA) has developed and deployed a tool for detecting AI-generated content for use in   show more ...

potential criminal investigations. According to the KNPA’s National Office of Investigation (NOI), […] La entrada South Korean Police Deploy Deepfake Detection Tool in Run-up to Elections – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Tara Seals, Managing Editor, News, Dark Reading Source: ArtesiaWells via Alamy Stock Photo The Russian state-sponsored advanced persistent threat (APT) group known as Midnight Blizzard has nabbed Microsoft source code after accessing internal repositories and systems, as   show more ...

part of an ongoing series of attacks by a very sophisticated adversary. The Redmond […] La entrada Russia-Sponsored Cyberattackers Infiltrate Microsoft’s Code Base – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Nathan Eddy, Contributing Writer Source: NG Images via Alamy Stock Photo Fresh proof-of-concept (PoC) exploits are circulating in the wild for a widely targeted Atlassian Confluence Data Center and Confluence Server flaw. The new attack vectors could enable a malicious   show more ...

actor to stealthily execute arbitrary code within Confluence’s memory without touching […] La entrada Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.cyberdefensemagazine.com – Author: News team By Soujanya Ain is a Product Marketing Manager at GitGuardian The automotive landscape has evolved dramatically, from mechanical marvels to sophisticated platforms on wheels driven by intricate computer systems. Surprisingly, these vehicles are governed   show more ...

by over 100 million lines of code, running across 50 to over 100 independent processors […] La entrada Safeguarding the Code That Drives Modern Vehicles – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Creating

Source: www.darkreading.com – Author: Andrada Fiscutean When you step inside Cloudflare’s San Francisco office, the first thing you notice is a wall of lava lamps. Visitors often stop to take selfies, but the peculiar installation is more than an artistic statement; it’s an ingenious security tool.   show more ...

The changing patterns created by the lamps’ floating blobs […] La entrada Creating Security Through Randomness – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.cybertalk.org – Author: slandau Konstantina Koukou is a well-rounded, tech-savvy electrical engineering graduate with a specialization in Information and Telecommunication Systems and a Master’s degree in Business Administration. She has 13 years of experience in different roles, from technical to   show more ...

consulting, and a passion for cyber security. Today, we’re taking the opportunity to highlight […] La entrada Best practices, breaking barriers & business opportunities – Source: www.cybertalk.org se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Michael Morgenstern Source: Image Source via Alamy Stock Photo COMMENTARY It’s an old trope by now that anyone not moving to the cloud is falling behind. As a result, cloud security has been on the list of “hot new trends” for the past few years with no   show more ...

sign of abating. In […] La entrada 10 Essential Processes for Reducing the Top 11 Cloud Risks – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Bill Toulas Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code. The flaw leveraged in the attacks is tracked as CVE-2023-6000, a cross-site scripting   show more ...

(XSS) vulnerability impacting Popup Builder versions 4.2.3 and older, which was initially […] La entrada Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Security Affairs newsletter Round 462 by Pierluigi Paganini – INTERNATIONAL EDITION  |  Threat actors breached two crucial systems of the US CISA  |  CISA adds JetBrains TeamCity bug to its Known Exploited Vulnerabilities catalog   show more ...

 |  Critical Fortinet FortiOS bug CVE-2024-21762 potentially impacts 150,000 internet-facing devices  |  QNAP fixed three […] La entrada Security Affairs newsletter Round 462 by Pierluigi Paganini – INTERNATIONAL EDITION – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Threat actors breached two crucial systems of the US CISA Threat actors hacked the systems of the Cybersecurity and Infrastructure Security Agency (CISA) by exploiting Ivanti flaws. The US Cybersecurity and Infrastructure Security Agency (CISA) agency was   show more ...

hacked in February, the Recorded Future News first reported. In response to […] La entrada Threat actors breached two crucial systems of the US CISA – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini CISA adds JetBrains TeamCity bug to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a JetBrains TeamCity vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and   show more ...

Infrastructure Security Agency (CISA) added the CVE-2024-27198 (CVSS Score 9.8) JetBrains TeamCity authentication bypass vulnerability to its Known […] La entrada CISA adds JetBrains TeamCity bug to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Critical Fortinet FortiOS bug CVE-2024-21762 potentially impacts 150,000 internet-facing devices Researchers warn that the critical vulnerability CVE-2024-21762 in Fortinet FortiOS could potentially impact 150,000 exposed devices. In February,   show more ...

Fortinet warned that the critical remote code execution vulnerability CVE-2024-21762 (CVSS score 9.6) in FortiOS SSL VPN was actively exploited in attacks in the […] La entrada Critical Fortinet FortiOS bug CVE-2024-21762 potentially impacts 150,000 internet-facing devices – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2024-03
Aggregator history
Sunday, March 10
FRI
SAT
SUN
MON
TUE
WED
THU
MarchAprilMay