91% of Cyber Attacks Start with a Phishing Email: Here's How to Protect against Phishing

ANAS BAIG | June 16, 2017

article image
Phishing attacks continue to grow in sophistication and effectiveness – here’s how to defend against this common threat. A cybercriminal is just one phishing email away from gaining unfettered access to your device, network, and valuable data. Phishing emails hold the potential to bypass many of the cybersecurity defenses employed by organizations and wreak havoc on the sensitive data and resources they hold. As concluded by PhishMe research, 91% of the time, phishing emails are behind successful cyber attacks.

Spotlight

Open Systems

As the leading global provider of managed SD-WAN solutions, with built-in security and analytics, we enable businesses to confidently create new business models driving market disruption and opportunity. With our unique digital operations platform, customers can pursue a digital-first strategy and leverage new technologies, like IoT and AI, to grow and scale business.

OTHER ARTICLES

Security News This Week: A Tiny Piece of Tape Tricked Teslas Into Speeding Up 50 MPH

Article | February 22, 2020

This week was filled with wide-scale calamity. Hundreds of millions of PCs have components whose firmware is vulnerable to hacking which is to say, pretty much all of them. It's a problem that's been known about for years, but doesn't seem to get any better. Likewise, Bluetooth implementation mistakes in seven SoC—system on chips—have exposed at least 480 internet-of-things devices to a range of attacks. IoT manufacturers will often outsource components, so a mistake in one SoC can impact a wide range of connected doodads. The most troubling part, though, is that medical devices like pacemakers and blood glucose monitors are among the affected tech. YouTube Gaming, meanwhile, wants to take Twitch's crown as the king of videogame streaming. But its most-viewed channels are almost all scams and cheats, a moderation challenge that it'll have to take more seriously if it wants the legitimacy it's spending big money to attain. In another corner of Alphabet's world, hundreds of Chrome extensions were caught siphoning data from people who installed them, part of a sprawling adware scheme.

Read More

Zyxel Helps Service Providers Deliver Solutions with Cyber Security

Article | April 1, 2020

The COVID-19 pandemic brings heightened awareness to the importance of a robust and stable communications network. Zyxel Communications is helping service providers across the globe ensure that their networks provide the necessary connectivity and cyber security for their communities to function during these difficult times. As more people are forced to work and study from home, the impact on the network is quite profound. OpenVault reports a 41% increase in bandwidth consumption during normal business hours. This health crisis points to the importance of good network connectivity wherever you live. COVID-19 brings the true nature of the digital divide into real context.

Read More

What is Ransomware and What You Need to Know to Stay Safe?

Article | March 5, 2020

While there may be more than 1 billion pieces of malware prowling the internet for a chance to infect victims, one particular piece of nastiness has been inflicting financial losses and security headaches for years.Known as ransomware, its sole purpose is to block access to computer systems or files until the victim pays a ransom. These ransom demands fluctuate wildly, from the equivalent of a couple of hundred dollars to several hundred thousand. In the simplest terms, ransomware is a piece of malicious software that prevents users from using their devices or accessing their personal or important files, unless a sum of money is paid. Payment is usually demanded in cryptocurrency, such as Monero or Bitcoin. Victims are told to purchase these digital assets and then transfer them to the attackers.

Read More

What Does It Take to Be a Cybersecurity Professional?

Article | August 30, 2021

While eating dinner at a Fourth of July cookout last weekend, my nephew described why he had so many career options as a pilot: There’s a shortage of pilots, and many existing pilots will be retiring soon. Other current pilots need to be retrained, because they fell behind in various ways during the pandemic. New people want to get into the field, but there are many hard requirements that can’t be faked, like flying hours, or unique experience on specific aircraft. There are many job openings and everyone is hiring. My response? Sounds a lot like our current cybersecurity career field. Professionals in cyber are seeing almost the exact same things. And yes, there are many, perhaps thousands, of articles on this topic saying different things. Everyone is focused on the shortages of cyber pros and the talent issues we currently face. But how hard is it to get into a cyber career for the long term? How can someone move into a fulfilling career that will last well beyond their current role? One reason I like the pilot training comparison is that becoming an excellent cyber pro takes time and commitment. If there are any “quick wins” (with minimal preparation or training) in cybersecurity careers, they probably won’t last very long — in the same way that flying large airplanes takes years of experience. After I got home that night, I saw this article from TechRepublic proclaiming “you don’t have to be a tech expert to become a cybersecurity pro.” Here’s an excerpt: “Ning Wang: I think that we’re in a pretty bad state. No matter which source you look at, there are a lot more job openings for cybersecurity than there are qualified people to fill it. And I have worked at other security companies before Offensive Security, and I know firsthand, it is really hard to hire those people. … “You may think that you have to have so much technology background to go into security. And again, I know firsthand that is not the case. What does it take to be a great cybersecurity professional? And I think from my observation and working with people and interacting with people, they need a creative mind, a curious mind, you have to be curious about things. … “And then even if you have all of that, there’s no shortcuts. If you look at all the great people in cybersecurity, just like all the other fields, that 10,000-hour rule applies here as well.” My response? I certainly agree that advanced degrees and formal certifications are not required (although they help). Still, the 10,000-hour rule and determination are must-haves to last in the long term. Here’s what I wrote for CSO Magazine a decade ago on the topic of “Are you a security professional?”: “Many experts and organizations define a security professional based upon whether or not they have a CISSP, CISM, Master’s Degree in Information Assurance or other credentials. Or, are you in an organization or business unit with 'security' in the title? While these characteristics certainly help, my definition is much broader than that. "Why? I have seen people come and go in the security area. For example: Adam Shostack started his career as a UNIX sysadmin. Likewise, you probably know people who started in security and left, or who still have a different job title but read blogs like this one because their job includes something less than 50% information security. (That is, they wear multiple hats). Others are assigned to a security function against their will or leave a security office despite their love for the field (when a too-tempting opportunity arises). Some come back, others never will.” WHY BECOME A CYBER PRO? This CompTIA article outlines some of the top jobs in cybersecurity, with average salaries: 1. Cybersecurity Analyst $95,000 2. Cybersecurity Consultant $91,000 3. Cyber Security Manager/Administrator $105,000 4. Software Developer/Engineer $110,140* 5. Systems Engineer $90,920 6. Network Engineer/Architect $83,510* 7. Vulnerability Analyst/Penetration Tester $103,000 8. Cyber Security Specialist/Technician $92,000 9. Incident Analyst/Responder $89,000 * Salaries marked with an asterisk (*) came from the U.S. Bureau of Labor Statistics. The article also walks through many of the steps regarding education, certifications and skills. Of course, there are many other great reasons to get into a cyber career beyond pay and benefits, including helping society, the fascinating changes that grow with new technology deployment, a huge need, the ability to work remotely (often), and the potential for a wide variety of relationships and global travel if desired. Becoming a CISO (or CSO) is another important role, with CISO salaries all over the map but averaging $173,740 according to Glassdoor. OTHER HELPFUL ARTICLES ON BECOMING A CYBER PRO Yes, I have written on this topic of cybersecurity careers many times over the past decade-plus. Here are a few of those articles: • “The case for taking a government cyber job: 7 recommendations to consider” • “Why Are Some Cybersecurity Professionals Not Finding Jobs?” • “Why You Should Consider a Career in Government Cyber Security” • “Play a Game - Get a Job: GCHQ’s New Tool to Recruit Cyber Talent” FINAL THOUGHTS Many people are now considering career changes as we come out of the COVID-19 pandemic. Cybersecurity is one of the hottest fields that has staying power for decades. At the same time, Bloomberg is reporting that U.S. job openings are at record levels. Also, Business Insider is offering a template to revamp your resume and get a remote job anywhere in the world. So even if the obstacles look daunting, a career in cybersecurity may be just the long-term change you are looking for. Article Orginal Source: https://www.govtech.com/blogs/lohrmann-on-cybersecurity/what-does-it-take-to-be-a-cybersecurity-professional

Read More

Spotlight

Open Systems

As the leading global provider of managed SD-WAN solutions, with built-in security and analytics, we enable businesses to confidently create new business models driving market disruption and opportunity. With our unique digital operations platform, customers can pursue a digital-first strategy and leverage new technologies, like IoT and AI, to grow and scale business.

Events