Cyber Survey shows a deficit in cybersecurity skills threatens job efficiency in the face of rising global cyber attacks

prnewswire | September 22, 2020

Cybrary, the world's largest online cybersecurity career development platform, today released the findings from the "Cybrary Skills Gap Research Survey and Report," which examines the current challenges, perceptions, and impacts of the cybersecurity skills gap faced by IT and security teams worldwide. The survey questioned respondents about the employer contributions towards their skill development, their level of personal commitment to growing their skills, and the current level of organizational support and opportunities offered for skill development.

Spotlight

In this paper, the authors examine the problems and their possible solutions on the specifics of using equivalent instructions for the hidden embedding of information into the executable and library files. This paper considers an example of hidden embedding into an executable file of exe format or into a similar elf-format for the Unix/Linux systems. In order to embed information into an executable code by the synonyms substitution method, it is suggested to use instructions that execute one and the same operation and have similar length, but that are encrypted by different opcodes.

Spotlight

In this paper, the authors examine the problems and their possible solutions on the specifics of using equivalent instructions for the hidden embedding of information into the executable and library files. This paper considers an example of hidden embedding into an executable file of exe format or into a similar elf-format for the Unix/Linux systems. In order to embed information into an executable code by the synonyms substitution method, it is suggested to use instructions that execute one and the same operation and have similar length, but that are encrypted by different opcodes.

Related News

SOFTWARE SECURITY

Legal Industry Leader HBR Managed Services Partners with Tanium to Enhance Security and IT Services Capabilities

HBR Consulting | August 16, 2022

HBR Managed Services (HBR), a comprehensive strategy, operations and technology consulting firm focused on the legal industry, today announced its partnership with Tanium, the industry's only provider of converged endpoint management (XEM) for complex security and technology environments. Recognizing that law firms are attractive targets for cyber criminals, HBR is leveraging the Tanium platform to provide IT operations management, IT asset discovery, and security threat response to manage system updates at scale, thereby helping the firm's IT managed services and network operating center (NOC) clients reduce risk and operating costs. "The Tanium platform allows us to automate patching of OS and applications on servers and workstations, whether those endpoints are attached to a firm's network or not," said Bill Elser, vice president of engineering services at HBR. "That's critical in today's hybrid environment, allowing us to quickly prevent or remediate security or other operational issues by deploying registry changes and executing scripts." "The legal field faces unique challenges not only to protect the integrity and reputation of individual firms, but to safeguard the various constituencies they serve. "Tanium is keenly aware of the heightened risks the industry faces and we are proud to align with a leader like HBR as they work to secure the interests of their clients. We look forward to expanding this long-term partnership as they continue to grow." Todd Palmer, SVP of partner sales of Tanium "We're pleased to add Tanium to our roster of best-in-class vendor partners," added Chris Petrini-Poli, HBR's executive chairman. "HBR is committed to continually innovating services and partnering with best-in-class tool providers. Throughout the past year, we've been investing in relationships that will help us continue to provide exceptional, cost-effective service to our clients. We're proud to be on the leading edge of using top-of-the-line technology that ensures a continuously updated and monitored, safe and secure IT environment, while allowing HBR's team to operate as efficiently as possible." About HBR Consulting HBR Consulting (HBR) provides law firms and corporate law departments with strategic guidance, operational improvement, and technology solutions that drive innovation while managing cost and mitigating risk. HBR's proven combination of experience, relationships, and insights—spanning the legal ecosystem—delivers sustainable financial and competitive advantages for its clients. Visit www.hbrconsulting.com and follow HBR on LinkedIn and Twitter. About Tanium Tanium, the industry's only provider of converged endpoint management (XEM), leads the paradigm shift in legacy approaches to managing complex security and technology environments. Only Tanium protects every team, endpoint, and workflow from cyber threats by integrating IT, Compliance, Security, and Risk into a single platform that delivers comprehensive visibility across devices, a unified set of controls, and a common taxonomy for a single shared purpose: to protect critical information and infrastructure at scale. Tanium has been named to the Forbes Cloud 100 list for six consecutive years and ranks on Fortune's list of the Best Large Workplaces in Technology. In fact, more than half of the Fortune 100 and the U.S. armed forces trust Tanium to protect people; defend data; secure systems; and see and control every endpoint, team, and workflow everywhere. That's the power of certainty.

Read More

DATA SECURITY,PLATFORM SECURITY

Laminar Named a Sample Vendor for Data Security Posture Management in 2022 Gartner® Hype Cycle™ for Data Security

Laminar | August 24, 2022

Laminar, a public cloud data security provider, today announced that it has been named by Gartner as a Sample Vendor for Data Security Posture Management (DSPM) in the Hype Cycle for Data Security, 2022. In addition to referencing Laminar, the Hype Cycle also gives DSPM a benefit rating of “transformational,” the highest benefit rating possible. Laminar is a cloud data security platform that delivers autonomous, agentless, and continuous data security for everything that you build and run in the cloud. Laminar provides autonomous discovery and classification for all data across AWS, Azure, GCP, and Snowflake into a cloud data catalog, prioritization of data assets by our proprietary risk model, an agentless and asynchronous approach to DSPM to reduce the exposure surface without impacting performance, and continuous monitoring to detect data leaks in real time. “We have consistently heard from our customers that the visibility provided by the Laminar platform is transformational and we are thrilled to see Gartner classify DSPM as such in this Hype Cycle report. “We are thrilled that Gartner and the market are recognizing the need for DSPM. We believe that this recognition validates our view that organizations must move to a data-centric security approach that enables data democratization, safely.” Amit Shaked, co-founder and CEO, Laminar According to Gartner, “Organizations face challenges mitigating data security and privacy risks as data rapidly proliferates across multi-cloud and hybrid IT architectures. Identifying meaningful data risk is impossible to solve without combining metrics from data sensitivity, data lineage, infrastructure configurations that create data risks and access risk into a common view. This is an urgent problem that is encouraging rapid growth in the availability and maturation of this technology.” As Gartner explained, “DSPM provides visibility of inconsistent security posture by analyzing a data map of user access to various datasets for identifying business risks. DSPM accelerates assessments of how data security posture can be enforced through complementary data security controls to reduce business risks despite the speed, complexity, dynamics and scale of hybrid IT and multi-cloud deployments.” The drivers of DSPM adoption according to Gartner include: Need to create a data map of user access against specific datasets has been a complex process in the past because traditional data security and IAM products are siloed in the way they operate. Need to map and track the evolution and data lineage across structured and unstructured formats, and across all potential data locations and shadow data, is critical to achieve consistent analysis. This is an emerging driver that is currently in evolution. The growth of regulations that require a data risk assessment has created the need for tools that can assess DSG policies. Need to protect data against exposure (e.g., cloud misconfigurations, excessive access privileges or data residency risks that arise due to geographic locations and access pathways to data). Combination of data observability features, such as real-time visibility into data flows, risk and compliance with data security controls, with the objective to identify security gaps and undue exposure. This recognition comes on the heels of growing business momentum at Laminar. The company recently doubled its total amount of funding raised in six months to a total of $67 million. Additionally, Laminar was recognized by Fortress Cyber Security Awards and the Global InfoSec awards, and was named a TAG Cyber Distinguished Vendor. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER and Hype Cycle are registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. About Laminar Laminar’s Cloud Data Security Platform protects data for everything you build and run in the cloud across cloud providers (AWS, Azure, and GCP) and cloud data warehouses such as Snowflake. The platform autonomously and continuously discovers and classifies new datastores for complete visibility, prioritizes risk based on sensitivity and data risk posture, secures data by remediating weak controls and actively monitors for egress and access anomalies. Designed for the multi cloud, the architecture takes an API-only approach, without any agents, and without sensitive data ever leaving your environment. Founded in 2020 by a brilliant team of award winning Israeli red team experts, Laminar is proudly backed by Insight Partners, Tiger Global, Salesforce Ventures, TLV Partners, and SentinelOne.

Read More

SOFTWARE SECURITY

CertiK Reaches for the Skies With the Release of Its New Security Services

CertiK | July 16, 2022

CertiK, the leading global Web3 and blockchain security firm, today announced the launch of several web3 Skynet security features to bolster end-to-end security for the web3 world. New features include: Skynet Trust Score - a new scoring mechanism aimed at simplifying the definition of crypto project risk, increasing transparency into scoring mechanisms and demonstrating market health. Skynet Cohort Analysis Panel - a way for projects to see how they rank against other similar projects in order to help users contextualize the risk of a project by displaying its performance against comparable projects. Badges and honors for project achievements to strengthen credentials in their respective fields The Skynet service, launched in June 2021, uses a comprehensive set of signals, curated from code scanning analysis, on chain security analytics, and machine learning to provide 24/7 monitoring of threats for crypto projects. To date, Skynet has helped to protect and monitor over 4 billion transactions. As part of its strategy, CertiK set out on a mission to address both business and consumer value services through its security leaderboard found on its website. Delivering on this promise, CertiK’s release of new Skynet features provides further simplicity and transparency to consumers around project risk, while also giving credit to projects where needed through badges and honors. “We’re very excited to launch these new Skynet features. “Through feedback from customers and the community, we’ve recognized the need to innovate around security risk in a simpler way that caters to both business and consumer needs. This is just the beginning of our journey as we continue to innovate in response to community needs and deliver on our promise of securing the web3 world.” Kevin Liu, Chief Product Officer at CertiK As part of its portfolio expansion, CertiK also recently released on its Twitter an autonomous security alert channel, which provides real-time alerts to the community on hacks, flash loan attacks, rugpulls and suspicious activity. To date, CertiK has flagged over $1.45 Billion in security incidents since the release of the service in February this year. The growing demand for Web3 security has driven further development and operation of more innovative and data-driven security products for the blockchain industry. CertiK is meeting these demands through innovative products like Security Leaderboard, Code Auditing, KYC and now this next series of Skynet security features. About CertiK CertiK’s mission is to secure the Web3 world. Starting with blockchain, CertiK applies cutting-edge innovations from academia into Enterprise, enabling mission-critical applications to be built with security and accuracy. Headquartered in New York City, CertiK was founded by computer science professors Ronghui Gu and Zhong Shao. CertiK is backed by industry leaders, including Insight Partners, Tiger Global, Sequoia, Coatue Management, Advent International, Goldman Sachs, Lightspeed, SoftBank Vision Fund 2, Hillhouse Capital, Binance, Coinbase Ventures, and more.

Read More