Draft and Develop: A Solution to the Cyber Security Skills Shortage

Security Boulevard

By 2019, the nonprofit group ISACA predicts a global shortage of two million cyber security professionals. Security can no longer work in a silo-- they now need to communicate across the business and balance the needs of multiple stakeholders from product line managers to ops teams. Outreach’s CISO, Martin Rues, knew finding a candidate with the combination of DevOps, Security and Cloud would be a time-consuming exercise with low yield.  He decided to invest in his teams and create an apprenticeship program to “draft and develop” internal talent, and groom then into the Cloud SecOps role that we required. Join Martin on July 26th at 1pm EDT to learn how he developed the apprenticeship program to build internal cloud security talent.
Watch Now

Spotlight

In this paper, the authors introduce the first authenticated encryption scheme based on a hash function, called COFFE. This paper has been motivated by the challenge to fit se-cure cryptography into constrained devices - some of these devices have to use a hash function, anyway, and the challenge is to avoid the usage of an additional block cipher to provide authenticated encryption. COFFE satisfies the common security requirements regarding authenticated encryption, i.e., IND-CPA- and INT-CTXT-security. Beyond that, it provides the following additional security features: resistance against side-channel attacks and INT-CTXT security in the nonce-misuse scenario.

OTHER ON-DEMAND WEBINARS

Privileged Password Management 101: Laying the Foundation for Success

BeyondTrust

InfoSec pros have their work cut out for them—with the need to secure an estimated 300 billion passwords by 2020. Privileged password management, in particular, is a pain point for almost every organization. Privileged credentials are often difficult to identify, challenging to tame and properly secure, and if done improperly, can be costly to manage. Without strong privileged password management processes and technology in place, your organization is ripe for all kinds of security breaches. In many industries, lack of the proper protections in place alone puts you at risk from legal and/or regulatory fallout.
Watch Now

How to Spot a Phishing Email – 5 Signs to Look Out For

MediaPRO

This attempt went on to ask why the sender wouldn’t pay an “invoice” attached to the email. Our IT staff later confirmed this attachment carried a ransomware payload. Like the confusing influx of different Oreo flavors in recent years (cotton candy Oreos, really?), the variety of phishing email attempts has blossomed. The “shock and awe” method described above is not a new tactic, though the use of vulgarity seems to be a relatively new variation. Fake shipping confirmations. Tax-related W-2 requests. Emails requesting password resets for social media accounts, online banking, you name it. These are just a few ways scammers use social engineering to bypass technological safeguards and compromise sensitive data.
Watch Now

Cyber Ranges – The Future of Cybersecurity Training

Cyberbit

Clearly, people have become the weakest link in the cybersecurity organization. The shortage of cybersecurity professionals in India is estimated by one million open positions. The existing workforce lacks the skills to match the growing volume and complexity of today’s attacks. How can we rethink our approach to training and upskilling our teams, and how can we certify new professionals faster so we can fill in the skill gap? Download the webinar and learn: How enterprises and governments use cyber ranges to run simulated attacks that prepare their SOC teams and red teams for the real world.
Watch Now

Top Ten Ways to Handle Contracts Effectively In-House

Handling a large number of contracts is a fact of life for most in-house attorneys – with an ever-increasing volume and tight deadlines, even before a M&A or other event triggers a voluminous contract review. But it doesn’t have to be chaotic or disorganized: with the right processes and tools you can provide strong, responsive
Watch Now

Spotlight

In this paper, the authors introduce the first authenticated encryption scheme based on a hash function, called COFFE. This paper has been motivated by the challenge to fit se-cure cryptography into constrained devices - some of these devices have to use a hash function, anyway, and the challenge is to avoid the usage of an additional block cipher to provide authenticated encryption. COFFE satisfies the common security requirements regarding authenticated encryption, i.e., IND-CPA- and INT-CTXT-security. Beyond that, it provides the following additional security features: resistance against side-channel attacks and INT-CTXT security in the nonce-misuse scenario.

resources