Stuart O'Brien, Author at Cyber Secure Forum | Forum Events Ltd - Page 47 of 61
Posts By :

Stuart O'Brien

IT employment landscape dominated by AI & cybersecurity

 960 640 Stuart O'Brien
By:
0
0

Nearly one in three organisations plans to increase their IT staff in 2019, with AI and cybersecurity top of the list of skills required.

The 2019 State of IT report from Spiceworks surveyed 1,000 tech professionals in businesses across North America and Europe, and also found that one in four IT pros plans to seek new employment; with millennials are most likely to job hop.

Behind cybersecurity skills, AI tech expertise is the number two skill large enterprises are seeking, while job-hopping IT pros are primarily seeking better salaries and opportunities to advance their IT skills.

The report also found that while 29% of companies plan to increase their IT staff in 2019, most companies (59%) aren’t planning to build up their IT staff next year.

However, Spiceworks says that doesn’t necessarily mean they’re not hiring at all. For example, some companies may be focused on backfilling positions formerly held by IT pros who may have left the building in search of greener pastures.

When comparing the data by company size, enterprises with 1,000+ employees are more likely to increase their IT staff next year than their smaller counterparts – the reports suggests this is because larger companies have more IT needs and data assets to manage, and they’re more likely to increase their tech spend in 2019 too.

IT security/cybersecurity skills are most sought after among companies planning to shore up IT staffing levels next year. When comparing the data by company size, it’s clear large enterprises (5,000+ employees) are more likely to seek AI expertise than their smaller counterparts. In fact, it’s the number two skill they’re looking for after security know-how.

On the other hand, midsize companies (500 to 999 employees) are more likely to seek candidates with DevOps skills. Smaller companies are more likely to prioritise hiring IT pros with end user hardware and infrastructure expertise. This finding comes as small businesses plan to significantly boost their hardware budgets in 2019.

In 2019, 26% of IT pros plan to find a new employer, 8% plan to leave the IT field for a new career, 6% plan to move into IT consulting, and 5% plan to retire.

However, job plans vary significantly by age. For example, 33% of millennial IT pros plan to seek new employment in 2019, compared to 26% of Gen X and 13% of baby boomers. Millennials are also more likely to expect a raise and promotion, while unsurprisingly, baby boomer IT pros are most likely to retire in 2019.

Additionally, when comparing the data by gender, Spiceworks says it’s worth noting that women are more likely to expect a promotion next year: 25% of female IT pros expect a promotion in 2019 compared to 14% of male IT pros. However, men are slightly more likely to anticipate a raise… 37% of men expect a raise next year compared to 33% of women.

Job plans also vary by region. For example, in the UK specifically, 38% of IT pros plan to find a new employer next year, compared to the 28% average in Europe and 24% in North America. Spiceworks speculates that this is because digital tech jobs are on the rise in the UK, which means more job opportunities for IT pros (and more temptation to job hop). In fact, according to the 2018 Tech Nation Report, UK employment in the digital tech sector increased by 13% between 2014 and 2017.

“Companies looking to maximize efficiencies and grow profits understand the potential artificial intelligence has to automate tasks and reduce the cost of doing business,” Peter Tsai, Senior Technology Analyst at Spiceworks. “But to effectively deploy and manage AI-enabled tech, organisations need workers with relevant AI skillsets and experience. And large enterprises, which often have resources dedicated to R&D, are already ahead of the game when it comes to experimenting with and getting value out of AI.”

Symantec snaps up Javelin and Appthority

 960 640 Stuart O'Brien
By:
0
0

Symantec has confirmed the acquisitions of Javelin Networks and Appthority as it looks to bolster its directory-based attack and mobile app vulnerability solutions.

Israel-based Javelin Networks is a privately held company that offers software to defend enterprises against Active Directory-based attacks, with Symantec saying that Microsoft Active Directory (AD) services have become an increasingly popular target for attackers using AD reconnaissance to discover the users, servers and computers in an enterprise network and then move laterally across the network using this information to carry out multi-stage attacks.

Recently, multiple major advanced persistent threat (APT) campaigns have used AD credentials to move laterally in the network beginning with a single compromised endpoint. This challenge is pervasive, as a large number of enterprises worldwide use AD services to manage their users, applications, and computers.

The Javelin Networks team and its technology will become part of Symantec’s endpoint security business.

Appthority, meanwhile, is a privately held company that offers Mobile Application Security Analysis. Symantec says the technology will give its customers the ability to analyse mobile apps for both malicious capabilities and unsafe and unwanted behaviours, such as vulnerabilities, risk of sensitive data loss, and privacy-invasive actions.

Prior to the acquisition, Appthority was a Symantec Ventures portfolio company.

“Mobile apps are a critical threat vector that every company must address to protect their enterprise security,” said Adi Sharabani, SVP, Modern OS Security. “The Appthority technology extends SEP Mobile’s capabilities in limiting unwanted app behaviors, supporting regulatory compliance, and assessing vulnerabilities.”

Security IT Summit 2019 – Are you registered yet?

 960 640 Stuart O'Brien
By:
0
0

The Security IT Summit takes place on July 2nd 2019 in London, providing you with a rare full working day of networking, learning and connection building – plus cost-saving cybersecurity solutions.

In short, the Security IT Summit will enable you to lay the groundwork for your organisation’s cyber security strategy.

And what’s more, the Security IT Summit is completely FREE to attend as our VIP guest – benefits include:

– A personalised itinerary of meetings with solution providers who match your project requirements
– Attendance to a series of seminar sessions hosted by industry thought leaders
– Informal networking with peers
– Lunch and refreshments provided throughout the day

You’ll be joining 65+ other senior IT security professionals, and the the industry’s most trusted solution providers.

Among the delegates attending the last Security IT Summit were representatives from Arcadia, British Red Cross, Barclays PLC, Cancer Research, Fenwick, Financial Ombudsman Services, GE Capital, John Lewis, London Stock Exchange Group, Marshall Motor Group plc, Moonpig, Nationwide, O2 Telefonica, Pret A Manager, Prudential, The Guardian, Vodafone, Yorkshire Housing and more.

Register for your free place here.

Or for more information, contact Emily Gallagher on 01992 374085 / e.gallagher@forumevents.co.uk.

To attend as a solution provider, call Chris Cannon on 01992 374096 or email c.cannon@forumevents.co.uk.

SD-WAN deployments up, but networking and security challenges persist

 960 640 Stuart O'Brien
By:
0
0
 
New research has highlighted the improved network security, connectivity, flexibility, and cost savings enabled by SD-WAN , but says 98% of IT leaders cite networking challenges with their current WAN setup.

The report from Barracuda Networks includes data from more than 900 respondents in the Americas, EMEA, and APAC.

Respondents come from companies ranging from 1,000 to more than 5,000 employees across multiple sectors, including healthcare, finance, education, manufacturing, public sector, and retail.

Overall, the study indicates that SD-WAN deployments are increasing to address networking challenges resulting from the explosive growth of WAN traffic due to high demand for cloud applications and services. Security remains a top concern for an overwhelming majority of IT leaders as they consider upgrading to an SD-WAN solutions.

Highlights include:

  • Networking challenges are common with current WAN setups.
    • Top three challenges are complexity (48%), cloud performance (47%), and performance between locations (46%).
  • SD-WAN deployments are on the rise.
    • One-third have already deployed SD-WAN in most of their sites, and 49 percent are in the process of doing so or will in the next year.
    • 70 percent of IT leaders said they risk losing a competitive advantage if they don’t update their WAN.
  • Security is a top priority when choosing an SD-WAN solution.
    • 81 percent said advanced threat protection and centralized management were very important or crucial to their SD-WAN purchase.
  • SD-WAN offers improved security and lower costs.
    • Most common benefits of SD-WAN deployments are improved network security (57%), connectivity (56%), and network flexibility and agility (53%). 
    • Nearly half of respondents said they had reduced overall costs thanks to SD-WAN, and 36 percent reduced costs specifically for MPLS services.
Click here to download the full report.

GUEST BLOG: Phishing and Facebook – A test of reputation for businesses

 960 640 Stuart O'Brien
By:
0
0
By Asaf Cidon, VP Email Security, Barracuda Networks
 
Facebook is never far from the news agenda, so it was no surprise to see the company under the media spotlight again when it was revealed that a recent hack exposed the personal information of 30m users.
After polling visitors to Cloud Expo earlier this year on their views of Facebook and data privacy, we took to the floor at the IP Expo show in London earlier this month to learn how businesses were feeling about their defences in the wake of the latest high profile attack. 
 
The last time we spoke to the tech industry at a UK trade show, it was on the back of the news that millions of Facebook profiles were apparently exploited for political purposes, so we were keen to understand how views had changed in the six months since then. 
 
Back in April, trust in Facebook appeared to have been badly affected, with 55% claiming that they trusted Facebook less as a result of the Cambridge Analytica scandal. Results from IP Expo further confirmed this, with 41% of respondents citing that they didn’t trust Facebook even before this latest news story. What’s encouraging is that individuals are taking measures to protect themselves – 28% said that they had amended their security and sharing settings as a result, almost identical to the 29% who said the same at Cloud Expo.
 
Individuals in the IT industry have definitely become more wary of how they’re using Facebook, but did this have any bearing on their business?
 
So what does this mean for businesses? 
 
Whilst we still don’t know a great deal about what happened, we do know that while initial reports suggested 50 million accounts were accessed, it was actually closer to 30 million.
 
Despite this smaller number, it’s clear that hackers were able to get unfettered access to a significant amount of sensitive information. For 15 million users, the hackers had access to their name, phone number, and email address.
 
But for 14 million users, the attackers had access to the above as well as their relationship status, work, education, religion, current city, gender, username, device type, pages followed, last ten places checked into or tagged in, and 15 most recent searches.
 
Much of the information up for grabs plays right into the hands of cyber criminals planning their next phishing attack, and as it also includes people’s workplaces, it’s only natural to assume that this could well lead to an increased risk of phishing attacks at work.
 
So is this a precedent that businesses should be prepared for?
 
More than a third of the visitors we spoke to at IP Expo (35%) felt that the Facebook hack was likely to increase the likelihood of phishing attacks on businesses, since attackers would be emboldened by its success. Around 20% of our respondents felt it could work the other way though, as businesses would be forewarned and, therefore, forearmed against such attacks. 
 
Whatever the reality, businesses are certainly not being complacent when it comes to resisting phishing attacks. One in four (25%) of the 200 businesses who took part felt that they have both the technology and the user education in place to feel very confident in their protection. Confidence in technology but not user education meant that 38% felt quite confident in their ability to resist an attack, whilst a focus on user education over technology had instilled confidence in 22%. Only 7% felt that they were sitting ducks, with neither the technology nor user education in place to protect their business.

What now for businesses and individuals?
 
Anyone who regularly uses Facebook needs to review their security and sharing settings immediately, if they haven’t done so already. This is especially important if you have other apps connected to your Facebook account, as this gives attackers even more of a prize should they take over your account.
 
For businesses, the best defence against phishing and spear phishing is to help make users aware of the threats and techniques used by criminals. Organisations should implement a simulation and training program to improve security awareness for their users, regularly training and testing employees to increase their security awareness of various targeted attacks. Simulated attack training is by far the most effective form of training, as it helps humans recognise the subtle clues to identify phishing attempts, and gives employees a baseline understanding of the latest techniques attackers are using.
 
Effective user training can help prevent a lot of attacks, but keeping out attacks that don’t enter via email requires a combination of effective perimeter filtering, specially designed network architecture and the ability to detect malware that may already be inside the network. Businesses also need to keep up to date with software, security and firewall updates to ensure they have the most sophisticated approach to security in place to defend against threats. This demonstrates that SSO/MFA are not the silver bullet of protection against account compromise, because if the authentication provider gets compromised all connected applications are breached. This demonstrates the importance of using AI that can monitor employee behavior and detect anomalies in real time.
 
With huge global organisations such as Facebook and Google showing themselves to be susceptible to cyber-attacks, it’s clear that businesses need to remain vigilant. Every new breach further proves that the public needs to preserve and protect their own cloud data, because the providers are not. 

Cybersecurity skills gap increases to 2.9 million globally

 960 640 Stuart O'Brien
By:
0
0

New research shows a widening of the global cybersecurity workforce gap to nearly three million across North America, Latin America, Asia-Pacific (APAC), and Europe, the Middle East and Africa (EMEA).

The 2018 (ISC)² Cybersecurity Workforce Study (formerly the Global Information Security Workforce Study) is based on feedback from a sample of professionals responsible for securing their organisations around the world.

It includes IT/ICT staff within organisations ranging from large enterprises to small businesses who may or may not have formal cybersecurity roles but do have hands-on responsibility for securing critical assets every day – spending at least 25% of their time on such activities.

Key insights revealed in the study include:

  • Of the 2.93 million overall gap, the Asia-Pacific region is experi­encing the highest shortage, at 2.14 million, in part thanks to its growing economies and new cybersecurity and data privacy legislation being enacted throughout the region
  • North America has the next highest gap number at 498,000, while EMEA and Latin America contribute a 142,000 and 136,000 staffing shortfall, respectively
  • 63% of respon­dents report that their organisations have a shortage of IT staff dedicated to cybersecurity. 59% say their companies are at moderate or extreme risk of cybersecurity attacks due to this shortage.
  • 48% of respondents say their organizations plan to increase cybersecurity staffing over the next 12 months
  • 68% of respondents say they are either very or somewhat satisfied in their current job
  • Women represent 24% of this broader cybersecurity workforce (compared to 11% from previous studies), while 35% are Millennial or Gen Y (compared to less than 20% from previous studies)
  • More than half of all respon­dents globally (54%) are either pursuing cybersecurity certifications or plan to within the next year

Some of the biggest career progression challenges respondents reported are:

  • Unclear career paths for cybersecurity roles (34%)
  • Lack of organisational knowledge of cybersecurity skills (32%)
  • The cost of education to prepare for a cybersecurity career (28%)

The four areas cybersecurity pros feel they will need to develop most or improve on over the next two years in order to advance in their careers include:

  • Cloud computing security
  • Penetration testing
  • Threat intelligence analysis
  • Forensics

“This research is essential to fostering a clearer understanding of who makes up the larger pool of cybersecurity workers and enables us to better tailor our professional development programs for the men and women securing organizations day in and day out,” said (ISC)2 CEO David Shearer, CISSP. “We will share these powerful insights with our partners in government and the private sector to help establish the programs necessary to advance the cybersecurity profession. By broadening our view of the workforce to include those with collateral cybersecurity duties within IT and ICT teams, we discovered that professionals are still facing familiar challenges, but also found striking differences compared to previous research, including a younger workforce and greater representation of women.”

Download the full study at www.isc2.org/research.

NCSC deals with 1,100 cyber attacks in first two years

 960 640 Stuart O'Brien
By:
0
0

The National Cyber Security Centre (NCSC) has defended the UK from an average of more than 10 attacks per week in the two years since it was set up.

The NCSC, a part of GCHQ, has published its second Annual Review, which highlights the sustained threat from hostile state actors and cyber criminals.

Since it became fully operational in 2016, the NCSC’s cyber security front line has helped to support with 1,167 cyber incidents – including 557 in the last 12 months. The report reveals the majority of attacks against the UK are carried out by hostile nation states.

The Annual Review gives detail about the tactics used by the NCSC’s Incident Management team, who work behind the scenes to co-ordinate defences to support UK victims when attacks do get through.

For the first time, the NCSC is giving a glimpse into the work against the ongoing cyber threat in a podcast, “Behind the scenes of an incident”, which features interviews with a range of staff who defend the UK from cyber attacks.

David Lidington, Chancellor of the Duchy of Lancaster and Minister for the Cabinet Office, said: As the minister with responsibility for overseeing the implementation of the National Cyber Security Strategy, I am proud of what NCSC has achieved in just two years of operations.

“Our National Cyber Security Strategy set out ambitious proposals for how this Government will defend our people, deter our adversaries and develop UK capabilities to ensure we remains the safest place to live and do business online.

“NCSC has more than risen to this challenge, defending the UK from over 1,100 cyber attacks and reducing the UK’s share of global phishing attacks by more than half.”

The NCSC takes a proactive approach to securing the UK’s online defences. The Active Cyber Defence (ACD) initiative aims to protect the UK from high-volume commodity attacks that affect people’s everyday lives.

Since its launch, ACD has reduced the UK’s share of visible global phishing attacks by more than half; from 5.3% to 2.4%. Between September 2017 and August 2018, the service has removed 138,398 phishing sites hosted in the UK.

Ciaran Martin, Chief Executive of the National Cyber Security Centre said: “I’m extremely proud that the NCSC is strengthening the UK’s defences against those who seek to harm us online.

“We are calling out unacceptable behaviour by hostile states and giving our businesses the specific information they need to defend themselves. We are improving our critical systems. We are helping to make using the Internet automatically safer.

“As we move into our third year, a major focus of our work will be providing every citizen with the tools they need to keep them safe online. I’m confident that the NCSC will continue to provide the best line of defence in the world to help the UK thrive in the digital age.”

Earlier this year, the government’s flagship cyber security conference, CYBERUK, was held in Manchester and attracted 2,500 delegates.

Following the success of CYBERUK 2018, the NCSC will widen its geographical footprint in year three as Scotland will, for the first time, host the 2019 event. Government and industry professionals will gather in Glasgow, one of the first UK cities to get 5G internet, on 24 and 25 April to share cyber security best practice in the face of complex problems and threats.

Director GCHQ, Jeremy Fleming said: “In just two years, the NCSC has become a world leading organisation. I’d like to thank everyone at the NCSC for the outstanding work they do every day.

“Whether that’s thwarting the growing cyber threat from hostile nation states, providing excellent incident management services to large and small businesses, or pushing the boundaries of research and innovation, the NCSC operates on the front line of efforts to keep us all safe online.”

The Annual Review 2018 can be reached here and you can also listen to the NCSC’s first podcast – behind the scenes of an incident.

Security IT Summit 2019 – Secure your free place

 960 640 Stuart O'Brien
By:
0
0

Secure your free place at the Security IT Summit – it takes place on July 2nd 2019 at the Hilton London Canary Wharf and is an unmissable event for cyber security professionals.

It will provide you with a rare full working day of networking, learning and connection building – plus cost-saving cybersecurity solutions.

In short, the Security IT Summit will enable you to lay the groundwork for your organisation’s cyber security strategy.

And what’s more, the Security IT Summit is completely FREE to attend as our VIP guest – benefits include:

– A personalised itinerary of meetings with solution providers who match your project requirements
– Attendance to a series of seminar sessions hosted by industry thought leaders
– Informal networking with peers
– Lunch and refreshments provided throughout the day

You’ll be joining 65+ other senior IT security professionals, and the the industry’s most trusted solution providers.

Among the delegates attending the last Security IT Summit were representatives from Arcadia, British Red Cross, Barclays PLC, Cancer Research, Fenwick, Financial Ombudsman Services, GE Capital, John Lewis, London Stock Exchange Group, Marshall Motor Group plc, Moonpig, Nationwide, O2 Telefonica, Pret A Manager, Prudential, The Guardian, Vodafone, Yorkshire Housing and more.

Register for your free place here.

Or for more information, contact Emily Gallagher on 01992 374085 / e.gallagher@forumevents.co.uk.

To attend as a solution provider, call Chris Cannon on 01992 374096 or email c.cannon@forumevents.co.uk.

Do you specialise in Employee Security Awareness solutions? We want to hear from you!

 960 640 Stuart O'Brien
By:
0
0

Each month on IT Security Briefing we’re shining the spotlight on a different part of the cyber security market – in November we’re focussing on Employee Security Awareness solutions.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re a Employee Security Awareness specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Stuart O’Brien on stuart.obrien@mimrammedia.com.

Here are the areas we’ll be covering, month by month:

November – Employee Security Awareness

December – Malware

For information on any of the above topics, contact Stuart O’Brien on stuart.obrien@mimrammedia.com.

Reading is UK’s top destination for cybersecurity professionals

 960 640 Stuart O'Brien
By:
0
0

A new study has revealed the top UK cities for those working in the cybersecurity industry, measured against a criteria of salary levels, affordability, job availability and sector growth potential.

Reading came out top of the rankings, followed by Leeds, Cardiff, Edinburgh and Manchester, according to data pulled together by cyber security training outfit, Crucial Academy.

The research makes for interesting reading (no pun intended) against the backdrop of the perceived skills gap within the UK’s cybersecurity community, and beyond – the Information Systems Audit and Control Association (ISACA) estimates a global shortage of 2 million cyber security professionals by 2019, according to the UK House of Lords Digital Skills Committee.

In August, research from Databarracks revealed only 56 per cent of UK firms believe they have sufficient cybersecurity skills in-house to deal with the numerous threats they are facing, according to new research.

Databarracks questioned over 400 IT decision makers in the UK as part of its 10th annual, survey in order to understand their views on a series of issues relating to IT security and business continuity.

And 12 months ago the UK Government said it was “acutely aware” of the need for more skilled cyber security professionals working within the sector, and that it was embarking on a series of initiatives to help promote the profession.

Discussing the concern with members of UK technology industry body TechUK, Matt Parsons, head of cyber security skills at the Department for Culture, Media and Sport (DCMS) said at the time: “We are looking at a number of ways to retrain people who are interested in moving into the industry at pace and at scale.

“Using what we have learned, we are planning to scale up and look at how we can support the cyber security industry – and get more people in at a quicker rate.”

Neil Williams, CEO of Crucial Academy, said: “The cyber security skills gap is a growing issue across the UK. Every city in the ranking is a tech hub within its own right, however, it is fascinating to see which cities, based on these factors, may be more attractive to the much-needed talent pool of cyber security professionals.”

Tom Marcus, an MI5 veteran who works with Crucial Academy, said: “Cyber security is one of the most serious issues UK business faces today. For young people leaving education, ex-military people looking to transition to civilian life or those looking for a career change, there is no career no more Brexit-proof than cyber security.”