Month: April 2018

NIST refines Cybersecurity Framework

BY SARA FRIEDMAN 04/27/2018 Article originally posted on GovCyberInsider

As a first line of defense, the National Institute of Standards and Technology’s Cybersecurity Framework helps federal, state and local governments — as well as organizations across all industry sectors — manage cybersecurity-related risk.

Version 1.1 is an update to the original released in February 2014 and is meant to serve as a living document where changes can be made as cyber environments and risks shift.

Local governments’ cybersecurity crisis in 8 charts

BY DONALD NORRIS, ANUPAM JOSHI, LAURA MATECZUN, TIM FININ
04/30/2018

This article was first posted on The Conversation.

Within the past few weeks, two large American cities learned that their information systems were hacked. First, Atlanta revealed that it had been the victim of a ransomware attack that took many of the city’s services offline for nearly a week, forcing police to revert to taking written case notes, hampering the Atlanta’s court system and preventing residents from paying water bills online. Then, Baltimore’s 311 and 911 dispatch systems were taken offline for more than 17 hours, forcing dispatchers to log and process requests manually. Both attacks could have been prevented. And they are more evidence of the poor, if not appalling, state of local government cybersecurity in the United States.

Which Capabilities and Skills Do Hiring Companies Actually Want?

Article originally posted on www.infosecurity-magazine.com

A recent survey was conducted with cybersecurity professionals around what skills are needed for recent graduates to enter the workforce in a junior security role.

The survey was conducted by Shawn Davis, adjunct industry professor at the Department of Information Technology and Management at the Illinois Institute of Technology’s School of Applied Technology, and he was able to collect 100 responses. He said the purpose was to aid instructors in ensuring their curriculum measures up to industry expectations, and present students and recent graduates with guidelines of areas they should put more self-study effort into.

The survey results showed that over 90% of respondents rated “core security concepts,” over 70% “network and host attack vectors” and over 60% “user authentication and access control” as the most important factor.

Lower down, and only demanded by around 60% as most important, were skills on OS hardening, web application attack vectors and basic shell scripting.

Tech Earners

Jobs in cybersecurity are exploding: Why are women locked out?

How high schools are trying to attract girls to this lucrative tech field

Original article posted on hechingerreport.com

LITTLE SILVER, N.J. — The four members of Team Throckmorton, playing junior agents for a cybersecurity firm, are up against a wily gang of hackers. To detect and ultimately thwart the cyber criminals, who are masquerading as legitimate business owners, the Throckmortons must solve a series of increasingly difficult challenges beginning with figuring out how to log into one of the gang member’s social media accounts by cracking a password reset form.

Gathered around a large wooden table in the computer room at Red Bank Regional High School, the girls, working on school-issued black Dell laptops, snack on lunch from brown paper bags and occasionally help themselves to Oreo cookies from a communal pack. Erin O’Kane, a 10th-grader, fills an index card with numbers as she decodes a classified message online. Seated across from her, Hannah Gazdus, a junior and a member of The Team That Must Not Be Named, is using her lunch period to scan a block of Python code for green-highlighted text, which indicates the presence of suspicious commands.

Search
Generic filters

KB Table of Content

close-link
KB Table of Content
Scroll to Top
X