Study advanced IT concepts in this cybersecurity training bundle. Photo: Cult of Mac Deals
College isn’t the only way to gain advanced IT skills. The Complete 2024 Cyber Security Expert Certification Training Bundle offers five courses spanning more than 120 hours of content. This cybersecurity certification course covers everything from risk management to advanced frameworks and cryptography.
All course content is available for life once purchased, and this is your chance to get it on sale for $49.99. That’s 74% off the regular price of $195.
Advanced cybersecurity courses
Start studying a comprehensive selection of advanced courses on core cybersecurity concepts and set you up for certification. Most courses recommend at least a basic understanding of cybersecurity concepts and risk management principles, but others recommend specific topics to study, like the role of IT in business. (If you are a complete beginner studying IT, you may benefit from a more basic bundle.)
This bundle comes with courses covering security architecture, risk management, cryptography and more. The CompTIA CASP+ course even includes a practice exam with up to 90 questions.
Take your own path to mastering topics important to your career
There’s no set course path to follow, so you can choose any segment in this cybersecurity certification course to jump into. You can study information security governance, risk management, program development and incident management. Or catch up on the NIST framework to prepare for any government cybersecurity roles you might apply for.
Course certificates are for completion only. However, the content included in this bundle will help you prepare for formal IT certifications. They could even land you an entry-level job in the infosec field.
Save on a cybersecurity certification course that will set you up for success
The law specifically targets the inadequacies in current security measures by mandating three major changes: the elimination of default passwords, a clear protocol for reporting security vulnerabilities, and detailed consumer information on the length of product support and software updates. These stipulations apply to all companies manufacturing or selling smart devices in the UK.
For Apple, the law will necessitate a review of how its products comply with these enhanced standards. While Apple devices do not use default passwords, the company will need to ensure that all of its connected devices sold in the UK clearly communicate the duration of security support to customers. In addition, affected companies are expected to establish or refine their contact points for security issue reporting.
Retailers such as Apple stores are also required to provide customers with point-of-sale information about the cybersecurity practices relevant to the devices they purchase. The PSTI Act also includes strict penalties for non-compliance, with fines that can reach up to £10 million ($12.5 million USD) or 4% of the offending company’s global turnover.
Note: Due to the political or social nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Apple is set to unveil iOS 18 during its WWDC keynote on June 10, so the software update is a little over six weeks away from being announced. Below, we recap rumored features and changes planned for the iPhone with iOS 18. iOS 18 will reportedly be the “biggest” update in the iPhone’s history, with new ChatGPT-inspired generative AI features, a more customizable Home Screen, and much more….
There are widespread reports of Apple users being locked out of their Apple ID overnight for no apparent reason, requiring a password reset before they can log in again. Users say the sudden inexplicable Apple ID sign-out is occurring across multiple devices. When they attempt to sign in again they are locked out of their account and asked to reset their password in order to regain access. …
Apple used to regularly increase the base memory of its Macs up until 2011, the same year Tim Cook was appointed CEO, charts posted on Mastodon by David Schaub show. Earlier this year, Schaub generated two charts: One showing the base memory capacities of Apple’s all-in-one Macs from 1984 onwards, and a second depicting Apple’s consumer laptop base RAM from 1999 onwards. Both charts were…
On this week’s episode of The MacRumors Show, we discuss the announcement of Apple’s upcoming “Let loose” event, where the company is widely expected to announce new iPad models and accessories. Subscribe to The MacRumors Show YouTube channel for more videos Apple’s event invite shows an artistic render of an Apple Pencil, suggesting that iPads will be a focus of the event. Apple CEO Tim…
In his Power On newsletter today, Bloomberg’s Mark Gurman outlined some of the new products he expects Apple to announce at its “Let Loose” event on May 7. First, Gurman now believes there is a “strong possibility” that the upcoming iPad Pro models will be equipped with Apple’s next-generation M4 chip, rather than the M3 chip that debuted in the MacBook Pro and iMac six months ago. He said a …
Apple has announced it will be holding a special event on Tuesday, May 7 at 7 a.m. Pacific Time (10 a.m. Eastern Time), with a live stream to be available on Apple.com and on YouTube as usual. The event invitation has a tagline of “Let Loose” and shows an artistic render of an Apple Pencil, suggesting that iPads will be a focus of the event. Subscribe to the MacRumors YouTube channel for more …
LLMs such as ChatGPT might just be the next cybersecurity worry, according to the latest findings by researchers. Previously believed to only be able to exploit simpler cybersecurity vulnerabilities, LLMs have shown a surprisingly high proficiency in exploiting complex ones as well.
Researchers at the University of Illinois Urbana-Champaign (UIUC) found that GPT-4 demonstrates a scarily high proficiency in exploiting ‘one-day’ vulnerabilities in real-world systems. In a dataset of 15 such vulnerabilities, GPT-4 was capable of exploiting an alarming 87% of them.
This is a striking contrast to other language models like GPT-3.5, OpenHermes-2.5-Mistral-7B, and Llama-2 Chat (70B), as well as vulnerability scanners like ZAP and Metasploit, all of which recorded a 0% success rate.
A serious threat
The caveat, however, is that for such high performance, GPT-4 requires the vulnerability description from the CVE database. Without the CVE description, GPT-4’s success rate falls drastically to just 7%.
Nonetheless, this latest revelation raises alarming questions about the unchecked deployment of such highly capable LLM agents and the threat they pose to unpatched systems. While earlier studies demonstrated their ability to act as software engineers and aid scientific discovery, not much was known about their potential abilities or repercussions in cybersecurity.
While LLM agents’ capability to autonomously hack ‘toy websites’ was acknowledged, until now, all research in the field focused on toy problems or ‘capture-the-flag’ exercises, essentially scenarios removed from real-world deployments.
You can read the paper published by the UIUC researchers on Cornell University’s pre-print server arXiv.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Traditional cybersecurity is laser-focused on incident detection and response. In other words, it’s built around a Security Operations Centre (SOC). That’s no bad thing in itself. Read between the lines, however, and that assumes we’re waiting on the threats to come to us. With cyber adversaries evolving their tactics through AI, automated ransomware campaigns, and other advanced persistent threats (APTs), adopting advanced, proactive measures has never been more critical. Except that your SOC team is already drowning in vulnerabilities and knee-jerk remediations. How can they even begin to manage this?
Today’s ever worsening threat landscape calls for a strategic pivot towards the establishment of a Vulnerability Operations Centre (VOC) to rethink the foundational challenges of vulnerability management and cyber resilience.
The Strategic Imperative of the VOC
Traditional strategies are necessary but painfully insufficient. As an industry, we’ve predominantly been reactive, focusing on the detection and mitigation of immediate threats. This short-term perspective overlooks the underlying, ongoing challenge posed by a vast backlog of vulnerabilities, many of which have been known but unaddressed for years. Alarmingly, over 76% of vulnerabilities currently exploited by ransomware gangs were discovered more than three years ago. Either SOC teams don’t care – which we know is not true – or they can’t keep up on their own. It’s time to admit that the main problem they face is knowing which handful of threats to focus on amidst the tidal wave.
Sylvain Cortes
VP of Strategy, Hackuity.
The VOC provides a new approach to this challenge, offering a centralized, automated, and risk-based approach to vulnerability management. Unlike the SOC, whose primary objective is to manage incidents and alerts, the VOC is designed to predict and prevent these incidents from occurring in the first place. It focuses exclusively on the prevention, detection, analysis, prioritization, and remediation of security flaws that affect an organization’s unique IT environment. By doing so, VOCs enable organizations to address the far narrower, infinitely more manageable list of vulnerabilities that pose a significant, actual threat to their operations and sensitive data.
Linking SOC to VOC: A synergistic approach
The synergy between the SOC and VOC is essential to creating a comprehensive security framework that not only responds to threats but proactively works to prevent them.
The process of linking SOCs to VOCs begins with CISOs recognizing that patch management is not a standalone task but a core component of the broader security strategy. A dedicated team or unit, ideally under the guidance of the Chief Information Security Officer (CISO) or another appointed security leader, should spearhead the establishment of the VOC. This approach underscores the importance of a clear directive from the highest levels of cybersecurity leadership, ensuring that the VOC is not just an operational unit, but a strategic endeavor aimed at enhancing the organization’s overall cyber resilience.
Establishing a VOC involves leveraging existing vulnerability assessment tools to create a baseline of the current security posture. This initial step is crucial for understanding the scope and scale of vulnerabilities across the organization’s assets. From this baseline, the team can aggregate, deduplicate, and normalize vulnerability data to produce a clear, actionable dataset. Integrating this dataset into the SOC’s security information and event management (SIEM) systems enhances visibility and context for security events, enabling a more nuanced and informed response to potential threats.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The transition from technical vulnerability assessment to risk-based prioritization is a pivotal aspect of the VOC’s function. This involves evaluating how each identified vulnerability impacts the business, then prioritising remediation efforts based on this impact. Such a shift allows for a more strategic allocation of resources to focus on vulnerabilities that pose the highest risk to the organization.
Automation must play a key role in this process, enabling routine vulnerability scans, alert prioritization, and patch deployment to be conducted with minimal human intervention. This not only streamlines operations but also allows analysts to concentrate on complex tasks that require intricate human judgment and expertise.
The VOC empowers cybersecurity teams with a comprehensive and systematic approach to vulnerability management, significantly simplifying the process of handling an exponentially increasing number of CVEs. The immediate benefits include:
Centralization of Vulnerability Data: By aggregating and analyzing vulnerability information, the VOC provides a unified view that makes life easier for teams identifying and prioritizing critical vulnerabilities.
Automation and Streamlining Processes: The use of automation tools within the VOC framework accelerates the detection, analysis, and remediation processes. This not only reduces the manual workload but also minimizes the likelihood of human error, enhancing the overall efficiency of vulnerability management.
Risk-Based Prioritization: Implementing a risk-based approach allows teams to focus their efforts on vulnerabilities that pose the highest risk to the organization, ensuring that resources are allocated effectively and that critical threats are addressed ASAP.
Enhanced Collaboration and Communication: The VOC fosters better collaboration across different teams by breaking down silos and ensuring that all relevant stakeholders are informed about the vulnerability management process. This shared understanding improves the organization’s ability to respond to vulnerabilities swiftly and effectively.
Ownership and Accountability: Centralizing operations for vulnerability management within the VOC framework ensures clear accountability and ownership across teams. This organizational clarity is vital to removing siloes and reducing risk, as it establishes well-defined roles and responsibilities for vulnerability management, ensuring that all team members understand their part in safeguarding systems and networks.
That’s a lot to digest but, put simply, it’s time to rethink how we approach vulnerability management. Check the news – or better yet, check in with the rest of your cybersecurity team. A VOC reduces the crushing burden of vulnerability management on SOCs and makes the lives of all security teams that much easier. By centralizing operations, automating routine tasks, and emphasizing risk-based prioritization, the VOC enhances the organization’s security posture. Linking your SOC to your future VOC creates a seamless flow of actionable intelligence directly into the threat response mechanism.
The endgame? Ensuring that your organization’s defense mechanisms are both proactive and responsive for a far more secure and resilient digital environment.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
Cybersecurity and compliance training programs are now big business. According to Cybersecurity Ventures, the security awareness training market hit $5.6 billion in 2023 and is expected to surpass $10 billion in the next four years. This market boom is no surprise: cyber threats are rampant and large-scale attacks continue making headlines, most recently hitting the British Library, just to name a UK example, and disrupting their ability to function. All of this proves that every organization, no matter its size, is at risk of a breach.
Social engineering techniques, where an attacker targets the people who have access to systems (rather than the systems themselves) and manipulates them into handing over control, were the most popular malicious tactics in 2023. Businesses are therefore correct to recognize that people are a key vulnerability.
Annual cybersecurity awareness training is a regular feature on the calendar for most organizations in an attempt to ensure that every person within every department develops their cyber awareness skills, and is able to spot threats and respond accordingly before they become a major issue. In the face of fast-evolving security threats, this training is often outdated and can take months or even years later to bring that education to help people recognize the tactics used.
Neil Thacker
Chief Information Security Officer EMEA, Netskope.
Should training come around quicker than every year?
Ask any security leader and they wouldn’t be hard pressed to admit that employees find annual cybersecurity training time-consuming and uninspiring. Often viewed as a distraction for an employee, many will click through, skim read, watch videos at double-speed and pursue whatever shortcuts they can find to reach the completion certificate, check the box and carry on with their working day.
What’s more, the often limited interactivity of each annual training course fails to capture and maintain employees’ attention. Retention rates plummet without active engagement, and many training schemes lack any form of connecting the employee to real-world scenarios that could occur in their specific job function.
Even for those outliers who find annual training engaging and insightful, there is still little evidence it truly educates individuals or leads to positive behavior changes. As a result, they serve as little more than compliance checkboxes, as opposed to being a proactive measure to build a culture of vigilance and defend against threats. Ultimately, it’s not an efficient use of both time and resources, and cyber attacks continue their steady momentum.
It’s worth also noting that malicious actors specifically build their campaigns in a way that even the best trained employee forgets their general cybersecurity logic. This includes preying on emotional – rather than logical – behavior, and harnessing a sense of urgency to specifically guide the victim out of their logical and trained approach.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
So, how do we go beyond education? Organizations everywhere need behavioral intervention that helps to point people back toward logical thinking before they take big cyber risks.
Nudging toward greater cyber hygiene
Small, regular and human-centric intervention is an ideal route for effective long-term behavioral shifts. An example of this is nudge theory – a general set of principles aimed to guide human behavior down a more desirable path. It’s a well-established concept that has been hugely successful in the past, steering people toward healthier food choices and pro-environmental behavior, and requires only small changes in decision making at crucial moments when they’re moving through (often automatic) behaviors. Applying this to the world of cybersecurity, therefore, feels like a no brainer.
In the same way that radar speed signs show your current speed – giving you a second to think and adapt your behavior – we should have signals at work letting us know when we’re about to participate in risky cyber behavior and encourage us to slow down and think.
This human-centric route of prevention can be highly effective, and is a tool that should be more widely known and accessible for enterprises. Real time user coaching, for example, harnesses AI detection to instantly flag a high risk behavior to the individual as it happens, and propose alternative actions for the employee.
This is particularly important in the age of Generative AI, where third party AI tools are freely available across many enterprises, and platforms such as ChatGPT and Google Bard are seen as the go-to assistant for many admin tasks. The risk here is that many employees are uploading sensitive data to these platforms (from source code to personally identifiable information) and significantly increasing the risk of a data loss.
In most cases, employees accessing these services are unaware of the risk and are trying to be productive with tools they are familiar with or have stumbled across. Rather than blocking this activity outright, potentially leading to a disgruntled employee who works harder to get around the policy, just-in-time employee coaching provides an opportunity to explain the risk in the moment as it arises – crafted to fit company culture and tone of voice, as well as policy – and recommend safer ways to achieve the same outcome.
Continuous education
This form of continuous education and reinforcement can provide for employees what annual training lacks: an opportunity to contextualize information and prevent it from fading quickly in memory. What’s more, this practical application of consistent reminders in an employee’s everyday working life is the essential ingredient to fully understand and harness greater cyber hygiene.
By coaching employees in real-time to become better cyber citizens and make safer decisions, businesses can prevent cyber incidents the moment the threat occurs, and build genuine learning opportunities into employees’ daily working lives.
Rather than viewing humans as a weak link in our security posture, we should approach them as our last line of defense between an enterprise and the cyber threat landscape. It’s important that we recognize that, and train people in the way that is going to be most effective and empowering.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
Most businesses, regardless of size, now understand the potential value of the cloud. We’re beyond that stage of early skepticism in which technology decision-makers questioned whether cloud services would factor significantly into corporate operations. Wholesale adoption is now underway and has been for years.
And why not? The benefits of the cloud are obvious. The ability to access cloud-hosted applications and services from anywhere, store and recall data and content without regard to physical data center limitations such as capacity and aging hardware, and grow or shrink infrastructure elastically to meet the changing needs of your business is invaluable. As a complementary part of your overall IT strategy, the cloud can definitely accelerate your corporate growth and help achieve your goals and desired business outcomes.
Danger, unfortunately, still lurks within the cloud for the unwary. All the attributes that make the cloud so convenient and efficient—such as ease of access and decentralization of IT services and data—create the very conditions for risk in the form of security breaches. As more companies embrace public cloud resources and hybrid cloud infrastructures (as opposed to traditional on-premises IT infrastructure) and begin to push more of their workloads and data (especially sensitive data) into these environments, we are witnessing a steady increase in companies experiencing cloud security breaches. The reality for every company embracing cloud is that a cybersecurity incident will eventually occur—it’s just a matter of when.
Trevor Morgan
VP of Product, OpenDrives.
Inevitable security breaches
The inevitability that your business will encounter a security breach, whether through inadvertent carelessness or perhaps through a threat actor’s concentrated efforts, is sobering. The host of problems stemming from such a situation includes legal ramifications, potential governmental sanctions, and most certainly brand reputational damage. Most sources agree that a single security breach can cost your organization millions of wasted dollars, not to mention the fact that it will defocus your organization and alarm your customer base (many of whom might have sensitive personally identifiable information (PII) somewhere in your data ecosystem).
You might have the impression that all your cloud data is highly secure no matter what, especially when you’re leveraging public cloud services that tout rock-solid security measures. Go ahead and rethink any self-assurances or complacency about your cloud security posture. The potential problems are manifold: most security measures in cloud environments must be consciously deployed and configured properly; well-trained (and expensive) professionals must remain alert and monitor cloud environments regularly; and your entire organization must participate in a culture of safe cyber-activity in order to thwart the efforts of hackers employing not only technical acumen but social engineering trickery to find cracks in the armor.
Don’t get me wrong—this is not a scare tactic convincing you to lose faith in your push to the cloud. Quite the contrary! With proper planning and some deliberate and persistent vigilance within your organization, you can confidently rely on your cloud-based IT infrastructure and cloud data services. And, just know that you’re not in the fight alone!
The major web service providers understand the problems and threats just as intimately as any organization can, and they’re trying to stay one step ahead of bad actors. With the mainstream adoption of automation in the form of machine learning (ML) and artificial intelligence (AI), these companies are merging next-generation machine intelligence with standard cloud-based operations and workloads to detect anomalies and potential threats to their customers like you, without your direct intervention.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Taking cybersecurity problems seriously
One way to see how major cloud providers are taking the cybersecurity problem seriously is to view the types of intellectual property patents they file. For example, a patent filed by a subsidiary of Microsoft details the method by which machine intelligence can automatically monitor API transactions and detect anomalous requests in the form of mismatched cloud providers. This might indicate a mounting and intentional threat. On top of using automated machine intelligence to monitor and detect these kinds of situations on a massive scale, the patent details mitigation and remediation efforts in the form of data sharing between cooperative cloud providers. All good measures!
Evolving tech like this helps cloud services providers—and their customers—move closer to a Zero Trust posture in which no request or transaction is assumed legitimate, and instead enforces multiple or many challenges before allowing access to data or services to avoid the dangers of implicit trust. Obviously, maneuvers such as these would be done at the service provider level and wouldn’t necessarily involve intervention from customers or their employees. That doesn’t mean, though, that you should rely solely on the methods that your cloud services provider implements in order to keep your IT infrastructure (and all that potentially sensitive data) safe.
With a deliberate effort to build your organization’s cybersecurity consciousness, you can improve your chances of delaying that event I claimed earlier in this piece was inevitable. While these tactics may seem simple, they go a long way toward closing potential security holes and certainly complement the tech that your cloud services provider no doubt is in the process of deploying to keep you and all those other customers secure:
Don’t be fooled into complacency by relying solely on traditional perimeter security such as firewalls, perimeter monitoring, and intrusion detection. Cloud environments are incredibly distributed so even knowing the extent of your perimeter becomes challenging.
Data-centric security
Consider more data-centric security such as format-preserving encryption or tokenization, especially when you house PII or other highly sensitive information. Data nowadays is rarely at rest, and you want data security that can travel with it.
If your organization has embraced DevOps, make sure you include the Sec in there to form DevSecOps. Data security shouldn’t be an overlay once most of the development is complete—move security up front to the planning phase to ensure it’s built right in.
Encourage a culture of security among all your employees. Never let them forget that all it takes is one oversight for threat actors to pounce. Talk openly about times when you almost feel for that social engineering trick, and keep those lessons learned alive for all to see.
Prioritizing data security, integrating DevSecOps practices, and fostering a security-conscious culture among employees are crucial steps toward safeguarding sensitive information in today’s dynamic digital landscape. By proactively addressing security at every stage, organizations can mitigate risks and uphold the integrity of their data assets–and reputation–in the face of evolving cyber threats. So when it comes to data security, remember: prevention is always better than a cure.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
Amid political headwinds and economic uncertainty, we find ourselves in a challenging time for business. The economy is being impacted by the combination of ongoing high inflation and limited GDP growth. Meanwhile, supply chains are being disrupted by international conflicts (e.g., Ukraine, Gaza and the Houthi insurgency) and the ongoing impact of Brexit. And so, businesses are being pulled in multiple directions due to economic pressures and uncertainty – the two things they hate most. Due to these challenges, it’s safe to say we are living through a ‘cost of doing business’ crisis.
This crisis has seen cybersecurity teams suffer pushback from decision-makers about new investments. With instability resulting in spending decisions being delayed, they are faced with ‘in-real-terms’ or even actual budget cuts for the first time. This is forcing them to be as agile as possible to continue responding to the evolving security landscape because the classic market drivers – the evolving threat landscape, increasing digital transformation, mounting regulatory reform and the ongoing skills shortage – mean that security teams are being asked to deliver more with less. Thus, the knee-jerk response of ‘salami-slicing’ costs, let alone not acting at all, is simply not an option.
To maintain an appropriate level of security, finding a way to continue protecting their company will therefore be an uphill battle. Security leaders must find new ways to demonstrate the value of the investment decisions they seek.
Dominic Trott
UK product manager, Orange Cyberdefense.
Security as an enterprise risk management topic
Any organization failing to protect its sensitive digital assets from today’s increasingly sophisticated cyber threats stands to pay a high price. According to our recent Security Navigator report, there was a global surge of 46% in cyberattack victims in 2023.
A significant contributor to this is the tendency of businesses to view security merely as a checkbox on their compliance list rather than addressing it as part of a broader (and consistent) enterprise risk management strategy. This implies a lack of communication, with the C-suite not fully understanding the way that security delivers value across their organization.
However, cyber resilience should start in the boardroom, with organizations aligning cybersecurity closely with their business objectives. Achieving this requires enhanced collaboration between CISOs, security and the wider leadership team to foster a deeper understanding of internal security needs and how they can support business goals by defending their most important assets and maintaining ‘business as usual’ in the face of attacks.
Executive meetings should therefore regularly address security as an enterprise risk management topic, emphasizing the significance of partnerships and collaboration between the board and security teams. They can do this by making sure that they understand the risk management strategy of their business leaders, working to quantify the security risk that they face and presenting security decisions in terms that help the board to map this security risk posture against their risk appetite. This will allow security experts to advise on how budgets could be allocated most strategically and facilitate open discussions about the inherent risk versus cost challenges posed by potential cyber incidents.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Always relate to the business strategy
Our research also found that the past year saw large enterprises account for 40% of security incidents. With more stakeholders, these organizations often suffer by trying to take multiple perspectives onboard, which can make business and security alignment more challenging. Security leaders must focus their activity and investments towards the most critical risks that are most contextually relevant. Otherwise, they risk ‘boiling the ocean’ – diminishing the impact of their spending power by diluting focus.
A lack of business focus on the security strategy can lead to organizations missing out on the adoption of new tools and technologies that could provide a competitive advantage. For example, at our annual Summit in November, an informal discussion between partners and customers found that only around a quarter of security leaders in attendance had ChatGPT enabled for staff, with the remaining citing it was blocked for security reasons. However, businesses that can find a way for security teams to enable such technologies safely will reap the rewards and put themselves ahead of their competitors.
To overcome this issue, security teams must learn how to ‘do business with the business.’ This means understanding what the wider business is struggling with and, crucially, being able to explain how they can support it. To achieve this, it is critical to make new tools ‘secure by design,’ as solutions that both enhance security while preserving usability can help to hone a competitive edge. However, this hinges on security teams being involved in new projects from the start so they can demonstrate their value for business initiatives.
Unfortunately, this stands in contrast to the traditional situation whereby security is brought in at the end and/or as an afterthought, perceived by the rest of the business as a ‘blocker’ that slows down or dilutes the value of such projects. By helping business leaders think creatively about how finance, security and business strategies align, security teams can help drive the business agenda.
Automation to the rescue
However, this level of collaboration with the broader business can be time-intensive for security teams, who are also trying to maintain appropriate defenses and respond to threats. One way of tackling this is by optimizing security operations and using automation so they can spend time on more meaningful tasks, without taking their foot off the gas.
Whilst every procedure holds importance, security teams need to reassess how they prioritize their time and how mundane, everyday tasks can be dealt with to free up – or ‘create’ – capacity. If this is done right they can improve security metrics, minimize incident response times and therefore reduce exposure to risk, while at the same time creating more time to work closer with business leaders to drive home the importance of their role.
Ultimately, security should be part of the answer not part of the problem when it comes to overcoming the ‘cost of doing business.’ By freeing up resources with the help of automation, security teams can build a more strategic role in the boardroom, and forge closer ties with business leaders to proactively address vulnerabilities and unlock a competitive advantage.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
In 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity disclosure rules. These regulations mandate the disclosure of “material” threat and breach incidents within four days of occurrence, along with annual reporting on cybersecurity risk management, strategy, and governance.
The introduction of the new SEC cybersecurity requirements represents a critical milestone in the continuous fight against cyber threats. In 2023, chief information security officers (CISOs) revealed that three out of four companies in the United States were vulnerable to a material cyberattack. Consequently, cybercrime remains one of the foremost risks confronting US-based companies. Additionally, in the same year, nearly seven out of ten organizations in the United States experienced a ransomware attack within the preceding twelve months.
Cyberattacks pose significant risks to businesses, primarily in terms of financial damage. In 2024, cybercrime is projected to cost the United States alone more than $452 billion. Additionally, the loss of sensitive data is a consequential outcome of cyberattacks. In 2023, the United States ranked third globally in the percentage of companies reporting the loss of sensitive information.
Furthermore, data compromise incidents affected approximately 422 million individuals in the country in 2022, totaling 1,802 incidents. The US is recognized among the countries with high data breach density. Beyond financial and data loss implications, businesses are also wary of reputational damage, significant downtimes, and the potential loss of current customers, all of which can affect a company’s valuation and overall standing.
William Belov
Rise of awareness
Having in mind growing risks and new SEC rules, companies are strengthening their defenses, shows a recent report by Infatica, a provider in the proxy service market. According to the company’s data, the demand for proxy services searches has jumped by 106,5% over the last year. The reason behind this trend is proxies’ ability to imitate cybersecurity attacks. Therefore, using this technology companies can test their defenses.
The growing interest in proxy servers is not limited to seeking enhanced security measures alone. Searches for “free web proxy server” have risen by 5,042.9%, indicating a widespread pursuit for accessible solutions that offer anonymity. Meanwhile, the demand for “proxy server list” and “anonymous proxy server” has also seen significant upticks of 80.6% and 414.3%, respectively, highlighting the importance of reliable and discreet online operations.
While the SEC’s cybersecurity rules primarily target publicly listed companies, many of these firms depend on smaller third-party software and supply chain providers. A cyberattack at any juncture within this chain could result in significant consequences. This is why non-public entities are compelled to bolster their defenses too.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Major gap
As businesses ramp up their activities, significant gaps remain evident. A staggering 81% of security leaders acknowledge the impact of the new rules on their businesses. However, only 54% convey confidence in their organization’s ability to comply effectively. Surprisingly, merely 2% of security leaders have initiated the process of adhering to the new rules. Approximately 33% are still in the early stages, while a striking 68% feel overwhelmed by the new disclosure requirements.
Among the myriad challenges, determining the materiality of cybersecurity incidents stands out, with 49% of respondents highlighting its complexity. Additionally, 47% struggle with enhancing their disclosure processes, further complicating compliance efforts.
Here are several advices on how to prepare for complying with SEC cybersecurity rules:
1. Consolidate your cybersecurity risk data
With the new regulations mandating the disclosure of incidents upon discovery and comprehensive reports on cybersecurity strategy quarterly and annually, organizations must prioritize centralizing cybersecurity risk assessment and incident data. Consolidating this data into a single repository, rather than scattered across spreadsheet software or lost in email inboxes, increases the likelihood of meeting SEC deadlines and reduces the time spent gathering information from different departments and stakeholders for incident disclosure.
2. Acquire cyber risk quantification capabilities
Traditionally, organizations have used qualitative methods such as ordinal lists or red-yellow-and-green severity charts to assess the significance of cybersecurity incidents or other risk events. While the SEC recommends considering these assessments for incident materiality determination, quantifying cyber risk offers a more accurate insight into the financial impact of an incident. Understanding the quantified financial impact of cyber risks enables organizations to take necessary steps to mitigate costly risks or, ideally, prevent them altogether. This approach reduces the overall volume of disclosures required.
3. Optimize your incident management processes
It’s an opportune moment to conduct a comprehensive review of your organization’s incident management processes to ensure they are proficient in identifying, addressing, and reporting cybersecurity incidents. Streamlining and refining these processes facilitate the interception of cyber risks before they escalate into significant issues and enable swift reporting when necessary.
4. Enhance your cybersecurity and cyber risk governance
Ensuring compliance with the SEC’s new regulations involves adequately informing your board of directors about your organization’s cybersecurity risk management practices. Implementing robust reporting and communication processes is essential to regularly update leadership on cyber risk management efforts and any incidents experienced by the company. Furthermore, it’s crucial to articulate how these incidents may impact or are already affecting the organization’s strategy and finances.
5. Secure your third-party relationships
The updated regulations emphasize the importance of assessing cyber risk beyond the confines of your organization. Meeting the requirements for reporting on third-party cyber risk assessment and secure vendor selection underscores the necessity of establishing an effective third-party risk management program. Indeed, supply chain attacks aimed at smaller contractors and vendors frequently rank among the primary causes of cybersecurity incidents at larger organizations.
6. Improve a cyber risk culture within your teams
Digital transformation has significantly impacted nearly every organization, particularly in the years following the COVID-19 pandemic, which accelerated the shift of work and life online. Consequently, there has been a surge in employees connecting to organizational networks from various locations and devices, significantly expanding our cybersecurity attack surfaces. This shift underscores the critical importance of fostering a culture of cybersecurity risk awareness where cybersecurity is seen as everyone’s responsibility, not just the purview of the information security team. The more awareness of the threat posed by cyber risks that an organization can instill in its members, the stronger its overall cybersecurity posture will be, reducing the time needed to disclose incidents to the SEC.
While SEC regulations pose challenges, they also present opportunities. Following rules, can decrease the cybersecurity of the companies, enhance investor confidence, attract capital investment, and contribute to long-term business sustainability.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
With this affordable course, you can get a head start on a bulletproof career path.
Cybersecurity training for the ultimate IT job
Not everyone dreams of working at an Apple Store. As anyone with a career in tech knows, it’s hard to make progress on an IT job without earning the necessary certifications.
This cybersecurity training bundle includes a whopping eight prep courses. The classes cover all sorts of IT certifications, from pen testing to Cisco — all taught by experts like David Bombal and Total Seminars.
Here’s what this training bundle covers:
Cisco CCNA 200-301 Exam: Complete Course with Practical Labs: This course will prep you for the newest CCNA 200-301 exam — the first step toward attaining your Cisco certifications. This course also will help you keep up with the growth of the internet of things. (The course earned a 4.6 out of 5 star rating.)
CompTIA IT Fundamentals ITF+ FC0-U61: A prerequisite before moving on to more complicated exams, this course teaches you security, safety and preventative maintenance, as well as the basics of databases and programming.
CompTIA A+ Certification Core 1 (220-1001): The CompTIA A+ certification is the industry standard for establishing a career in IT. This course covers mobile devices, networking technology, hardware, network troubleshooting and virtualization, and cloud computing.
CompTIA A+ Certification Core 2 (220-1002): This credential helps you gain the trust of global employers for endpoint management and technical support roles.
CompTIA Network+ Certification N10-007: Focused on a midlevel certification that’s sure to open doors for you, this course covers troubleshooting, configuring and managing networks.
CompTIA Security+ Certification SY0-501: Gain access to 121 lectures led by the industry’s leading authority on CompTIA certifications. The coursework focuses on the latest trends and techniques in risk management, risk mitigation, threat management and intrusion detection.
CompTIA CySA+ Cybersecurity Analyst CS0-001: In just seven hours, you’ll be prepped on how to properly analyze, monitor and protect cybersecurity resources.
CompTIA PenTest+ (PT0-001): Ethical Hacking: Get ready for one of the most exciting IT careers out there. This test certifies you to recognize vulnerabilities within company systems and suggest solutions to remediate the weak points.
Save on The Ultimate Cybersecurity & IT Career Certification Pathway Training Bundle
For a limited time, you can get The Ultimate Cybersecurity & IT Career Certification Pathway Training Bundle for just $27.99 with code SECURE20. That’s a big discount off the regular price of $184. The price drop ends April 7, 2024.
Are you confident in your cybersecurity knowledge? IBM has created an interactive Cybersecurity Quiz that challenges you to test your understanding of this critical field. This tool is not just a test; it’s a learning experience that caters to everyone, from experts to beginners. As you navigate through the quiz, you’ll encounter a variety of topics that are key to mastering cybersecurity.
At the heart of cybersecurity are three main concepts: prevention, detection, and response. The quiz begins by assessing your knowledge in these areas. Prevention is about stopping cyber threats before they can do any harm. Detection involves recognizing when a security breach has occurred. Response is the action taken to mitigate the damage caused by an attack. These are the foundations of a robust IT security strategy, and grasping them is essential.
Cybersecurity how much do you know?
Imagine the panic of losing a device that holds your digital keys. The quiz walks you through scenarios like this, teaching you how to recover securely and protect your digital identity. It’s a real-world issue that highlights the need for preparedness in the digital age. The quiz also delves into the Zero Trust model, a strict approach to cybersecurity that operates on the principle of not trusting anyone and verifying everything. You’ll be tested on your understanding of this method and how it helps protect systems and data from unauthorized access.
Here are some other articles you may find of interest on the subject of cybersecurity :
Understanding Cybersecurity Fundamentals
Take the IBM Cybersecurity Quiz to evaluate your knowledge and strengthen your defenses against the evolving dangers of the online world. Keeping up-to-date with cybersecurity is the best defense you have.
Question 1: Cybersecurity involves
A. Prevention, detection, and response
B. Protection, obfuscation, and reporting
C. Encryption, encryption, and more encryption
D. Firewalls, antivirus, and hope
Explanation: Cybersecurity focuses on preventing cyber attacks, detecting threats promptly, and responding effectively to mitigate damage.
Question 2: With FIDO passkeys, if you lose your device, there is no way to recover your account.
Explanation: If you lose your device, there are several ways to recover your account, such as using a different device synced to a cloud service or undergoing the usual account recovery process.
Question 3: Zero Trust can be summarized as
A. Trust everything, verify nothing
B. Trust nothing, verify everything
C. The bare minimum
D. A paranoid delusion
Explanation: Zero Trust security model operates on the principle of not trusting any entity inside or outside the network without verification.
Question 4: Which of these should you do first if you’re founding an IT security program?
A. Define policy
B. Encrypt everything
C. Analyze risk
D. Get a good breakfast
Explanation: The first step in establishing an IT security program should be to analyze risks, as this informs the policies and measures to implement.
Question 5: What happens to the strength of a symmetric key when you make it one bit longer?
A. It doubles
B. It stays the same
C. It gets slightly stronger
D. It creates a rip in the space-time continuum
Explanation: The strength of a symmetric key doubles with each additional bit, significantly increasing the difficulty for an attacker to crack it.
Question 6: Hardening is an example of which security principle?
A. Defense in depth
B. Separation of duties
C. The principle of least privilege
D. What happens when you leave bread out too long
Explanation: Hardening a system involves applying the principle of least privilege, eliminating unnecessary access rights or services to minimize vulnerabilities.
Question 7: Absolute security
A. Is ultimately achievable
B. Requires good firewalls
C. Is worth any cost
D. Is a pipe dream
Now that you have completed the cybersecurity quiz check out the answers below to see how you fared. A critical aspect of cybersecurity is risk analysis. The quiz prompts you to identify and evaluate potential threats, which is vital for setting up effective defense strategies. Being able to prioritize risks is a key skill for enhancing your cybersecurity.
Encryption is a powerful tool, but it’s only as strong as the keys that protect it. The quiz examines your knowledge of key strength and the significance of key length in maintaining security. With cybercriminals always looking for new ways to break into systems, it’s important to know how to make encryption as tough as possible.
The quiz also covers system hardening, which involves applying the principle of least privilege to reduce a system’s vulnerability to attacks. By testing your knowledge in this area, the quiz underscores the value of this preventive measure. One of the important lessons the quiz imparts is that absolute security is unattainable. It stresses the importance of constant vigilance and the need to adapt to emerging threats. This serves as a crucial reminder that the fight for cybersecurity is ongoing.
Answers
A. Prevention, detection, and response is the correct answer. Cybersecurity is about preventing attacks, detecting threats, and responding to incidents effectively.
False is the correct answer. There are multiple ways to recover your account, including using another device or through account recovery processes.
B. Trust nothing, verify everything is the correct answer. Zero Trust is a security model that advocates for rigorous verification of every entity, inside or outside the network.
C. Analyze risk is the correct answer. Risk analysis should be the first step in establishing an IT security program, as it informs the development of policies and security measures.
A. It doubles is the correct answer. The strength of a symmetric key increases exponentially with each added bit, doubling with just one additional bit.
C. The principle of least privilege is the correct answer. Hardening a system by applying the principle of least privilege involves removing unnecessary permissions to reduce vulnerabilities.
D. Is a pipe dream is the correct answer. Absolute security is unattainable; the goal is to manage and mitigate risks to acceptable levels.
Filed Under: Guides, Top News
Latest timeswonderful Deals
Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, timeswonderful may earn an affiliate commission. Learn about our Disclosure Policy.
