Five years ago, the Council of Registered Ethical Security Testers began as an organization to bring standardization to the penetration testing industry. Today, CREST's scope is expanding across industries and global regions, says president Ian Glover.
Improved collaboration and communication between small businesses and financial institutions is the first step toward improving online security, says Mark Patterson, an ACH fraud victim. What else would help?
Security managers need the heads up from non-IT executives before they dismiss employees, some of whom might seek payback for their sacking by pilfering data or sabotaging systems, Carnegie Mellon University's Dawn Cappelli and Mike Hanley say.
Cybersecurity Coordinator Howard Schmidt recognizes the need to battle online piracy to protect U.S. intellectual property but contends legislation before Congress to do just that would unacceptably curtail Internet freedom and increase cybersecurity risks.
People with good analytical backgrounds that understand regulatory compliance are in demand. Their counterparts - defenders of IT systems - will always be in demand.
"We need the tens of thousands that can manage those defenders and then we need 100,000 that are out there learning the trade, that are passionate...
Cyberhackers are increasing their efforts to target online credentials. And phishing attacks waged against accountholders at Chase in the U.S. and Barclays in the U.K. have made it clear that banking accounts are the target.
Regulators push tougher cybersecurity measures. But the challenge for smaller organizations isn't compliance - it's budgets. Wendy Nather of 451 Research defines the 'Security Poverty Line' and what to do about it.
The information security job market is evolving into highly specialized areas, says Eugene Spafford, noted professor at Purdue University. So, how must students now prepare themselves for these new career paths?