Metanav

Tag Archives | ethical hacking

Cyber Security Talent Shortage: How to Solve It

Solving Cyber Security Talent ShortageA recent report from Cybersecurity Ventures and Herjavec Group predicts that there will be 3.5 million unfilled cyber security jobs by 2021. (Forrest, 2017) While cyber security job openings continue to grow, there simply aren’t enough people who have the skills to do these jobs. This puts us all at risk, as cyber criminals become increasingly sophisticated and Internet of Things (IoT) devices proliferate. The need for security professionals is fast reaching a crisis point, and it is necessary for us to consider how to solve the cyber security talent shortage.

The diversity of the cyber security workforce is one area for focus. Currently, women make up only 11% of the cyber security workforce. Blacks, Hispanics, and Asians represent less than 12% of the cyber security workforce. This number needs to increase in order to meet the growing need for cyber security professionals, and to eliminate the cyber security talent shortage. In order for this to happen, a diverse group of young people must be encouraged to pursue STEM careers from a young age. (Eide, 2017) Girl Scouts of the USA has recently released a cyber security badge, which is one way to get girls interested. IEEE and Cricket Media, Inc. have also just announced a partnership called TryEngineering Together to encourage 3rd – 5th graders in under-resourced areas to consider STEM careers in the future.

Now is also an excellent time for those that wish to enter or re-enter the workforce to consider cyber security as a career choice. In order to address the cyber security talent shortage, many people will need to consider cyber security training in order to meet the growing needs of the field. IEEE, for example, offers training in both Cyber Security and Ethical Hacking, to help people gain the foundational skills they need to enter this growing market.

Most importantly, we must remove the stigma that states that computing is a male-only field. It is critical for the well-being of our networks, our devices, and our personal information that this cyber security talent shortage be addressed…and solved…before it become insurmountable.

Click here to view Cyber Security courses from IEEE.

 

Resources

Eide, N. (Oct 2017).  How the Cybersecurity Industry Can Close the Growing Skills Gap. CIO Dive.

Forrest, C. (Oct 2017). Shark Tank’s Herjavec tells how to get one of 3.5M cybersecurity jobs that will be open by 2021TechRepublic.

Continue Reading 0

Corporate Hacking: Are You a Target?

Corporate Hacking: Are you at risk?Corporate hacking stories are a staple of the news. Whether a small business or large international corporation, if you use the internet to do business, you are susceptible to having your network hacked, customers compromised, and your reputation ruined.  How can you protect yourself from being a target of corporate hacking? Sometimes it is just about being proactive, and thinking smart.

Here are five strategies to defend against corporate hacking:

  • First, Think Passwords: Are yours strong and unique? Do you change them often? Usually, a hacker steals passwords. By regularly changing yours, you make it harder for hackers to use stolen data. If the hacker doesn’t have access to stolen passwords, they will try combinations of easily guessable alternatives.   There are ways to make cracking your passwords more difficult, including using spaces and characters in your password and increasing the length. And whenever possible, use Two-Factor Authentication, which adds another layer of security. (2017, Symantec)
  • Second, Look at web URLs:   Your information is not encrypted if you do not see an “s” after the “http.”  Encryption is necessary for any business, especially when financial transactions, credit card information, or other critical data is shared.
  • Third, Software Updates:   Keep abreast of the updates pushed out by software providers.  They are created to counter software flaws.  Updates, also known as patches, are developed and pushed to users for upload.  It is important to keep up with the updates in order to stay ahead of malicious hackers who could use the flaws to hijack your system.
  • Fourth, Encrypt, Encrypt, Encrypt:  Use road blocks to make it difficult for your corporate information to be collected and shared.  Encrypting data is key to this process. Learn more about how to encrypt files in this post from Lifehacker.
  • Fifth, Employ White Hat Hackers:   Sometime you need to have someone on the inside working to find the cracks in your armor.  Employing cyber security specialists, or training your existing employees in ethical hacking techniques, can wind up saving your company money in the long run. After all, cyber attacks can be incredibly expensive. Finding and patching the vulnerabilities yourself costs a lot less.

These are just a few of the many steps your company can take to make doing business more secure in the digital age and help build a defense against corporate hacking.   One last tip: education.  Stay ahead of trends by constantly educating your employees on best practices.

Why not learn more about cyber security and ethical hacking?

Check out the IEEE online course programs: Cyber Security for Today’s Environment and Hacking Your Company: Ethical Solutions to Defeat Cyber Attacks. These courses provide you and your employees with the foundation you need to put a sensible cyber security strategy in place for your organization.

 

Resources

Nixon, Sam. (2017, September 8). Are you an easy hacking target? Cybersecurity tips for small business. The Guardian.

Symantec. (2017). How to Choose a Secure Password. Norton Security Center.

Continue Reading 0

Tips for Cyber Security Awareness Month

Are you #CyberAware? Cyber Security Awareness MonthAre you #CyberAware? October is Cyber Security Awareness Month. It’s a great time to review the online security practices you use at home, as well as at school or at work. When we all work together to prevent cyber attack, the internet as a whole can get safer.

Individuals can protect their computers and networks by following some of these simple tips:

  • Apply patches and updates as soon as they are available. Sure, it can be annoying to continually run updates on your computer. But take a lesson from the massive WannaCry attack. It took advantage of a system vulnerability in the Windows operating system. Updating Windows prevented the attack. Yet many outdated computers were affected for lack of an upgrade. (2017, Saito)
  • Never click on links that seem suspicious. Sometimes the email may be from someone you know. But if it doesn’t feel right, it probably isn’t. When in doubt, reach out to the person who sent you the link another way to make sure the link is legitimate before clicking.
  • Practice good password hygiene. Make sure your passwords are long, use a combination of symbols and letters, and are changed frequently.

In addition to the above tips, businesses should also keep in mind the NIST Security Framework. This framework includes:

  • Identify
  • Protect
  • Detect
  • Respond
  • Recover

Learn more about the framework, and how to apply each of these steps for your business, at StaySafeOnline, powered by the National Cyber Security Alliance.

Everyone needs to do their part to prevent cyber attacks, and Cyber Security Awareness Month is a great time to start. The number one key is to educate yourself on the tricks cyber criminals use, so you can defend against these attacks.

Ready to learn more about cyber security, or even considering a cyber security or ethical hacking career? Check out the IEEE online course programs: Cyber Security for Today’s Environment and Hacking Your Company: Ethical Solutions to Defeat Cyber Attacks. These courses will give you a solid foundation in the basics of cyber security to prepare you to defend your company’s network from cyber attack.

How do you defend against cyber attack? Please share your tips in the comments below.

 

References

Saito, W. (2017, May 18). 9 Ways to Stay Safe from Cyber Attacks.  World Economic Forum.

Stay Safe Online powered by the National Cyber Security Alliance. (2017) https://staysafeonline.org/

Continue Reading 0

10 of the Largest Corporate Hacks in Recent History

Corporate hacks and cyber attacks directed at organizations large and small have increased in both frequency and severity over the past few years, affecting billions of consumer accounts and costing companies from tens to hundreds of millions of dollars. Yet while the news continues to provide a steady stream of coverage detailing large-scale corporate hacks across all industries, cyber security remains underfunded by many organizations.

The timeline below highlights 10 major organizations hit by significant data breaches over the past five years. Although by no means an exhaustive list, these attacks serve as stark reminders of the importance of preventative measures to ensure cyber security.

10 of the Largest Corporate Hacks in History Infographic

Is your organization prepared to handle a cyber attack? Are you looking for ways to strengthen your organization’s cyber security? IEEE offers both cyber security and ethical hacking training to help organizations prepare. Learn more about organization pricing and request a quote here.

Reference:

Roberts, J. & Lashinsky, A. (2017, June 22). Hacked: How Business Is Fighting Back Against the Explosion in Cybercrime. Fortune.

Continue Reading 0

Easy Ways to Improve Your Organization’s Cyber Security

Easy Ways to Improve Cyber Security from IEEEThe Internet touches almost all aspects of everyone’s daily life, according to the US Department of Homeland Security. However, with access to so much information comes an increase in cyber-attacks that can affect people and companies on a global scale. In 2016, there was a 38% increase in phishing security attacks year over year according to a report produced by PricewaterhouseCoopers. The techniques that attackers use is also evolving, with attacks that continue to affect more computers and devices than ever before. (2017 Revision Legal) Every organization wants to improve cyber security, but the prospect can sometimes seem overwhelming.

The news in 2017 has been equally daunting with reports of serious cyber breaches that effect individuals and companies. Some of the more serious instances include a recent security breach to credit-reporting agency Equifax, a Gmail phishing campaign, US IRS data breach, and the British health system shutdown that affected administering medical attention to patients all over the UK.

With such widespread attacks, how do you protect yourself? How do you protect your company?

Sometimes it is the most basic steps that will improve cyber security for your organization, and make it harder for the hackers to be successful. (2017 Wired)

  • Training
    • Stay sharp on techniques hackers are using. Training will help you identify and avoid the traps and improve cyber security.
  • Always Think Before Clicking
    • Sometimes it is as simple as trust your gut. Many times, we notice something that bothers us, but we cannot identify what it is. Always trust your instincts. If it does not feel right, do not click on the link or open that email.
  • Consider the Source
    • Have you received information from this sender before? Is the offer too good to be true? Sometimes taking a few moments to read the full email address or researching who the sender is will help you sidestep a pitfall.
  • Use Security Back-Ups
    • Take advantage of security options when available like enabling multi-factor authentication on accounts, using a password manager or other system to help in maintaining strong passwords, and backing up your data.

October is National Cyber Security Awareness Month. Why not use this as an opportunity to have your staff become more aware of their cyber surroundings and in turn protect themselves and the company as you improve cyber security throughout the organization.

Does your organization need cyber security training? IEEE offers both cyber security and ethical hacking training to help organizations prepare. Learn more about organization pricing and request a quote here.

References

(2017, Aug 11) National Cyber Security Awareness Month. US Department of Homeland Security.

Newman, L. (2017, Mar 19) Phishing Scams Even Fool Tech Nerds—Here’s How to Avoid Them. Wired.

DiGiacomo, J. (2017, Jun 21) 2017 Security Breaches: Frequency and Severity on the Rise. JD Supra.

Continue Reading 0

Ethical Hacking Infographic: A Day in the Life of an Ethical Hacker

Ethical hackers can be a valuable resource in a company’s overall cyber security program. Is ethical hacking a segment of the cyber security industry that interests you? The following ethical hacking inforgraphic from IEEE takes a look at what ethical hackers do, how ethical hackers are different from malicious hackers, and the earning potential of experienced ethical hackers.

Want to start your education in ethical hacking? Check out the IEEE Continuing Professional Education online course program called Hacking Your Company: Ethical Solutions to Defeat Cyber Attacks.

IEEE Ethical Hacking Infographic: A Day in the Life of an Ethical Hacker

Continue Reading 0

Three Ethical Hacking Myths

Three Ethical Hacking Myths from IEEE Innovation at WorkA recent report conducted by Lloyd’s of London predicts that a worldwide cyber attack could result in approximately $53 billion of economic losses, an amount similar to the costs from U.S. Superstorm Sandy in 2012 (Reuters, 2017). In light of this figure and the rise of cyber attacks over the past several months, the call to strengthen cyber security has become loud and clear. Ethical hacking, where someone acts like a malicious hacker (after obtaining permission) in order to identify vulnerabilities in a system, is one means to significantly improve an organization’s cyber security. There is a lot of misinformation, however, about ethical hacking and the people that perform these services. Here are three ethical hacking myths, and why they are incorrect:

  1. Ethical hackers are not as knowledgeable as malicious hackers. Some “white hat” (ethical) hackers actually used to be “black hat”  (malicious) hackers, so there is no difference in ability level (LANInfotech, 2017). According to Cyber Security Intelligence (2017), “Ethical hackers, like any other hacker, may also venture into the dark web to gain intelligence and learn about new exploits.” The main differences between ethical hackers and malicious hackers are their intentions, and whether or not their actions are legal and performed with permission.
  2. Performing ethical hacking once is enough. On the contrary, it is helpful to perform ethical hacking regularly. SystemExperts CEO Jonathan G. Gossels analogizes this process to an annual physical. His cyber security company “tests clients’ digital defenses on a yearly basis or if there is a change in management” (Milliken, 2017). Analysts evaluate a company’s size and type of information stored when deciding the degree of security needed, and then they search for potential risks.
  3. It is best to hire an ethical hacker from outside of the company. While there are businesses out there that specialize in contracting cyber security and ethical hacking services, you can equip your own technical professionals with ethical hacking skills by providing training or specialized certification courses (Milliken, 2017). Having people on the inside perform ethical hacking for the company might also feel less risky, though there are pros and cons to either choice.

Despite its advantages, ethical hacking has yet to gain mainstream acceptance, perhaps because of some of these ethical hacking myths. Those organizations looking to cover their bases and ensure their network is secure will benefit from implementing some form of ethical hacking, however, as it is better for an ethical hacker to find the vulnerabilities before someone else does.

Interested in providing ethical training for your organization’s technical professionals? Check out IEEE’s online training Hacking Your Company: Ethical Solutions to Defeat Cyber Attack.

References:

(2017). White hat. vs. black hat hackers and the need for ethical hacking. LANInfotech.

(2017, Jun 5). Ethical hacking can beat black hat hackers. Cyber Security Intelligence.

Barlyn, S. (2017, Jul 17). Global cyber attack could spur $53 billion in losses: Lloyd’s of London. Reuters.

Milliken, K. (2017, Jul 17). Ethical hacking: At WPI, a search for computer vulnerabilities. Telegram.

Continue Reading 0

Should you Hire an Ethical Hacker?

Should you Hire an Ethical Hacker? from IEEE

With cyber attacks on the rise, how can you ensure your organization’s digital work space is secure? More and more, companies are looking to train or hire an ethical hacker for help in finding and fixing security issues. Ethical hackers, also referred to as “white hat” hackers or bug bounty hunters, find flaws to help companies instead of exploit them (Sharma, 2016). While some major companies such as Facebook and Google offer rewards programs open to any interested ethical hackers, not everyone is sold on the idea.

So what does an ethical hacker do? With your permission, ethical hackers test your system as an unethical hacker would, and report on findings so any problems may be fixed. In order to stay updated with the latest skills, however, ethical hackers often disguise themselves in order to gain information from the underground. Knowing that they come in close contact with malicious hackers in doing so can be enough to make some uneasy about hiring an ethical hacker.

Some “grey hat” hackers fall in between the spectrum of ethical and unethical hackers, finding vulnerabilities legally or illegally and then sharing that information with other hackers as well as officials. One may seek out these hackers to learn from their findings, or even attempt to follow in their footsteps. Some companies allow their own security experts to venture into the domain of grey hacking, though they must be extremely careful to obtain information without making themselves vulnerable in the process.

Your company can take multiple routes when it comes to defending your network; hiring an ethical hacker or supporting ethical hacking from within are just a few options to consider. Ultimately, the choice you make depends on what best protects your company.

For tips on ethical hacking for your company’s technical professionals, check out IEEE’s new course: Hacking Your Company: Ethical Solutions to Defeat Cyber Attacks.

References:

Conran, B. (2014, March 1). Why not to hire an ethical hacker. Security Magazine.

Sharma, S. (2016, April 1). Bug bounty hunters and the companies that pay them. Gadgets 360.

 

Continue Reading 0

Inside the Murky World of Hackers for Hire

Ethical Hacking is a Critical Component of Network Security

Ethical hackers, those that identify the system vulnerabilities of organizations before they can be exploited by malicious hackers, perform a valuable service that is gaining increasing attention around the world. In this article from The Telegraph, learn about HackerOne, a network of self-employed ethical hackers that help organizations in the United States and the United Kingdom to secure their systems, and earn lucrative financial rewards for doing so.

Click here to read this article on The Telegraph

 

Continue Reading 0