Cybersecurity Center Article Archive
The Cybersecurity Center at Purdue Global has compiled a list of cyber defense articles. Read on to learn more about current trends and challenges in the cybersecurity industry.
Ransomware Gangs Have Leaked the Stolen Data of 2,100 Companies So Far
May 8, 2021
As ransomware has evolved from its simpler roots in 2013 to the use of leaking unencrypted data today, 34 gangs have now leaked the data for more than 2,100 organizations.
DHS Kicks Off Workforce Sprint with Push to Hire 200 Cyber Pros
May 6, 2021
The Department of Homeland Security has announced a concentrated hiring initiative to, focusing on a variety of topics, with the hopes of hiring 200 cyber personnel by July 1.
The Cybersecurity Conversation Is Changing
April 29, 2021
Protecting data isn’t just a matter of thinking defensively and countering tactics as cyberattacks happen. Cybersecurity personnel must also become detectives, finding the trail hackers used to get in and sharing information to prevent other companies from facing the same fate.
Why Executive-Focused Security Awareness Training Is Important
March 18, 2021
Many data breaches are financially motivated, and senior executives make attractive targets—they have incredible access and authority, and they are not always tech savvy. Executives must learn to resist social engineering to protect their companies.
Opportunity to Reskill Federal Workforce for AI Jobs ‘Underutilized,’ Panel Warns Congress
March 12, 2021
The National Security Commission on Artificial Intelligence has released a report warning that the Defense Department and intelligence community needs to recruit more talent to stay on top of technology developments.
IT Supply Chain Threats: Who is Responsible for Securing Our Technology?
March 9, 2021
Attention to cybersecurity has increased in the wake of December’s SolarWinds Orion cyberattack. When one link in the supply chain is vulnerable, who is responsible for protecting against breaches?
Cybersecurity in 2021: Stopping the Madness
March 8, 2021
Software hacks have dominated news headlines and it seems like everything is at risk. However, cybersecurity professionals are learning as well, and solutions are possible.
Three Reasons The Security Industry Is Protecting The Wrong Thing
March 2, 2021
The security industry focuses on network security to the neglect of addressing data breaches, which is often a flawed approach to protection. Companies must consider different solutions and avoid the tried-and-true in order to preserve their data.
Why Do Chief Security Officers Leave Jobs So Often?
February 28, 2021
Chief information security officers seem to not stay in their jobs very long—the average tenure is just over two years. The dangerous nature of their work can make them easy scapegoats, but other reasons can account for the short durations.
Tech Together: How AI, Blockchain, Drones, and IoT Can Safeguard the Supply Chain
February 25, 2021
A 2019 E. coli outbreak provided an outline for how to recognize red flags in a supply chain and demonstrate how emerging technologies can work to safeguard food and prevent a problem from becoming a disaster.
Why Was SolarWinds So Vulnerable to a Hack?
February 23, 2021
The 2020 hack of SolarWinds granted access to the computer networks of many of their customers (including U.S. government agencies) for months, creating major problems for U.S. national security. Part of the blame rests with SolarWinds’ parent company cost-cutting, leading to underspending and outsourcing on vital security functions.
Compliance, Privacy, Security in a Work From Home (WFH) Environment, Oh My!
February 22, 2021
Working from home is becoming more widespread, and presents new challenges with regulation, privacy, and security. Figuring out the risks of each home environment and each remote-work device is important to assess how best to enable effective security measures.
Most Executives Expect to Spend More on Cybersecurity Risk Management
February 17, 2021
A recent poll of IT executives found that the majority of them are satisfied with how their organization is dealing with cybersecurity risk, though they anticipate budget increases soon. Further, execs in larger companies report being more content with their risk management.
Supply Chain Threats and the Cybersecurity Solution
February 1, 2021
An entire supply chain can be disrupted by a malware or ransomware attack at a weak link. Simple solutions like an incident management plan or having backups can mitigate the damage, though they are often overlooked.
9 Top Jobs in IT That Are Currently Booming With Opportunities
February 1, 2021
IT professionals are seeing a booming market, with jobs expected to increase through 2028. Positions like DevOps engineers, software engineers, and information systems security managers are among the jobs that require advanced understanding and vast experience, but expect growth in years to come.
Top Cyber Attacks of 2020
January 27, 2021
The COVID-19 pandemic and related economic uncertainty brought with it new kinds of cyberattacks in 2020, taking advantage of people’s fears or use of online meeting apps. Even the coronavirus response and the U.S. federal government were subject to attacks.
9 Lessons We Learned From Cybersecurity Experts in 2020
January 12, 2021
Hackers are sharing information among themselves that can exploit vulnerabilities small- and medium-sized businesses vulnerable, and it’s up to cybersecurity personnel to similarly coordinate and recognize what they can do to protect their charges.
Six Hot Data Privacy Certifications for 2021
January 4, 2021
Privacy and data protection credentials can be highly useful and demonstrate knowledge to companies searching for trained professionals to help them safeguard valuable customer information.
Right Strategy, Wrong Century
January 1, 2021
Commonplace use of computers has blended national and economic security, and attacks that decades ago would have been tanks and missiles has been replaced by cyberwarfare. National defense is no longer simply the U.S. military, but must also prioritize cyberdefense as we find ourselves in a different kind of arms race.
More Cybersecurity Articles
-
2020 Cybersecurity Articles
Cybersecurity Professionals—“In the Arena”
December 30, 2020
Cybersecurity is not just using safeguards to defend our systems; it also requires leadership and accountability from the top of the organizational chain, particularly as corporate cybersecurity groups face staff shortages and limited resources.
Rethinking Our View of System Security
December 27, 2020
Cyberdefense often relies on “cyber-hygiene” activities, but don’t always address security issues with the totality of the system of hardware, firmware, and software. As our systems grow more complex, we must rethink and broaden our understanding of what a system is to better understand how to defend them.
SolarWinds Orion Hack … A Cybersecurity Wake-Up Call
December 22, 2020
The SolarWinds Orion hack seems to be an act of Russian aggression against the United States, but the response has been very quiet. This attack is an opportunity for the United States to decide what acceptable cyber-espionage is versus what is cyber-warfare meant to disrupt peace.
The Adversaries Live in the Cracks
December 18, 2020
Cybercriminals can seem to have the constant advantage because they use systems security engineering—obtaining thorough information about the systems they’re targeting, finding out how components interact and direct information, and exploiting weaknesses in individual components, remaining under the radar for long periods of time. Defenders must use this same mindset from the beginning to successfully prevent attacks.
Cybersecurity Experts Hail New IoT Law
December 14, 2020
The Internet of Things Cybersecurity Improvement Act, signed in the last days of the Trump presidency, codified increased security protection for the vast array of items and household appliances that have become internet-connected in recent years.
From Weaponized AI to Threats Against the Vaccine Rollout, Here Are 6 Cybersecurity Trends to Watch in 2021
December 14, 2020
Among other concerns, health care organizations might be unprepared to face the biggest cybersecurity threats targeting the vaccine rollout and hospital operations, necessitating new attention to shoring up their defenses.
The Mysterious Disappearance of Systems Security Engineering
December 14, 2020
Recent cybersecurity group reports have neglected to include systems security engineering—the concepts and processes that form the foundation for secure systems. Even great security protocols can fail if the systems using them are flawed.
Acronis Predicts 2021 Will Be the “Year of Extortion”
December 12, 2020
The newest Cyberthreats Report from Acronis suggests that in addition to continuing to use ransomware, cybercriminals will recognize extortion as the solid money maker in 2021, targeting managed service providers and remote workers by exfiltrating proprietary data, intellectual property, and more.
For Work to Be Unbound, Security Must Be as Well
December 8, 2020
An increase in permanent remote work demonstrates the need to make cybersecurity the top priority for IT. As the workforce becomes more flexible, protection needs to similarly become more agile to safeguard employees where they are.
Securing Work-From-Home Devices
December 7, 2020
Pandemic lockdown measures created a challenge for organizations that had not planned to accommodate working from home. Even those who already allowed employees to stay home, however, have faced new challenges regarding their cybersecurity and online resources.
The Widening Security Holes in Our ‘Datasphere’
November 24, 2020
Cybercrime makes up an enormous section of the international economy, and represents the greatest transfer of economic wealth in history. The costs are only expected to grow over the next several years.
Artificial Intelligence Could Be Used to Hack Connected Cars, Drones Warn Security Experts
November 20, 2020
Autonomous vehicles and drones could be vulnerable to exploits using emerging technologies such as machine learning and artificial intelligence, which could have an impact in the physical world. A report by the United Nations, Europol, and cybersecurity company Trend Micro highlights the potential cybersecurity dangers.
Turning Smart Vacuums Into Microphones
November 20, 2020
A team of researchers converted a smart vacuum cleaner’s laser-based navigational component into a microphone to record nearby conversations. The attack was complicated and needed several preconditions, making it unlikely though possible to be used in the future.
The Building Blocks of Cybersecurity: A Particular Set of Skills
November 16, 2020
Cybersecurity skills are built on a foundation that can be found in entry-level IT jobs like technical support specialist or help desk technician. These positions can help provide training in endpoint security, data security, and network security, creating room to grow and learn more advanced skills.
5 Cybersecurity Jobs You Could Get With CompTIA Security+
November 9, 2020
Cybersecurity threats are constantly evolving and must be addressed by resilient IT professionals and strong infrastructure. Systems administration and other IT jobs are now so critical to helping identify and mitigate cyberattacks.
The 8 Most Common Cybersecurity Weaknesses to Watch for in Small Businesses
October 29, 2020
Small businesses are disproportionately targeted by hackers, and many business owners are not aware of their weaknesses vulnerabilities. Building good working relationships with business owners to help them recognize their vulnerabilities is key for cybersecurity professionals.
Report: U.S. Cyber Command Behind Trickbot Tricks
October 20, 2020
The Trickbot botnet, a malware network that had infected millions of computers, came under attack from multiple angles in October. A new report stated that the Trickbot disruption was caused by U.S. Cyber Command, and suggested this was to prevent interference during the recent presidential election.
E-commerce and Data Breaching: The Next Cyberthreat
October 20, 2020
With COVID-19 significantly shifting retail, e-commerce is expected to reach $4.5 trillion by 2021. This increased dependency on the Internet highlights companies’ vulnerability to cyberattack and the leak of customer data.
Building the Human Firewall
October 20, 2020
Protecting employees working remotely during COVID-19 requires more than the right technology; workers must be trained to be careful about guarding their data. Negligence through clicking on malicious links or forgetting procedures is a major cause of insider incidents.
What Did COVID-19 Teach Us About Cybersecurity? Plenty, Experts Say
October 14, 2020
The chaos of COVID-19 and rapid change to remote work environments provided opportunities for cyber criminals, using social engineering to acquire corporate information and exploiting vulnerabilities in companies still adjusting to new technological demands.
4 Pieces of a Zero Trust Approach to Cybersecurity
October 8, 2020
The zero trust approach for cybersecurity works from the premise that everything must be verified and nothing should be trusted. This framework creates a new mindset around security and provides a proper context to tackle modern cybersecurity issues.
Cybercriminals Have Shifted Their Attack Strategies. Are You Prepared?
October 2, 2020
Criminals have adjusted their techniques in order to better target employees working from home, requiring security teams to update their protocols against these new forms of attack.
How Security Programs Are Changing After COVID-19: Maximizing Resiliency
September 30, 2020
COVID-19 has changed security priorities, and as such, security teams are refocusing their work and budget accordingly. This pandemic has provided an opportunity to see what our most important objectives really are, and given us new questions to answer.
4 Shifts Taking Place in the IT Framework
September 17, 2020
The frames of the four pillars of IT—infrastructure, development, security, and data—help define the processes and skills that drive digital organizations. These pillars have evolved over the past years, in part because of the pandemic, preparing for the next decade of technology.
How an Epic Series of Tech Errors Hobbled Miami’s Schools
September 16, 2020
The first day of school for Miami-Dade County’s public schools, the fourth-largest district in the nation, saw a cyberattack that crippled their servers and exposed the weaknesses of their virtual program. The event illustrates how school districts must exercise caution in choosing their education software.
5 Ways for Cybersecurity Teams to Work Smarter, Not Harder
September 3, 2020
Cybersecurity professionals can face burnout from the stress of their jobs and lack of resources. Understanding cybersecurity’s role in business strategy and managing complex expectations are among the ways organizations can help take pressure off their IT team.
We Need Better Classification of Threat Intelligence
September 2, 2020
The term “threat intelligence” has broadened from its original usage, largely relating to malware, to refer to an expanding list of threats. This is creating confusion such that customers can be unsure of what their vendors can do.
No, A Massive Cyber-Attack Didn’t Take Down the Internet Yesterday: Here’s What Happened
August 31, 2020
Fears mounted on August 30 that a disruption in many large internet services was the result of a cyber-attack. The reality was more mundane—the cause was an IP outage attributed to Fortune 500 telecommunication company CenturyLink.
The Massive Shift to Cyber Crime
August 31, 2020
The COVID-19 pandemic has sent many people home, creating new opportunities for cyber criminals, and even if some statistics remain uncertain, it’s still good to remain alert for scams and cybercrime.
Cybersecurity Competitions: Why You Should Participate and How to Get Started
August 21, 2020
Cybersecurity competitions can provide students of all skill levels with practical challenges that can help them hone their abilities. The individual feedback can help participants understand their individual strengths and stand out when pursuing job opportunities.
Even Amidst Pandemic, Security Operations Remains a Realm of Negative Unemployment
August 14, 2020
Open cybersecurity positions are suspected to outnumber the qualified applicants to fill them. Given this, companies must work to attract and retain the best and brightest.
Six Steps to Start Readying for Quantum
August 10, 2020
Though still in development, the processing power of quantum computers presents a potential threat to encryption and authentication techniques. Organizations must take proactive measures to preemptively protect their data and systems from the advanced devices soon to come.
CISM vs. CISSP: Where to Start
August 5, 2020
Pursuing an information security career often means becoming either a Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM). Each certification has a particular focus that is essential to understand for you to plan your career path.
The Realities of Ransomware: Five Signs You’re About to Be Attacked
August 4, 2020
Ransomware attacks don’t come out of nowhere; they’re often preceded by anomalies that can appear innocuous but actually indicate prep work by a malicious actor. Learning these indicators can prevent these red flags from turning into future catastrophes.
Zoom Bug Meant Attackers Could Brute Force Their Way Into Password-Protected Meetings
July 30, 2020
Zoom has taken action after a security flaw was found that allowed hackers to quickly break into private, password-protected video calls. The problem centered on meetings’ six-digit numeric passcodes, for which computers would have no problem brute-forcing the correct combination.
8 Cybersecurity Themes to Expect at Black Hat USA 2020
July 23, 2020
Black Hat USA 2020 is still going on virtually during the COVID-19 pandemic, and organizers plan to deliver their traditional content. Topics to receive major attention this year include remote work, the cloud, and the presidential election.
Q&A: How Systemic Racism Weakens Cybersecurity
July 22, 2020
Camille Stewart, Google’s head of security policy for Google Play and Android, is an attorney and national security and foreign policy expert; she recently spoke about how systemic racism undermines security, users, and organizations, and how security professionals can build a more representative workforce.
Is Your Chip Card Secure? Much Depends on Where You Bank
July 20, 2020
Credit and debit cards have been integrating chips to prevent skimming devices from stealing data when users swipe their card. Recent malware attacks on U.S.-based merchants, however, indicate that hackers are discovering workarounds to sidestep these security features.
CyberSeek™ Data Confirms the Ever-Present Need to Expand Cybersecurity Talent Pipeline
July 15, 2020
Cybersecurity professions were in high demand, as U.S. employers advertised more than 500,000 job openings from June 2019 to May 2020. Data compiled by CyberSeek, a cybernetics workforce analytics source, demonstrates the necessity of remote work during the COVID-19 pandemic.
How Attackers Confuse Investigators With Cyber False Flag Attacks
July 7, 2020
The “what” isn’t the only important part of a cyberattack—“who” and “why” are just as necessary to ascertain. False flag attacks can create doubt and confusion for investigators, but understanding hackers’ techniques can help them figure out the truth.
In an Increasingly Complex World, AI Is the Only Way Forward
July 1, 2020
As the technology world expands, artificial intelligence must expand even faster to keep up. The complexity that the future requires will require equally rigorous AI-driven security systems for protection.
UCSF Pays Cybercriminals $1.14 Million to Recover Files After Ransomware Attack
June 29, 2020
In June 2020, the University of California San Francisco partially contained a ransomware attack that affected some servers within the School of Medicine. The UCSF later admitted that it paid about $1.14 million to the perpetrators to recover data that had been compromised during the attack.
Hackers Target Online Stores With Web Skimmer Hidden in Image Metadata
June 26, 2020
An image file was the carrier for a hidden web skimmer used by a cybercriminal group to carry malicious code and steal data from compromised ecommerce websites. Image files have previously been used to hide skimmers, though it is unusual for them to also exfiltrate stolen data.
Using AI in Cyber Security
June 23, 2020
Artificial intelligence is expected to have a large impact in battling cybersecurity threats, strengthening password protections, detecting new cyber-attacks and phishing attempts, and automating security processes.
The Future of Ransomware Is in the Cloud
June 19, 2020
As cloud services have become more important for successful businesses, particularly in light of the coronavirus pandemic, cybercriminals have followed in search of new opportunities, and it’s only a matter of time before ransomware evolves and grows to target cloud data.
Creativity and Diversity Needed to Close the Cybersecurity Skills Gap
June 19, 2020
The Fortinet Survey Report released in early 2020 documents a worldwide gap in cybersecurity skills. The report illustrates the enormous impact of this shortage and gathers thoughts from executives and security personnel.
How to Calculate the Cost of a Cyberattack
June 18, 2020
Even a smaller cyberattack can be devastating for a company, affecting reputation and business opportunities beyond the financial loss. Hidden costs that are not always obvious include inefficiencies, unexpected downtime, and IT failure.
4 Ways to Be More Strategic With IT
June 17, 2020
The pandemic has caused many companies to change over to remote work and alter business operations, a full-time job for IT professionals. This seismic shift has revealed several lessons that companies can learn from this, as well as what can be done to alleviate future concerns.
10 Emerging Technologies Making an Impact in 2020
June 10, 2020
Artificial intelligence, blockchain, and quantum computing are among several technologies expected to have a lot of potential for business impact in the near future.
2020 Emerging Technology Top 10 List
June 3, 2020
A variety of technologies with both short- and long-term potential are positioned to have enormous impact in 2020, including artificial intelligence, serverless computing, and 5G.
Five Best Practices for Managing Your Business through a Crisis or Disaster
May 31, 2020
In an unexpected crisis, IT solution providers need to know where to focus their efforts. Careful handling of customers, employees, and other business concerns can be crucial when encountering both immediate needs and more long-term concerns.
Google Sees Surge in State-Backed Hacking
May 28, 2020
State-backed cyberattacks in April, predominantly hacking and phishing attempts claiming to be the World Health Organization, led Google to send warnings to more than 1,700 user accounts.
How to Learn Tech Skills: 5 Things to Practice at Home
May 20, 2020
IT work doesn’t necessarily mean college courses or formal training; practicing at home can provide you with valuable experience. Setting up a home lab with equipment you already own (or can purchase inexpensively) can help you dip your feet into new technical skills.
As Coronavirus Crisis Worsens, Hacking Is Increasing, Security Experts Say
March 19, 2020
The coronavirus is providing a convenient cover for hackers looking to exploit people’s fears and infect their devices. Internet users must use extra caution about following links or downloading software that references COVID-19.
Bluetooth Bugs Allow Impersonation Attacks on Legions of Devices
May 19, 2020
Academic researchers have discovered many unpatched security bugs in Bluetooth Classic that enable attackers to spoof paired devices, on everything from phones to laptops to Internet of Things gadgets, allowing hackers to acquire sensitive data.
CISOs Can’t Find the Right People
May 15, 2020
A recent international study of security leaders found that the top barrier to cybersecurity strategy execution is skills shortage, with many respondents saying they struggle to source cybersecurity talent. Other major difficulties included budget, board level buy-in, and technology.
A Guide to Pandemic Scams, and What Not to Fall For
May 13, 2020
The uncertainty surrounding the coronavirus pandemic has created many opportunities for hackers and fraudsters. Vulnerabilities include stimulus checks, unemployment benefits, and personal tech devices.
A National Security Research Agenda for Cybersecurity and Artificial Intelligence—Center for Security and Emerging Technology Issue Brief
May 1, 2020
Machine learning can be easy to overlook as a matter of national security, but an artificial intelligence research agenda should consider its different components and possibilities, in conjunction with already-specified technical questions about cybersecurity and computer vulnerabilities.
The Art of Non-Verbal Communication in a Video Conferencing World
April 27, 2020
Much of our communication comes in non-verbal forms such as gestures and body language. Although it can be tricky as video conferencing becomes more popular, becoming familiar and fluent in all forms of communication can improve business interactions.
Hackers Hijack Routers to Spread Malware Via Coronavirus Apps
March 26, 2020
Cybercriminals are redirecting routers to lure victims to attacker-controlled sites promoting fake coronavirus information apps that use the Oski malware to steal information. The number of victims has grown in recent weeks, demonstrating hackers’ creativity in leveraging the coronavirus pandemic.
As Coronavirus Crisis Worsens, Hacking Is Increasing, Security Experts Say
March 19, 2020
The coronavirus is providing a convenient cover for hackers looking to exploit people’s fears and infect their devices. Internet users must use extra caution about following links or downloading software that references COVID-19.
AI, IoT, Blockchain, and Drones: The Many Use Cases of Emerging Tech
March 17, 2020
At the virtual CompTIA Communities and Councils Forum, held March 17, four experts from CompTIA’s Industry Advisory Councils discussed emerging technology use cases during the session, "How Emerging Technologies are Delivering Business Outcomes." James Stanger, chief technology officer at CompTIA, moderated the expert panel that included Lloyd Danzig, chairman and founder, ICED(AI); Deborah Kestin-Schildkraut, IBM blockchain and global alliances ecosystem marketing leader, IBM; Ted Parisot, co-founder, Helios Visons; and Jill Klein, IoT practice lead, Sirius Computer Solutions.
Cybercriminals Raking in $1.5 Trillion Every Year
March 12, 2019
Research from Atlas VPN found that criminals' net proceeds outpace the revenue made by tech giants each year. Cybercriminals are now making more than billion-dollar corporations according to a new study from Atlas VPN. Researchers from the company found that cyberattacks are helping criminals in total to make more than $1.5 trillion in revenue each year, which is the three times the $514 billion Walmart makes annually.
Focus on Data Drives Changes for Computer Networking
January 29, 2020
In a business environment dominated by discussions on emerging technology, it can be easy to forget that IT systems have many different components. It can also be easy to forget that the components outside of the spotlight are actually the ones that support the shiny new solutions. Infrastructure such as servers, cybersecurity and first-line IT support continue to be critical areas for any business trying to accelerate their technology strategy.
Is Your Business Ready for IoT, AI, and 5G?
January 28, 2020
Change is a way of life for solution providers. Or should be. Something new is always on the horizon, and the horizon keeps getting closer. These days change looms in the form of three emerging technologies—internet of things (IoT), artificial intelligence (AI) and 5G connectivity.
Fake Amazon Representatives Involved in England’s Phone Scam
January 27, 2020
Scammers recently cheated more than 200 people in England by posing as Amazon representatives over the phone and offering them a variety of free services. Victims were convinced to download harmful software onto their computers and post their bank account information.
What Is Smishing, and How Do You Protect Yourself?
January 24, 2020
Beware of scam text messages the same way you would for phishing emails. “Smishing” messages hope to trick you into clicking on a link and sharing sensitive information or downloading potentially harmful software.
Fake Smart Factory Honeypot Highlights New Attack Threats
January 24, 2020
A fake website designed to lure cybercriminals (also known as a honeypot) observed several threats to industrial control systems over its several months of operation. The fake website included all the online workings of a factory, complete with website, and made intentional security mistakes to mimic a business with limited IT staff.
Privacy Takes a Hit, as Storage Bucket Leaks Cannabis Dispensary POS Data
January 23, 2020
Point-of-sale information from several cannabis dispensaries was discovered to have leaked from an exposed Amazon Web Services storage bucket. Scanned government and employee photo IDs and dispensary visitor and patient signatures were among the exposed content.
Getting Into Cybersecurity: Why It’s Great to Start at the Help Desk
January 22, 2020
A common misconception is that cybersecurity is an entry-level job. While that can be true to a certain extent, when it comes to working on a first-level support team, landing a cybersecurity job comes down to how mature the company’s processes and procedures are.
The Merging of IT and OT and Utilizing Digital Twin Technology
January 22, 2020
In an interview, consultant Ryan Morris posits that conversations about the Internet of Things must also incorporate operational technology (OT), such as how building infrastructure and machinery can be integrated with information technology (IT) to explore new market opportunities.
South Carolina Water Supplier Targeted in “International Cyberattack”
January 22, 2020
Greenville Water, a water supplier to about a half-million residents in South Carolina, suffered what it called “an international cyberattack” in early 2020. The attack knocked out online and pay-by-phone systems, but did not affect water delivery.
Phishing Campaign Leads to UPS Store Data Breach
January 22, 2020
The UPS Store disclosed in early 2020 that several store locations’ email accounts were accessed by an unauthorized party using a phishing scheme. No evidence of misuse of information has been found yet, and the UPS Store claimed that only a “small percentage” of stores were affected.
From AI to Workforce: 10 Initiatives We're Excited About in 2020
January 7, 2020
CompTIA has a lot coming down the pipe in the business of technology for 2020, including new advisory councils discussing goals and emerging technologies, a broad workforce community, and international expansion.
-
2019 Cybersecurity Articles
What Small Business Owners Should Know About Cybersecurity
December 19, 2019
Small businesses aren’t too small to avoid cyberthreats, but they often have fewer resources available to protect them. Fortunately, owners can take measures to reduce their vulnerabilities and prepare for the day when they might get hacked.
California’s New Data Protection Law: 3 Reasons You Need to Pay Attention
December 5, 2019
The California Consumer Privacy Act (CCPA) went into effect at the start of 2020, with enforcement beginning later in the year. Managed services providers and other businesses handling personal consumer information can face serious consequences without a plan for data protection.
Ransomware, Phishing, and Botnets
November 12, 2019
Cyberattacks have increased 17% over the past year, and Webroot has released a list of the nastiest malware, drawing attention to many threats—ransomware, phishing, botnets, and cryptomining—that organizations must take action to reduce.
4 New Degree Programs in Cutting-Edge Tech
November 11, 2019
More universities are launching degree programs for new, innovative technologies that seemed unreal not that long ago. Augmented reality and digital mapping are just a few of the new tech-oriented options becoming available at a variety of universities.
Is Blockchain the Right Fit? Decision-Based Infographic Provides Guidance, Insight
November 5, 2019
A handy decision tree infographic can help unlock the answers to businesses and service providers’ questions about whether and how they should implement blockchain technology.
Overheard in October: Cybersecurity Specialists, Curating a Living Resume, the Value of Membership, & More
November 1, 2019
During Cybersecurity Awareness Month in October, CompTIA recorded podcasts on a variety of topics still relevant months later, including a discussion of managed service providers, truths, and myths of the tech skills gap, and the possibilities of cyber range for modern tech applications.
MSPs Are Under Attack From Cybercriminals; Here’s How They’re Protecting Themselves
October 24, 2019
State and local governments, health care providers, and businesses have increasingly become targets for ransomware attacks, particularly through vulnerable managed service providers. Effective solutions need time and investment to properly protect customer data.
Many Companies Are Failing to Secure Their Data in the Cloud
October 8, 2019
A new report from Thales and the Ponemon Institute claims that only 31% of organizations believe they need to keep data stored in the cloud safe, despite the fact that cloud use among businesses continues to increase.
The Future of Cyber Security Is AI
October 4, 2019
Machine learning and artificial intelligence (AI) are the future of computer, network, and data security. In the future, smart tools could handle event monitoring and incident response and recognize patterns to identify and block potential threats.
Majority of Businesses Have Suffered a Data Breach
October 1, 2019
According to a global report from Bitdefender, 60% of businesses have experienced a data breach since 2016 and 58% of infosec professionals fear their employers aren’t prepared to deal with a global cyberattack.
On Chinese "Spy Trains"
September 26, 2019
Modern trains have built in computers, making purchasing subways cars from China a potential national security risk. But in practice, it wouldn’t make much sense for China to outfit its subways cars with enough surveillance apparatus to be a threat.
Will Robots Be Allowed to Kill?
September 23, 2019
As humans create autonomous robots for military and defense use, discussion turns to whether they should be allowed to kill. A particular concern is whether robot intelligence can safely tell friend from foe, particularly in regard to not targeting civilians.
A Feminist Take on Information Privacy
September 20, 2019
Much like an unhealthy relationship, smartphones can isolate users, betray them by leaking data and secrets, and make it nearly impossible to end the attachment.
Security Awareness Training: Why You Need a Corporate Acceptable Use Policy
September 20, 2019
A corporate acceptable use policy dictates which devices can or cannot access the company’s network. Having one can protect your data against malware attacks from innocuous-seeming sources.
Attackers Use Single Sign-On in Phishing Pages Used to Steal Credentials
September 20, 2019
Fake Single-Sign On (SSO) sites, which duplicate popular sign-in pages, have become a new tool for hackers to harvest passwords. Because SSO uses one set of credentials to log into multiple applications, it enables hackers to easily access a variety of accounts.
IoT Devices Send User Data to Third-Parties Including Netflix, Microsoft, and Google
September 20, 2019
A recent study found that a majority of Internet of Things (IoT) devices expose data to third parties such as Netflix, Spotify, and Google. This data includes location data and IP addresses that can be exposed by online eavesdroppers.
Human Participation Lies Behind 99% of Cyber Attacks
September 17, 2019
An investigation shows that an overwhelming majority of cyber-crime relies on the targeted victim to open a file or click on a link. Phishing attacks remain a cornerstone of hacking because they are effective and growing even more sophisticated.
Security Awareness Training: What Does a Phishing Email Look Like?
September 6, 2019
Cybersecurity awareness training doesn’t just mean good password practices. In addition to defending against phishing attacks, we must also learn how to resist social engineering.
Cybersecurity Training and Jobs
September 6, 2019
Cybersecurity professionals are in high demand to fight data breaches and ransomware attacks, and information technology knowledge and a knack for problem solving can be your key to joining this in-demand field.
Treat Cybersecurity for What It Is—Part of Business, Not IT
September 5, 2019
Information security is becoming more recognized as a matter of business, not just IT, though new challenges arise as not all companies give it the same priority.
Gamification Can Transform Company Cybersecurity Culture
September 2, 2019
Gamifying your company’s cybersecurity practices can apply your employees’ desire for learning and recognition toward more actively protecting their data, as well as increasing IT’s awareness of weaknesses and training needs.
Twitter CEO’s Account Hacked in SIM-Swapping Scheme
September 2, 2019
Twitter CEO Jack Dorsey’s account was recently hacked through SIM-swapping, which impersonated his credentials and subverted two-factor identification.
Data Breaches Expected to Cost $5 Trillion by 2024
August 29, 2019
A recently published report says that by 2024, the annual cost of worldwide data breaches will exceed $5 trillion, reflecting higher fines for data breaches and greater damages for increasingly internet-reliant companies.
Defense Takeaways From Three Adversary Playbooks
August 28, 2019
In addition to keeping out hackers, cybersecurity can increasingly involve preventing bad actors from achieving their goals. Hacking groups can execute a variety of functions with phishing attacks creating problems from inside the system.
Emerging Technology Adoption Is Here: Are You Ready for It?
August 27, 2019
As new technologies create new business possibilities, more companies are working to integrate them into their operations. The keys are finding the right system for the right solution, figuring out how to correctly integrate it, and ascertaining the return on investment.
Home Working Can Often Be a Security Threat
August 20, 2019
Most small business owners allow their employees to work remotely, but a survey shows that one-fifth of owners have not offered cybersecurity training. This can create an enormous security risk as employees log in to unsecured public networks.
The Global Cyber Skills and Training Shortage
August 19, 2019
As cybercrime ramps up, more than 50% of businesses have reported a shortage of necessary cyber-skills, and the next decade is expected to see a shortage of workers with necessary cybersecurity skills.
Cybersecurity Firm Imperva Discloses Breach
August 19, 2019
In August 2019, internet firewall service company Imperva alerted its customers to a data breach that had exposed some of its customers’ email addresses, API keys, passwords, and SSI certificates.
How Government Entities Can Combat Cyber Threats
August 6, 2019
Since 2018, there have been 99 government and military data breaches in the U.S. alone. These breaches can shut down city services, online payment processing, and more. How should government agencies defend themselves from cyberattacks and ransomware?
Cybersecurity Leaders Face Challenges With Cyber Transformation
August 6, 2019
Deloitte’s The Future of Cyber 2019 report found that cybersecurity teams are faced with finite budgets and resources, hindering their ability to provide the necessary level of cyber security measures and management to protect an organization’s infrastructure.
End-User Training: Passwords Are a Pain—But They Are Critical to IT Security
August 5, 2019
Password protection is an absolutely necessary security component for everyone—even reticent executives. Everybody needs to use strong passwords so that all employees are creating minimal risk.
Organizations at Risk for Data Breaches: System Vulnerabilities Increase by 92 Percent
August 1, 2019
According to the State of The Crowdsourced Security in 2019 study, a 92% increase in total vulnerabilities was reported over the prior year. The average payout per vulnerability increased by 83%, with payouts for critical vulnerabilities increasing 27% over the previous year.
Why Cybersecurity Is a Great Field for Women
July 1, 2019
In addition to technical skills, soft skills such as adaptability, analytical thinking, attention to detail, and more are critical to stopping hackers and securing networks—and many of those are skills that women can bring to the table.
This Malware Created by a 14-Yr-Old Is Bricking Thousands Of Devices
June 26, 2019
Silex, a malware developed by a 14-year-old known as Light Leafon, is poised to brick thousands of IoT devices. Silex was inspired by the infamous BrickerBot malware, which bricked millions of IoT devices in 2017.
Cyber Criminals Have Created an Invisible Internet
June 25, 2019
Research suggests that online criminals are creating an invisible internet by turning to gated forums and encrypted apps to conduct cyber-crime deals on the dark net.
DDoS Attacks Up by 84% in Q1
June 20, 2019
According to Kaspersky Lab, DDoS attacks are on the rise after falling throughout 2018, suggesting that cyber-criminals are shifting attack methods after a prolonged period of focusing on other sources of income, such as cryptomining.
How Companies Are Tackling a Lack of Cybersecurity Experts
June 14, 2019
As cybercrime grows more sophisticated, organized, and effective, many experts believe it could trigger significant losses in the very near future. Some organizations are proactively working to raise awareness and provide specialized training to attract people to the profession.
Computers and Video Surveillance
June 14, 2019
Unlike the days when video storage was expensive and video feeds difficult to monitor, today’s video surveillance is more affordable and enhanced with features such as AI, analytics, and face recognition.
Five Reasons to Learn Cyber Security
June 13, 2019
From influencing major elections to attacking business of all sizes—including Adobe, Sony, and Facebook—the steadily increasing threat of cyber-attacks should not be underestimated.
Career Opportunities in Cybersecurity
June 10, 2019
The fast development of the Internet of Things (IoT) and smart devices throughout homes have made cybersecurity a household term, and governments are starting to create robust cybersecurity strategies to combat threats.
12 Million Quest Diagnostic Patients Exposed in Third Party Breach
June 7, 2019
American Medical Collection Agency (AMCA), a third-party vendor for Quest Diagnostics, reported that unauthorized users breached its internal systems, potentially affecting around 11.9 million Quest patients.
Why Should I Get a Cybersecurity Certification?
May 28, 2019
As an IT professional, cybersecurity is always part of the job, influencing how IT implements and maintains applications and systems to make everything more secure. Certifications can also help IT experts grow professionally and reach their career goals.
How to Spot a Scam: 14 Red Flags to Watch for
May 23, 2019
Many scammers use an emotional pull, or stressor event, to convince victims to deposit phony checks whose funds are ultimately reclaimed by the bank. To help employees identify and avoid these scams, companies should implement security awareness training.
Key Takeaways From the 2019 Verizon DBIR
May 22, 2019
The annual Verizon Data Breach Investigations Report is an extensive research report built from the analysis of 41,686 security incidents and 2,013 confirmed data breaches. The events are drawn from 73 public and private entity data sources spanning 86 countries worldwide.
Ransomware Cyberattacks Knock Baltimore's City Services Offline
May 21, 2019
After anonymous hackers breached the city of Baltimore's servers, the city’s digital resources were locked away, including access to government email, payments to city departments, and the ability to process real estate transactions.
IoT Connected Devices Need Better Cybersecurity
May 20, 2019
A compression technique known as quantization is making deep learning models smaller, reducing computation and energy costs, and smoothing the way for internet-connected devices to run more AI software to speed up image- and speech-processing tasks. But compressed AI models are vulnerable to attack; a new study may offer a solution.
How to Become a Cybersecurity Pro: A Cheat Sheet
May 16, 2019
If you are interested in pursuing a career in cybersecurity and don't know where to start, here's your go-to guide to salaries, job markets, skills, and common interview questions in the field. As cybercriminals grow more sophisticated and news of major breaches reach headlines nearly daily, cybersecurity professionals are in high demand: There are currently nearly 3 million unfilled cybersecurity jobs worldwide, ISC(2) found.
The Role of Governments in Ensuring Global Security in the Cyber Age: Cyber-crimes, Cyberterrorism and Cryptocurrencies
May 19, 2019
While The Cyber Age has led to numerous advantages including increased access to information and instant communication, these benefits are heavily offset by the growth of the criminal and terrorist organizations that took full advantage of it.
Cybersecurity and IoT Suffering From the Skills Shortage
May 17, 2019
According to new research from Experis, the cybersecurity skills shortage is affecting Internet of Things (IoT) development. As IoT emerges as an asset that needs to secured, employers are thinking differently about their business and workforce strategies.
300+ Terrifying Cybercrime and Cybersecurity Statistics & Trends [2019 EDITION]
May 13, 2019
This article contains the latest cybersecurity stats from trusted sources, highlighting the extent and implications of online criminal activity.
AI and the Future of Warfare
May 8, 2019
The U.S. War College recently discussed how artificial intelligence (AI) could change military command structures and what happens if AI creates a war strategy that’s beyond the human mind’s comprehension.
The Insane Demand for Cybersecurity Workers
April 30, 2019
Demand for qualified cybersecurity workers is high. In fact, there will be approximately 3.5 million unfilled cybersecurity jobs across the globe by 2021.
Best IT Certifications for 2019
April 29, 2019
Whether you work for a large corporation, a small business, the government, or a health care organization, validating your skills and knowledge through IT certifications is the best way to advance your IT career.
The Spycraft Revolution: Espionage Technology
April 27, 2019
As espionage faces technological, political, legal, and social change, those who break the old rules and create new ones will come out on top. Paradoxically, the trade will also need to shed much of the secrecy that has cloaked espionage since its inception.
The Admissibility of Blockchain as Digital Evidence
April 23, 2019
Organizations are using blockchain technology to create a diverse range of applications, including secure decentralized databases for digital transactions, supply chain management, cybersecurity, and more. Given the emerging uses of blockchain technology, how it is treated in litigation and other business disputes is increasing in importance.
Ethical Hacker Guilty of Malware Attacks
April 23, 2019
Cybersecurity researcher Marcus Hutchins was instrumental in stopping ransomware from encrypting the databases of government agencies and networks in over 150 countries. But while still a minor, Hutchins developed and distributed malware that played a role in attacks on U.S. banking systems.
America Remains Vulnerable to Cyber Attack
April 16, 2019
To protect U.S. critical infrastructure, former CIA director Leon Panetta and former Republican Senator James Talent recommend separating business IT systems from systems that control infrastructure and allowing private-sector or academic cybersecurity experts to work for federal agencies.
Deep Learning & Cybersecurity
April 25, 2019
As current network security measures fail to keep up with new cybersecurity threats, IT is turning to deep learning and other types of artificial intelligence (AI). As dep learning becomes more accessible to organizations, it supports innovation and the execution of complex business processes.
Newly Discovered RobinHood Ransomware Variant Drops Four Ransom Notes at Once After Encryption
April 15, 2019
The RobinHood ransomware targets computers within an entire network, encrypting files until the victim pays the ransom amount. Once the ransom is paid, the attackers delete the encryption keys and IP addresses to protect the victim’s privacy.
New Phishing Scam “The Nasty List” Targets Instagram Users’ Login Credentials
April 15, 2019
A phishing scam called “The Nasty List” targets Instagram users to gain access to their accounts. Once accounts are compromised, the scammers will send messages to followers of the hacked accounts to further promote the scam.
Big Companies Thought Insurance Covered a Cyberattack. They May Be Wrong.
April 15, 2019
Companies can face hundreds of millions of dollars in damages from a cyberattack blamed on a foreign government, but a common clause in insurance contracts, the “war exclusion,” protects insurers from having to reimburse costs related to damage from cyber war.
National Teams Engage in NATO’s Annual Cyber Challenge
April 15, 2019
NATO’s annual cyber challenge Locked Shields enables participants to enhance their skills and train as national cyber rapid reaction teams in a realistic large-scale cyber incident. More than 1,200 international cyber security experts took part in the 2019 challenge.
Your Next Move: Data Scientist
April 15, 2019
Part of an IT Career News series called Your Next Move, this article outlines the role of the data scientist, the steps to become one, and the career outlook for the profession.
What’s the State of Blockchain in Cyber Security? 7 Experts Share Their Insights.
April 12, 2019
While blockchain-powered anti-virus software doesn’t exist yet, commercially viable blockchain systems are in development. However, blockchain adoption in cybersecurity isn’t happening quickly due to scalability, energy consumption, and investment in existing systems.
IoT, GDPR and More Cybersecurity Trends in 2019
April 12, 2019
TÜV Rheinland released its Cybersecurity Trends 2019, a report that contains eight important developments in cybersecurity.
Is Assange’s Arrest a Threat to the Free Press?
April 11, 2019
Many people, including those who did not support Julian Assange’s actions, were alarmed by the idea that Assange could be punished for his role in exposing American government secrets. Those concerned with civil liberties believe elements of his indictment could set a dangerous precedent.
Critical Infrastructure Is Under Worldwide Attack
April 10, 2019
Cyberattacks on critical infrastructure have increased significantly recently, and these attacks negatively impact crucial networks around the globe. Learn about seven key findings and recommendations for improving network security.
Linux and Cybersecurity: Your Linux Skills Can Help Protect the World’s Data
April 10, 2019
Learn about some of the new and emerging groundbreaking opportunities for using Linux in IT and cybersecurity.
How Cybersecurity Analysts Can Stand Out to Potential Employers
April 8, 2019
Despite the demand for qualified cybersecurity applicants, it’s difficult for hiring managers to fill cybersecurity analyst roles. IT professionals need to know what hiring managers look for in security analysts and how best to highlight their skills when searching for cybersecurity positions.
Cyber Security Pros Are Feeling the Pressure
March 6, 2019
A survey shows the impact that stress has on cybersecurity personnel, with many saying they work more than 40 hours a week or feel unable to disconnect from their work.
Four Ways That Fake-News Sites Trick People
March 5, 2019
Fake-news websites have been appearing with increasing frequency and produce a constant stream of falsehoods that quickly spread across social media. They use several methods to trick readers into believing and spreading stories that can seem real.
AI Driven Cybersecurity Gives Companies a Fighting-Chance
February 28, 2019
Artificial intelligence has the potential to become a strong line of defense against cyber threats, provided it has been constructed with sharp risk assessment and incident response in mind.
Personal Cyber Insurance Market Could Be Worth $3B by 2025
February 26, 2019
The global market for personal cyber insurance is expected to grow rapidly over the next several years. These policies are specifically designed to cover any loss or liability in the event of a cyber attack.
Lack Of Tech Expertise at Board Level Puts Strategy at Risk
February 25, 2019
A recent poll suggests that boards lack the expertise to fully understand the challenges and opportunities that data and technology present to their organizations. Technology is now emerging more quickly than ever, and governance professionals can find themselves quickly falling behind.
The US Pentagon Is Speeding-Up Its Cloud Strategy
February 22, 2019
The Defense Department has released its military cloud strategy, which plans to emphasize defense against cyber attacks and the safety of its soldiers.
Will Blockchain Change the World?
February 22, 2019
Blockchain, an electronic distributed database of recorded transactions, has enormous potential in a variety of industries and has attracted a lot of positive attention, though any revolution is still in its infancy.
Meeting the Cyber Talent Challenge Head-On
February 14, 2019
As data breaches and cyber criminal threats become more common, human resources professionals must help organizations acquire the best talent by identifying the right roles and demonstrating corporate dedication to cybersecurity.
White Hat Female Hacker Lead the Way
February 13, 2019
Sherri Davidoff, CEO of LMG Security, leads an all-female management team of “white hat” hackers who use hacking to test companies for cybersecurity flaws.
The Top 5 Malware Attack Types
February 12, 2019
Malware can infect a computer system in a variety of ways, and as the number of cyber attacks increases, so also does the number of different malware types of which to beware.
Is Cybersecurity More Important Than Cost, Schedule or Performance?
February 1, 2019
As government defense systems face an increased need for cybersecurity, acquisition policy also has room to improve. While price, schedule, and performance are normally the “three pillars of acquisition,” security incidents can necessitate prioritizing the best solutions.
The State of the SOC: the Digital Divide
January 30, 2019
Global security operations center professionals are part of the first line of defense against cyber threats but can be estranged from chief information security officers by stress and business needs. Bridging the gap between security and IT operations is critical to protect against cyber threats.
CompTIA Advanced Security Practitioner (CASP+): Validating Cybersecurity Skills for Government and Corporate Teams
January 28, 2019
The CompTIA Advanced Security Practitioner (CASP+) certification used by cybersecurity personnel for the U.S. Navy can also provide advanced utility in the corporate sector. CASP+ can benefit both job seekers looking to demonstrate their cybersecurity skills and corporations searching for the right hire.
Nations Will Spar Over AI
January 25, 2018
Artificial Intelligence (AI) is growing and expected to reach $15.7 trillion by 2030, and its fast growth means not only individual companies, but also countries, are working on strategies to claim the biggest possible piece.
The US Pentagon Has Numerous Security Gaps
January 23, 2019
A recent U.S. Defense Department report indicates that the Pentagon must address a large number of cybersecurity vulnerabilities, many of them related to proper governance.