Is Information Security the Right Profession for Me?

Linux Academy

Wondering if information security is the right profession for you? I’ve been working in information security for many years and have had the opportunity to fill a variety of roles. First off, there are many different jobs within information security.

Netflix Information Security: Preventing Credential Compromise in AWS

Netflix TechBlog

Today, we would like to share two additional layers of security: API enforcement and metadata protection. For more information on how the AWS services mentioned work, see the Background section at the end of this post. cloud-computing netflixsecurity security cloud-security aws

AWS 105

How Certifications Can Help You Land a Position | Hacking In to Cybersecurity

Linux Academy

Welcome to Hacking In to Cybersecurity, an all-new series dedicated to helping you, the reader, get a leg up on the competition when trying to break into the cybersecurity career field. The blogs will consist of introducing you to some techniques you can use to help to land a security position, as well as covering some concepts that anyone considering joining the career field should know about. How Hiring Managers Find the Best Candidates for a Cybersecurity Position.

Georgia bill could stifle the state’s booming cybersecurity community

The Parallax

A new bill winding its way through the Georgia state senate has cybersecurity experts on alert. As Senate Bill 315 is currently written, academics and independent security researchers alike could be subject to prosecution in Georgia alongside malicious hackers.

Why health care cybersecurity is in ‘critical condition’

The Parallax

government-sponsored Health Care Industry Cybersecurity Task Force delivered more than 100 recommendations to the Department of Homeland Security to make medical technology more resistant to hackers. READ MORE FROM ‘NO PANACEA FOR MEDICAL CYBERSECURITY’.

Triaging modern medicine’s cybersecurity issues

The Parallax

Hackers often talk about practicing good “cybersecurity hygiene” : making sure that basic standards, such as using unique passwords for each log-in, are met. ”—Jacki Monson, chief privacy and information security officer, Sutter Health. READ MORE ON MEDICAL SECURITY.

How Should CIOs Handle More Cybersecurity Regulations?

The Accidental Successful CIO

As our companies understand the importance of information technology and acquire more and more valuable information, the bad guys keep trying to find ways to break in and steal customer credit card and personal information.

How hackers are approaching medical cybersecurity

The Parallax

READ MORE ON MEDICAL CYBERSECURITY. Dr. Paul Pugsley’s medical cybersecurity crisis in the Emergency Room was part of a simulation at the CyberMed Summit 2018 to teach doctors about complications that can arise from cyberattacks against medical devices and hospitals.

Abandoned mobile apps, domain names raise information security risks

Kacy Zurkus - CSO Online

The apps can still contact custom domain names for arbitrary tasks like configuration changes, application updates or publishing information. The traffic from a mobile device that is still trying to connect to an old and expired domain exposes lots of personal information — contact data, text messages, pictures, GPS data and call logs all sitting at risk of an attack.

Microsegmentation – Secure Your Internal Network

CTOvision

The problem I have with these statements is that every network engineer I know segments their network more than just at the subnet level and their segmentation is not limited to just north-south traffic. This is something you can’t do with static network ACLs at layer 2.

Cybersecurity On Call: Balancing Connectivity and Cybersecurity with Paul Roberts

Cloudera

LockState learned a hard lesson around cyber and IoT security –as well as customer trust. To learn more about how the industry is balancing connectivity with cybersecurity, we have invited Paul Roberts to join us. Paul is the founder and Editor in Chief of The Security Ledger, an independent security news website that explores the intersection of cyber security with the Internet of Things.

Managing Your Multi-Cloud Network

Edgewise

As a network or security operations professional, it’s your job to make certain the move goes smoothly. Therefore, before making any large-scale changes, you need to establish a sound network security model that allows for a successful migration.

30 network security Twitter feeds to follow

TechTalk

Twitter is where information is updated within seconds, especially in the information technology industry. Tech Zone email security hacking infosec malware network security network security Twitter feeds patch management

Cybersecurity on Call: Nation-State Cyber Operations with Patrick Tucker

Cloudera

If you enjoyed this podcast, click here to hear other cybersecurity industry influencers on their take on the latest trends. Like us on SoundCloud and follow us so you’re always up on current events in the world of cybersecurity. The post Cybersecurity on Call: Nation-State Cyber Operations with Patrick Tucker appeared first on Cloudera Blog.

Cybersecurity On Call: Goodbye 2017, Hello 2018! Top Five Tips from 2017

Cloudera

This was an amazing year for our inaugural “Cybersecurity On Call” season. It was truly an honor hosting amazing guests as we explored the world of cybersecurity. From industry thought leaders, to New York Times best sellers, to hackers, I learned a ton about the future of cybersecurity and I hope you did as well. Cybersecurity in Government with Dr. Ron Ross. Information Warfare with Bill Gertz. Securing the Fourth Platform with Peter Tran.

Istio Security: Zero-Trust Networking

Aqua Security

This is the second in our series of blog posts on Istio, and will focus on Istio’s security features: what they are, how they work and how they help protect your workloads and your data. service mesh Kubernetes Security

Cybersecurity On Call: Information War with Bill Gertz

Cloudera

With countless articles discussing the recent Equifax hack where thousands of social security numbers were compromised to organizations like Facebook, Google, and Twitter coming forward with Russian accounts that were buying ads to influence US elections. Bill has joined us to discuss his most recent book on how nation-states are using the digital front to begin information wars. He is an award-winning national security journalist and the senior editor at The Washington Free Beacon.

Network Security with Cloudera Altus and Apache Spot

Cloudera Engineering

In the last few years, IT security threats to enterprise systems have increased, which has necessitated installing log ingestion and analysis solutions in any enterprise network. The post Network Security with Cloudera Altus and Apache Spot appeared first on Cloudera Engineering Blog.

Israel’s cybersecurity industry is a unicorn. Here’s why

The Parallax

Fewer attendees, perhaps, expected him to reference the Hollywood action movies of Jean-Claude van Damme, who happened to be sitting in the front row for the highest-profile speech of Israel’s largest cybersecurity conference. Cybersecurity is a true blood sport,” Netanyahu quipped.

How Microsegmentation Differs from Network Segmentation

Edgewise

Microsegmentation as both a term and a network security concept has been in the playbooks for years. Its main purpose is to reduce the network attack surface by limiting east-west communication through the application of granular security controls at the workload level.

Abandoned mobile apps, domain names raise information security risks

Kacy Zurkus - CSO Online

The apps can still contact custom domain names for arbitrary tasks like configuration changes, application updates or publishing information. The traffic from a mobile device that is still trying to connect to an old and expired domain exposes lots of personal information — contact data, text messages, pictures, GPS data and call logs all sitting at risk of an attack.

Intent-based Networking and Threat Mitigation

Apstra

In my previous blog I discussed Intent-Based Networking and security and how the adoption of Intent-Based Networking allows users to greatly enhance the security posture of their network. Intent-Based Networking Solutions. Data Center Security.

Leadership in Cybersecurity

N2Growth Blog

Defining the position of the lead security person in an enterprise can be a challenging and sometimes confusing task. There are various job titles such as; Chief Security Officer (CSO), Chief Risk Officer, Chief Information Security Officer (CISO), V.P.,

Kubernetes user? Drop everything and patch NOW

TechBeacon

The Kubernetes project has disclosed a super-critical security bug that’s in every supported version (and probably loads of unsupported ones, too).

.Net 82

Making Complex Cloud Networking Manageable

Megaport

How Network as a Service removes the complexity of cloud networking. For IT teams, this leads to major headaches when it comes to things like optimising performance, maintaining security, and ensuring seamless interoperability between the systems their business depends on.

Kubernetes Networking 101

Kentik

Understanding the network footprint of applications and services is now essential for delivering fast and reliable services in cloud-native environments. For container cluster networking, there is the Docker model and the Kubernetes model. L2 networks and Linux bridging.

The Quest for Absolute Security

Edgewise

As security professionals, we tend to look at security as black or white: Either a system, network, data, application, etc. is secure or it’s not. An attacker was found on our network so we’ve “failed.”. network security cybersecurity

Three Steps to Gain East-West Visibility on Your Network

Edgewise

The threat landscape is expanding with each new piece of data, new application, and new user on your network. network security Network Visibility

Rethinking Security in Cloud Networking

Arista

Every CXO worries about security because the perimeter is changing; in fact, there are no walls for protection. The lines between cloud, workloads, applications, enterprise networks and hosts are blurring and the challenges are getting exponentially greater.

Security Innovation Network SINET 16 Application Process Now Open

CTOvision

We have previously written about the Security Innovation Network ( SINET ) and the yearly SINET Showcase. Established security firms should track SINET to learn of emerging capabilities to partner with. By Bob Gourley.

Cybersecurity Awareness Training: Threats and Best Practices

SecureWorks

There’s an epidemic of cybersecurity threats; no one’s data is safe. Cybersecurity awareness training is essential knowledge that enterprises can’t afford to overlook. Category: Risk Management There’s an epidemic of cyber security threats; no one’s data is safe.

Corelight: Powerful network visibility solution for security professionals

CTOvision

Company CTO Cyber Threat Intelligence Network Traffic and Analysis Security Companies CorelightCorelight was founded by the creators of the open-source Bro project.

Skyhigh Networks: CASB Security

CTOvision

Skyhigh is a leader in CASB, and are known for their focus on making cloud services safe for the enterprise while meeting security, compliance and government requirements. CASB Security CompaniesSkyhigh is now part of McAfee. Smart move there McAfee!

HTTP/3 Replaces TCP with UDP to Boost Network Speed, Reliability

The New Stack

Getting the performance and security benefits of HTTP/2 for sites and services meant making architectural changes because it upended principles like sharding that had been used to improve web site performance; that may be why only around 35 percent of websites currently use HTTP/2.

Join Women in Cybersecurity This Week in Dallas

CTOvision

Women in Cybersecurity (WiCyS) is hosting its third annual Women in Cybersecurity event on March 31 through April 2 at the Hyatt Regency DFW International Airport. WiCyS continues to innovatively expand its mission to bring together women in cybersecurity from academia, research and industry. Any individual or organization interested in supporting recruiting and retention efforts for women in cybersecurity is encouraged to participate. Find more information here.

The Security Innovation Network Showcase: 3-4 Dec in DC

CTOvision

We have been long-term supporters of the Security Innovation Network (SINET) and believe this group plays an important role in being a catalyst for innovation around enterprise cyber security. This event helps highlight emerging technologies with potential dramatic positive impact on enterprise missions and also helps advance the exchange of ideas around mission needs and concepts of operation on enterprise cyber security. 7 hours Networking and Networking Reception.

Dell EMC and the 5G Network Transformation

Armughan Ahmad - Dell EMC

Data Center Opinions Cloud Networking

Mueller’s indictment of election hackers a cybersecurity ‘wake-up call’

The Parallax

As Dave Aitel, former NSA cybersecurity analyst and the current chief security technical officer of cybersecurity company Cyxtera tells The Parallax, the details of the indictment indicate the high level of confidence the Justice Department has in its charges. Regardless of U.S.

Prepare for The Cyber Threat : What Executives Need to Know to Manage Risk

CTOvision

Cybersecurity is one of the most high-profile topics for organizations today and one of their biggest sources of risk. Available data suggest that 84% of corporations have malware on their networks. Compliance: Do we understand the difference between compliance and security?

CN-NOS: A Cloud Native Network Operating System

The New Stack

What if network operations were as agile as DevOps and could use CI/CD methods as easily? Adam Casella and Glenn Sullivan , former network engineers for the Apple data centers that drive iCloud, iTunes and other customer-facing applications, have taken on that challenge.