Security

Articles, advice and resources.

Internet of Things Increases Need for Security Pros

Smart Home
The sheer number of “things” to be secured in the Internet of Things is expected to create a rash of jobs in cybersecurity over the next several years. “You’re going to have to secure the device or the sensor, you need to secure the data, and you’re going to have to secure that across an open network,” Intel’s head of business marketing, Stuart Dommett, told an IoT roundtable in May. “It really is a massive, massive change.” Click here to… continue…

Is This New Cyber Forensics Certification Worth the Investment?

(ISC)²
Continued pressure on cybersecurity systems is making professionals with security and forensic experience extremely attractive to employers. Not surprisingly, related certifications are gaining more attention, including one of the newer ones: the CCFP, or Certified Cyber Forensics Professional from the (ISC)². According to (ISC)² Executive Director W. Hord Tipton, the organization saw a need for a certification that was broader than those available for professionals working in and around law enforcement, intelligence, litigation, consulting and computer security. The CCFP’s target… continue…

Cyberattacks Focus Employers on Security Certifications

Security Watch
Continuing cyberattacks like those mounted against Target, eBay and Apple are pressuring companies to emphasize security even more than they have been to date. When it comes to hiring, that’s adding to the importance of certifications in IT audit, security, governance and risk. In many cases, that importance is translating into pay premiums for professionals that hold the credentials. Click here to see security jobs. Among the certifications in greatest demand are those from ISACA, an international association that focuses… continue…

More Than 300k Servers Still Threatened by Heartbleed

Screen Shot 2014-06-23 at 10.58.43 AM
When security researchers unveiled the “Heartbleed” security bug in April, it kicked off a worldwide freak-out. For years, the online world had operated on the assumption that OpenSSL was a secure protocol, trustworthy enough for people to use it for everything from email to financial transactions; thanks to Heartbleed, however, an attacker with a moderate level of programming knowledge could exploit a loophole to grab anything from passwords to encryption keys. Click here for security jobs. Following the announcement, developers… continue…

Network Concerns Drive Hiring for Security Professionals

Mobile Security
  Demand for the skills necessary to secure networks and data continues to drive opportunities for security specialists. During April, job postings for security-related positions rose 20 percent year-on-year, according to business intelligence firm Wanted Analytics. Click here to search security jobs. More than 7,800 security-related postings were available during the month, the company said. The most commonly advertised jobs that included a need for security knowledge were cyber security analyst, software engineer, systems engineer, systems administrator and network engineer.… continue…

Banks Scramble to Find Big Data, Security Talent

Bank Vault
Banks are hot to hire IT professionals with Big Data skills, reports Bank Systems & Technology. “The big deal is Big Data. If you can harness it, you can benefit, so financial firms are funding those initiatives right now and hiring individuals with that background,” John Reed, senior executive director for Robert Half Technology, told the magazine. Especially needed are people who can help keep data secure, “as well as anyone who can assist them with their mobile banking efforts,”… continue…

What eBay Can Teach Us About Security Breaches

Breached Security
Major e-security breaches have become depressingly commonplace among major companies: When eBay announced that attackers had compromised an internal database loaded with customer passwords (still encrypted, the company insisted) and personal data, many people seemed to greet the news with a shrug. After all, this past holiday season saw Target and other major retailers hit with similar thefts. While eBay has admitted the breach, the company seems to be taking a relatively low-key approach to getting users to change their… continue…

PEA: A New Method of Encryption?

Enigma Machine
Irrespective of the algorithm used, most encryption systems take plain text and a pass phrase and then create an encrypted file. Depending on whether it’s symmetric or asymmetric, either the same pass phrase is used for decryption or another one is needed. With PEA (Programmable Encryption Algorithm), I propose an encryption scheme that takes a pass phrase and a plain text file and outputs an encrypted file and a file of decryption instructions. The two files are then separated and… continue…

IT Security Job Opportunities Growing in a Dangerous World

Security
It’s a good time to be in the IT security business. At the height of the busy holiday shopping season, tens of millions of customers had their personal information stolen when a hacker collective managed to breach Target’s Point-of-Sale systems. Nor was Target alone: Neiman Marcus, Michael’s, and other retailers have reported sizable data thefts over the past several months. Click here to find IT security jobs. That spike in attacks has employers scrambling to find IT security experts capable… continue…

Internet of Things Could Prove a Boon for Security Experts

Nest
Last week, Nest pulled its ultra-sleek Nest Protect smoke detector from the market after stumbling upon a potentially dangerous glitch in its software. “During recent laboratory testing of the Nest Protect smoke alarm, we observed a unique combination of circumstances that caused us to question whether the Nest Wave (a feature that enables you to turn off your alarm with a wave of the hand) could be unintentionally activated,” Nest CEO Tony Fadell wrote in an open letter to consumers.… continue…