Well, another month down in 2021! It seems like only yesterday we were all wishing each other a Happy New Year, and here we are now, only 17 days away from RSA Conference 2021 – A Virtual Experience. What an agenda we have in store! As we put all the finishing touches on the virtual environment, I’m getting even more excited about the offerings, particularly the live, interactive sessions that will only be available the week of Conference.
I’ve also been thinking a lot about Professional & Workforce Development, in part because of a new study released earlier this week by one of our industry partners (ISC)2. According to the research, “Recruiters and hiring managers may need to adjust the tactics they use to proactively identify internal and external candidates.” This sentiment was echoed in a recent RSAC 365 podcast with Megan Sawle and David Forscey, in which Megan also discussed the results of a recent study conducted by InfoSec Institute. Their findings revealed that organizations who had aligned their cybersecurity job descriptions with the NICE Cybersecurity Workforce Framework were 57% more likely to be satisfied with their ability to fill open roles. Additionally, Security Magazine reported, “CYBER.ORG announced the kickoff of a new pilot program created to recruit a diverse body of K-12 students to pursue undergraduate cybersecurity degrees and bolster the U.S. cybersecurity workforce.” So a lot is going on to bring talent into the industry.
We also saw some big announcements from the Biden Administration this week, including news of a forthcoming executive order to help defend against cyberattacks in the aftermath of SolarWinds. Let’s take a look at more of this week’s cybersecurity headlines.
Apr. 30: Newly appointed Deputy Attorney General Lisa Monaco announced that the Justice Department will begin a 120-day review of cybersecurity challenges, looking specifically at “cybersecurity issues including digital currency, supply chain attacks such as the SolarWinds incident, which compromised nine federal agencies last year, and the ways countries such as China and Russia use cyber operations against other nations.”
Apr. 30: CIO Magazine highlighted the efforts of HP’s CISO as an example of the ways the role can evolve to become “full-fledged business partners.”
Apr. 29: EdScoop reported, “Researchers from eight Virginia universities will soon take part in $1 million worth of state-funded cybersecurity and autonomous vehicle-focused research projects through a statewide research initiative.”
Apr. 29: CyberScoop reported, “Chinese hackers with suspected ties to the People’s Liberation Army have been hacking into military and government organizations in Southeast Asia over the course of the last two years.”
Apr. 28: Two members of the Cyberspace Solarium Commission have asked that CISA receive increased funding for 2022.
Apr. 28: Threat Post reported, “Threat actors are impersonating Chase Bank in two phishing attacks that can slip past Microsoft Exchange security protections in an aim to steal credentials from victims — by spoofing real-life customer scenarios.”
Apr. 27: ZDNet reported, “Russian hackers are still launching offensive cyberattacks against the US and its allies in efforts to steal information or lay the foundations for future operations, a joint alert by security and intelligence agencies has warned.”
Apr. 26: According to Infosecurity Magazine, “A major oil drilling specialist has admitted it suffered a ransomware attack which may have led to the compromise of data belonging to current and former employees.”