Dear readers, as I write this, I am staring out the window, watching the snowfall on the sixteenth day of April 2021. Last Friday was near 80 degrees with blazing sun. My point: In all things, we must expect the unexpected. What I expected to see in this week’s headlines was a lot of news about breaches and hacks, but I was unexpectedly surprised to discover that there’s a lot of positive news buzzing around.

The week started with Identity Management Day, intended to educate businesses about identity management, governance and best security practices. Education and filling the pipeline seemed to be the focus for others across sectors as well. AT&T Cybersecurity’s Principal Architect, Jason Lawrence, wrote an article published by Infosecurity Magazine intended to help readers understand several different cybersecurity roles and their educational requirements. For non-traditional learning opportunities and networking, Security Boulevard recommends following these 21 cybersecurity experts on Twitter.

Dark Reading reported on the merger of Thycotic and Centrify, which will function under the temporary name of ThycoticCentrify. Chief Scientist at Awake Security Gary Golomb shared some sage advice for aspiring threat hunters in a Help Net Security post. And the CIO at Boston College High School shared a LinkedIn post letting folks know applications for this summer’s Tech.Trek are open. Sponsored by Hack.Diversity, Tech.Trek is “a 3-day virtual summit designed to immerse underrepresented technologists — currently residing OUTSIDE of MA — into the vibrant Hack.Community.”

Here’s a look at other cybersecurity stories that made headlines this week.

Apr. 16: “A cybersecurity expert who promoted claims of fraud in the 2020 election is leading the GOP-backed recount of millions of ballots in Arizona,” The Washington Post reported.

Apr. 15: A joint advisory released by NSA, CISA and the FBI warned of five publicly known vulnerabilities that the Russian Foreign Intelligence Service (SVR) is exploiting.

Apr. 15: According to AP News, the Biden Administration announced, “the U.S. is expelling 10 Russian diplomats and imposing sanctions against dozens of people and companies, holding the Kremlin accountable for interference in last year’s presidential election and the hacking of federal agencies.”

Apr. 14: Derek Tournear, Director of the Space Development Agency, said that cyberattacks and supply chain intrusions are a greater threat to satellites than the threat of missile attacks.

Apr. 14: In the aftermath of Google announcing the intent to roll out its new privacy-focused feature, Federated Learning of Cohorts (FLoC), BleepingComputer reported, “FLoC has been criticized by the Electronic Frontier Foundation (EFF) and outright rejected by makers of Vivaldi and Brave browsers for its debatable claim of being a privacy-preserving technology.”

Apr. 13: “The intelligence community made its most direct public attribution yet that Russia was behind weaving malicious code into a SolarWinds software update to facilitate a sweeping espionage operation, impacting hundreds of companies and U.S. federal agencies,” CyberScoop reported.

Apr. 13: Given the explosion of cloud-based solutions and technologies that have transformed the way organizations confront cybersecurity risk, GIAC announced its newest certification: GIAC Cloud Security Essentials.

Apr. 13: Vice.com reported, “On Tuesday the Department of Justice announced the FBI was given approval to access hundreds of computers across the United States running vulnerable versions of Microsoft Exchange Server software to remove web shells left by hackers who had earlier penetrated the systems.”