As National Cybersecurity Awareness Month came to a close, Cyversity hosted its annual conference in Orlando, October 29-31. The POWER UP! event, which opened with a keynote from Clar Rosso, CEO of ISC2, also occurred only days before the release of the 2023 ISC2 Cybersecurity Workforce Study.
Changing Workforce and Threat Landscape
In her opening remarks, Rosso offered some key findings from the study, noting that while the cybersecurity workforce has grown, the talent gap has grown along with it. Though training and education efforts are helping, according to the study, “67% of respondents reported that their organization has a shortage of cybersecurity staff needed to prevent and troubleshoot security issues. And 92% report having skills gaps in their organization.”
Cyversity’s mission is to “achieve the consistent representation of women, underrepresented minorities, and all veterans in the cybersecurity industry through programs designed to diversify, educate, and empower.” One statistic that likely resonated with conference attendees the most related to the growing number of diverse professionals entering the field of cybersecurity. The study found, “there are significantly more people entering cybersecurity later in their career and that the gender and ethnic breakdowns of the new workforce have undergone a considerable shift.”
To learn more about the impact that DEI can have on security, watch this RSAC 2023 session with Cyversity’s former President, Larry Whiteside Jr. and explore other content available in our Library.
What Else Made Industry Headlines
Nov. 3: Infosecurity Magazine reported, “Threat actors have compromised sensitive health data on tens of millions of US patients so far this year, according to new figures released by the Department of Health and Human Services (HHS).
Nov. 2: A new spear-phishing campaign targeting Israel is reported to be the work of Iranian nation state actor, MuddyWater.
Nov. 2: Security Week reported, “Zscaler’s ThreatLabz research team has discovered 117 unique vulnerabilities in Microsoft 365 applications after support for SketchUp (SKP) files was added by the tech giant.”
Nov. 1: Boeing issued an alert to customers confirming that the company’s systems were compromised in a cyberattack.
Nov. 1: In the aftermath of the early September cyberattack on Caesars Entertainment, Cybersecurity Dive reported, “The casino and sports betting giant reported $3 billion in revenue for the quarter, up 3.7% compared with $2.9 billion in the year-ago period.”
Nov. 1: Two individuals alleged to have aided Ukrainian forces with cyberattacks against Russia’s critical infrastructure are being charged with high treason by the Russian Federal Security Service (FSB).
Oct. 31: Krebs on Security reported, “Researchers at Infoblox say they’ve been tracking what appears to be a three-year-old link shortening service that is catering to phishers and malware purveyors.”
Oct. 31: According to Forbes, “the Israel Defense Forces (IDF) has also employed the services of often-controversial spyware companies to assist on various intelligence efforts.”
Oct. 31: Dozens of countries joined together this week as part of the International Counter Ransomware Initiative to pledge that they will no longer pay ransom demand.
Oct. 30: Reuters reported, “The U.S. Securities and Exchange Commission on Monday sued software company SolarWinds Corp and its top information security executive, saying they defrauded investors by hiding cybersecurity weaknesses during a massive hack targeting the U.S. government.”