Tag Archives: workforce

‘This isn’t IAD 2.0’: NSA’s new Cybersecurity Directorate plots its mission

Posted on by

The National Security Agency has started to lay the groundwork and select the leadership for its new Cybersecurity Directorate, which will be focused on fusing together signals intelligence with the agency’s cybersecurity protection mission, CyberScoop has learned. Neal Ziring, who most recently served as the NSA’s technical director for capabilities, will be the Cybersecurity Directorate’s technical director, an NSA spokesperson tells CyberScoop. Dave Frederick, the NSA’s chief of strategic counter cyber operations, will be the new deputy director, an NSA spokesperson said. In his most recent role, Ziring was responsible for acting as a liaison to both private industry and other government agencies. Ziring previously served as the technical director of the agency’s defensive operations directorate, the Information Assurance Directorate (IAD). Frederick was responsible for coordinating defensive and offensive cyber missions. NSA Director Gen. Paul Nakasone announced the new Cybersecurity Directorate earlier this week. It will be run by Anne […]

The post ‘This isn’t IAD 2.0’: NSA’s new Cybersecurity Directorate plots its mission appeared first on CyberScoop.

Continue reading ‘This isn’t IAD 2.0’: NSA’s new Cybersecurity Directorate plots its mission

U.S. Cyber Command simulated a seaport cyberattack to test digital readiness

Posted on by

When U.S. Cyber Command simulated a cyberattack against a seaport last month, military personnel hunted for adversaries who appeared to be using malware against a critical trade hub in an updated version of its annual exercises. The annual weeklong test, known as “Cyber Flag,” is meant to help cyber staffers better defend against critical infrastructure cyberattacks, military commanders involved in the exercise told reporters in a briefing Tuesday. By imitating a cyberattack that blocked the seaport’s ability to move cargo, potentially affecting inernational trade, military leaders tested their readiness for a real-world attack, and looked for ways to improve their response. The simulation also included officials from throughout the U.S. government and from allied partners to emphasize stronger coordination. “Cyber Flag is the command’s annual tactical exercise series that features teams working on keyboard against a live opposing force,” said Rear Adm. John Mauger, Cyber Command’s director of exercises and training. “The environment is really […]

The post U.S. Cyber Command simulated a seaport cyberattack to test digital readiness appeared first on CyberScoop.

Continue reading U.S. Cyber Command simulated a seaport cyberattack to test digital readiness

Trump’s Pentagon pick ‘confident’ in 2020 election security

Posted on by

Defense secretary nominee Mark Esper told the Senate Armed Services Committee on Tuesday that although there is still work to be done, he is confident in the security of the 2020 presidential elections. “We are more and more confident that the 2020 elections will be unfettered,” Esper said. “But we always will have a lot of work to do because people will always want to influence our elections.” The 2020 elections remain a target of state and non-state cyber actors, a senior intelligence official told reporters last month in a briefing. Esper, who has been serving as secretary of the U.S. Army since 2017, highlighted U.S. Cyber Command’s capabilities while discussing election security. Efforts made in the buildup to the 2018 midterm elections left the U.S. with an improved posture than years prior, he said. Some of the command’s efforts to defend the midterm elections in 2018 included deploying soldiers to […]

The post Trump’s Pentagon pick ‘confident’ in 2020 election security appeared first on CyberScoop.

Continue reading Trump’s Pentagon pick ‘confident’ in 2020 election security

How identifying bogus checks at M&T Bank is a lot like hunting cybercriminals

Posted on by

It turns out the crimes of yesteryear are being thwarted with some of the same tools that stop today’s criminal activity. Until recently, the process of detecting check fraud at M&T Bank involved a team of 15 employees who manually looked through physical checks or scanned documents, trying to trace how scammers had attempted to fleece the financial institution. For M&T, it could take up to 900 man-hours to investigate a check-fraud campaign, according to chief information security officer David Stender. “In the typical old-school check fraud world you’d look at hundreds and hundreds of checks until you found the one that was fake,” he says. “People still rob banks. Even if it doesn’t yield much money anymore, they still do it. And people still write bad checks.” High-profile financial crimes these days typically include some breakdown in cybersecurity, like business email compromise, ATM jackpotting attacks, or fraudulent money transfers made possible by advanced malware. […]

The post How identifying bogus checks at M&T Bank is a lot like hunting cybercriminals appeared first on CyberScoop.

Continue reading How identifying bogus checks at M&T Bank is a lot like hunting cybercriminals

Trump emphasizes federal cybersecurity workforce, education programs in new executive order

Posted on by

The White House is rolling out an executive order that is intended to bolster the nation’s cybersecurity workforce, senior administration officials told reporters on a call Thursday. The officials detailed a document that includes provisions geared toward the federal government’s employees, as well as education and career development initiatives for the U.S. workforce in general. The goal is to build a “superior cybersecurity workforce,” one official said. The White House wants to create a President’s Cybersecurity Cup competition that “will identify, challenge, and reward the government’s best personnel supporting cybersecurity and cyber excellence,” the officials said. Other elements include allowing cybersecurity employees to rotate among agencies, and using new cybersecurity aptitude tests as part of efforts to reskill federal workers. The employee-rotation idea already has bipartisan support on Capitol Hill, with Senate passage earlier this week of a bill that would put it into action. The Trump administration has embraced reskilling for awhile, too: A program to […]

The post Trump emphasizes federal cybersecurity workforce, education programs in new executive order appeared first on CyberScoop.

Continue reading Trump emphasizes federal cybersecurity workforce, education programs in new executive order

Corporate giants want to help students, feds and themselves by offering cyber pros $75,000 in loan assistance

Posted on by

It’s just like the old saying: When you can’t hire them, offer to pay their student loan debt. Microsoft, Mastercard and Workday announced this week they’ve teamed with 11 federal government agencies as part of a Cyber Talent Initiative meant to fill hundreds of thousands of open cybersecurity jobs. Graduating college students can apply for a two-year placement in a security role at the FBI, CIA or another agency. At the end of that two years they’ll be eligible for a position at one of those three companies, which will pay up to $75,000 of their student loan debt as part of their deal. The Cyber Talent Initiative appears to be unique in the way it offers student loan assistance, but it’s hardly the only corporate effort meant to enhance an enterprise’s security posture. Mastercard and Microsoft also are involved with the Cyber Readiness Institute, a program in which Fortune […]

The post Corporate giants want to help students, feds and themselves by offering cyber pros $75,000 in loan assistance appeared first on CyberScoop.

Continue reading Corporate giants want to help students, feds and themselves by offering cyber pros $75,000 in loan assistance

Here’s the latest evidence that security burnout is very real

Posted on by

As businesses scramble to avoid data breaches and reconsider where the chief information security officer fits into the corporate structure, the uncertainty is having a measurable effect on the mental health of the people who protect the networks. The pressure is real, according to a survey published Thursday by Osterman Research and the domain name vendor Nominet. Thirty-two percent of security practitioners say they believe they would either lose their job or receive an official warning in the event of a data breach. Ninety-one percent reported moderate or high stress, with a quarter saying the job has affected their mental or physical health. Burnout is so common among security professionals that some executives are considering ways to ease the pressure on their teams. Chris Betz, the chief security officer at telecommunications company CenturyLink, told CyberScoop this week he tries to avoid contacting staffers after they’ve left the office. If Betz notices a task that […]

The post Here’s the latest evidence that security burnout is very real appeared first on CyberScoop.

Continue reading Here’s the latest evidence that security burnout is very real

System restore: How stressed security bosses unwind from the daily grind

Posted on by

Nothing will take your mind off work like reading about humanity’s possible extinction. Just ask Jim Motes. As the chief information security officer for video game retailer GameStop, Motes spends most of his daylight hours thinking about new security training techniques, which emerging technologies offer the best return on investment and how to automate as many tasks as possible. When it’s time to decompress after a long day, though, Motes chills out by reading books like “Our Final Invention.” The nonfiction book by James Barrat examines quantum computing, artificial intelligence and the possible implications for mankind should the singularity become a reality. “The assessment is that if a quantum computer becomes sentient, it would take about 30 days before it decided it didn’t need humans anymore,” Motes said. “It’s interesting, but maybe I’m weird.” Not weird at all. Cybersecurity professionals are saddled with stress, thanks to a desperate shortage of […]

The post System restore: How stressed security bosses unwind from the daily grind appeared first on CyberScoop.

Continue reading System restore: How stressed security bosses unwind from the daily grind

Want to work in cybersecurity for the government? Curb your enthusiasm.

Posted on by

Recruiting people to work in the federal government, especially in cybersecurity, has been a challenge for as long as the term “cybersecurity” has existed. It’s why the government created vehicles like the CyberCorps: Scholarship for Service. If you are a college student who would like to devote your skills to the government, the United States will cut you a check — probably in the five-figure range — to study up on whatever tech-based track you’d like. In return, you’re obligated to work for Uncle Sam for the length of the scholarship issued, up to four years. In an ideal setting, this arrangement seems fair. Yet, clearly, when it comes to the government, these are not ideal times. The government shutdown has exacerbated this already fraught issue, with essential cybersecurity personnel at agencies like the Department of Homeland Security and National Institute of Standards and Technology either legally unable to continue […]

The post Want to work in cybersecurity for the government? Curb your enthusiasm. appeared first on CyberScoop.

Continue reading Want to work in cybersecurity for the government? Curb your enthusiasm.

RSA Conference: No more all-male panels

Posted on by

One of the biggest annual cybersecurity trade shows, the RSA Conference (RSAC), says it will no longer allow all-male panels on its keynote stages and is taking several other steps to improve diversity and inclusion at its events. Tuesday’s announcement comes as surveys and studies continue to show that women are vastly underrepresented not only in cybersecurity jobs but also the technology industry in general — a fact only amplified by the prevalence of “manels” at big conferences such as RSA, which holds events in the U.S. and globally throughout the year. The initiatives also include programs intended to improve the environment for conference attendees and reduce bias and exclusion throughout the industry in general for “all genders, orientations, physical abilities, religions, ethnicities and experiences, in every aspect of our events around the globe,” said Sandra Toms, vice president and curator of RSAC. The decision on all-male panels is part of a broader initiative to […]

The post RSA Conference: No more all-male panels appeared first on Cyberscoop.

Continue reading RSA Conference: No more all-male panels