Security Experts:

long dotted


PCI Data Security Standard (DSS) v4.0 released to address emerging threats to customer payment information. [Read More]
The three-day cyber exercise, Cyber Storm VIII, included over 2,000 partners from government and private sectors. [Read More]
The military’s involvement with information technology and information warfare dates to before the internet, so it has acquired a lot of knowledge and skills over the years. [Read More]
ENISA and CERT-EU have released guidance to help CISOs and other decision makers in public and private organizations increase their cyber resilience. [Read More]
SecurityWeek editor-at-large Ryan Naraine looks at the ‘great resignation’ currently upending the U.S. labor market and the possible ramifications for cybersecurity programs big and small. [Read More]
A long-term phishing experiment at a 56,000-employee company ends with a caution around the use of simulated phishing lures in corporate security awareness training exercises. [Read More]
SecurityWeek has announced its official lineup of virtual cybersecurity events for 2022. [Read More]
The U.S. House of Representatives this week passed two bills whose goal is to improve the cybersecurity of small businesses. [Read More]
Marshall University has launched a new academic and research institute that will support cybersecurity-related programs across the campus. [Read More]
There’s a severe shortage of cybersecurity professionals and not enough financial firepower to compete with federal counterparts, global brands and specialized cybersecurity firms. [Read More]

FEATURES, INSIGHTS // Training & Certification

rss icon

Jeff Orloff's picture
With the labor market for cybersecurity pros being extremely tight, the old ways of recruiting are rife with weaknesses and biases, while the urgency to recruit people is intense.
Marc Solomon's picture
By scoping job descriptions realistically and incorporating automation and intelligence sharing to enable analyst success and growth, there’s a lot that security leaders can do to help close the skills gap in their organizations.
Jeff Orloff's picture
When organizations adopt a broader yet more focused framework for cybersecurity staffing, they’re suddenly positioned to gain a clear competitive advantage in the labor market.
Jeff Orloff's picture
To sharpen and learn cybersecurity skills, security professionals need to ‘play’ in a safe, yet stimulating place that provides hands-on, interactive upskilling.
Marie Hattar's picture
In order to deliver on the promise of 5G, we need new industry standards for security, testing, and training to proactively combat 5G cyber threats and minimize risks.
Gordon Lawson's picture
For red teams, using an obfuscated network for testing offers the advantage of hiding who is performing the attack and where it is originating, for a more real-life context
Jeff Orloff's picture
Most organizations rely too heavily on their cybersecurity pros to protect them from threats, ignoring the painful reality that human error is by far the most common cause of security breaches.
Jeff Orloff's picture
It’s important to show the effectiveness of training initiatives. Managers want to make sure that they're getting a return on their investment and justify future training budgets requests.
Derek Manky's picture
As we see an increasing number of recent attacks against critical infrastructure – cybersecurity and physical security can be intrinsically linked.
Jeff Orloff's picture
Offering SOC staff professional development opportunities turns out to be a tool for talent retention.