Not too long ago, there was a one-size-fits-all assumption about cybersecurity jobs. The security professional was hired to manage security systems and read logs — maybe handle audits and ensure industry compliance. Now, the job landscape for cybersecurity professionals is becoming more specialized, and even those specialized areas break down into even more

We’ve probably all seen that “perception versus fact” meme where there’s an assortment of pictures with captions like “what my family thinks I do,” “what my boss thinks I do,” “what I think I do” and “what I actually do.” People’s understanding of what cybersecurity professionals d

The global average cost of a data breach is now $3.92 million — a 12 percent increase since 2014. Fortunately, the average cybersecurity budget is also increasing alongside breach cleanup costs. How to prioritize your budget is never a simple question. However, there’s a lot of insight to be gleaned from industry studies on how chief information secur

Business environments are forcing organizations to rapidly evolve. Security and risk leaders are realizing that a modern security strategy requires dramatic changes to program governance, technology and execution. Yet many organizations managing their own security program can’t keep pace and lack the specialized skills and competencies needed to cost-e

Stress comes with the territory for chief information security officers (CISOs). As noted by Medium, the job is unpredictable, with “long periods of preparing, watching, waiting, punctuated by periods of high stress and occasional bruising.” As both vendors and cyberthreats proliferate, finding a balance between an effective cybersecurity strateg

A security awareness program is a critical part of any security strategy. It is not enough to simply hold everyone in the organization accountable. Chief information security officers (CISOs) must first train employees to practice proactive, conscientious security behaviors by convincing them that security affects them directly, not just the business. Buildi

National Cyber Security Awareness Month (NCSAM) highlights important security issues to help governments, businesses and individuals improve their online hygiene. One critical area to consider is the growing shortage of qualified security professionals, which is projected to reach 6 million unfilled positions across the globe by 2019. There are plenty of opp

Of all the weird quirks I had as a kid, I never expected that my fascination with untying knots in the yarn from the arts and crafts box in fourth grade would benefit me in my job today. I recently did an interview for Business Radio X about one of IBM Security’s initiatives to raise awareness about careers in cybersecurity among middle school girls. T

Are you security-aware? A lot more people today are answering yes than in previous years. Perhaps it’s because of their organizations’ own security awareness efforts, or maybe it’s due to the influx of news stories about ransomware, credit card hacks, data breaches and identity theft. If people are more aware of cybersecurity concerns, does

Today organizations are struggling with the best way to protect against attacks that are targeting the endpoint. Too often, the security strategy has been to put the onus on the individual employee. Research has shown, over and over again, that training and user restrictions are both tedious and expensive, and have a very low success rate. This is because c

National Cybersecurity Awareness Month (NCSAM) is a great time to enhance employees’ security knowledge and skills. IT professionals should use it as an opportunity to improve their security training methods, review the tools they use, and test their cybersecurity plans and processes. Eight Lessons From Week Three of NCSAM During week one and week two

In case you haven’t noticed the flood of dedicated content here on SecurityIntelligence, not to mention Twitter, we are currently in the midst of National Cyber Security Awareness Month (NCSAM). The overarching theme of this year’s campaign is “Securing the Internet Is Our Shared Responsibility,” which is a critical lesson to remember

If you ask a group of technology and business professionals to rank the most important parts of their security program, awareness and training will undoubtedly land in the top three. After all, many breaches start with users and, on the flip side, can be prevented by users. It’s all about setting expectations. Unfortunately, many such attempts fall fla

Information security is vastly complex, both technically and from a governance, risk and compliance (GRC) perspective. When workplace politics come into play, security best practices become more complicated and risk management is weakened significantly. Security professionals commonly meet resistance when they attempt to implement IT initiatives that do not

In an ever-changing, dynamic threat landscape, a chief information security officer (CISO) in the health care sector must have knowledge in multiple areas and understand that data breaches have severe repercussions that affect employees, patients and the organization at large. To respond effectively to health care security risks, a CISO must possess well-rou