Cybersecurity

RSS

A more foundational goal is to make security and compliance part of the development process from the start. This is a transition that requires DevOps to bring along risk, security and compliance teams into the shared responsibility of making the organization resilient to change. But bringing the idea of shared responsibility to fruition can be difficult because there is a natural tension between DevOps and SecOps, as they have different charters and cultures. DevOps can be seen as more of a do culture (Atlassian calls this a “do-ocracy”) and SecOps can be seen as a control culture and they are inherently in conflict. To fulfill the promise of teaming for shared responsibility, DevOps and SecOps should align on three key objectives: collaboration, communication and integration.

A new study by (ISC)², conducted in 2020, revealed that the cybersecurity profession experienced substantial growth in its global ranks, increasing to 3.5 million individuals currently working in the field, an addition of 700,000 professionals or 25% more than last year’s workforce estimate. The research also indicates a corresponding decrease in the global workforce shortage, now down to 3.12 million from the 4.07 million shortage reported last year. Data suggests that employment in the field now needs to grow by approximately 41% in the U.S. and 89% worldwide in order to fill the talent gap, which remains a top concern of professionals.  Security experts, like Sarah Tatsis, VP of Advanced Technology Development Labs at BlackBerry, believe women can help solve the cybersecurity workforce shortage. Here, we speak to Tatsis about why women are needed and valued in the ongoing fight against cybercriminals.

The Cybersecurity and Infrastructure Security Agency (CISA) announced a six-month extension of the Information and Communications Technology (ICT) Supply Chain Risk Management Task Force.  The Task Force, chaired by CISA and the Information Technology (IT) and Communications Sector Coordinating Councils, is a public-private partnership composed of a diverse range of representatives from large and small private sector organizations charged with identifying challenges and devising workable solutions and recommendations for managing risks to the global ICT supply chain.

Neal Semikin, who previously held the roles of Chief Information Security Officer (CISO) and Head of IT Security at the Bank of England, has joined cybersecurity firm, The 324 Consultancy.