*Such a rare occurrence in their cybersecurity world that I have to commemorate it.
*"The worse, the better," I guess.
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Have you noticed that cybersecurity is getting far more press coverage
than ever before? From FOX News to public television, cybersecurity is
THE hot topic. A Bloomberg TV reporter told me that cybersecurity
outranked the presidential race yesterday. This surge in visibility is
catalyzing two huge opportunities for people interested in cool jobs in
cybersecurity.
The first is the shift from compliance-based security to continuous
monitoring and daily prioritization of mitigation tasks. That change has
gotten strong White House support. Just last week the federal agency
cybersecurity (FISMA) reporting requirements were substantively changed
to emphasize continuous monitoring and alleviate the need for a lot of
compliance reports. Today people who know how to implement continuous
monitoring of Twenty Critical Controls are in increasingly high demand
among government agencies and contractors and among commercial
organization that are also shifting to continuous monitoring.
The second major opportunity is bigger, but is just emerging. It is a
direct response to the question now coming from senior executives and
CIOs: "Do we know whether every system and application we deploy has
security baked in?" The people who can answer that question with
authority will be the new heroes in cybersecurity. They have many names
- - security architect, security engineer, security consultant, and
several more but their skills are those that can on a large scale, make
sure that every application has security built in. Three of the
companies that have done the best job in transforming their security
programs to be able to ensure security is architected in are helping
with a workshop in August to share best practices. If you want to be the
leader in this area for your company or agency, you should consider
attending the program. My favorite part is the way Cisco in particular
is creating pretty good security architects out of IT architects - very
impressive.
https://www.sans.org/baking-security-applications-networks-2011
Alan
**************************************************************************
SANS NewsBites June 14, 2011 Vol. 13, Num. 047
**************************************************************************
TOP OF THE NEWS
Proposed US Legislation Would Require Breach Notification Within 48 Hours
Council of Europe Adopts Rules Setting Harsher Punishments for Cyber Crimes
Spanish Police Site Attacked in Retaliation for Anonymous Arrests
THE REST OF THE WEEK'S NEWS
International Monetary Fund Suffers Cyber Attack
Senate Websites Under Review After Hosting Server Breach
Nissan Leaf Sends Location Data in RSS GET Requests
Siemens Fixes SCADA Flaws
FBI Investigating Fraudulent ACH Transactions from NY Town's Bank Account
Adobe to Fix Remote Code Execution Flaws in Reader and Acrobat
Fines for Former T-Mobile Employees Who Stole and Sold Data
Microsoft to Fix 34 Flaws on June 14
***************************************************************************
TRAINING UPDATE...
