now browsing by tag


Cyber Threat Analyst

U.S. Federal Government – Washington, DC



Within the Directorate of Analysis (DA), incomplete and sometimes contradictory information is transformed into unique insights that inform US policy decisions. The DA helps provide timely, accurate and objective all-source intelligence analysis on national security and foreign policy issues to senior policymakers in the US Government. Learn more about the Directorate of Analysis at 


As a Cyber Threat Analyst for the CIA, you will conduct all-source analysis, digital forensics, and targeting to identify, monitor, assess, and counter the threat posed by foreign cyber actors against US information systems, critical infrastructure and cyber-related interests. You will support the President, the National Security Council, and other US policymakers with strategic assessments and provide tactical analysis and advice for operations. 

Cyber Threat Analysts apply their scientific and technical knowledge to solving complex intelligence problems, produce short-term and long-term written assessments, and brief US policymakers and the US cyber defense community. This work demands initiative, creativity, analytic skills, and technical expertise. 

You will also have the opportunity to maintain and broaden your professional ties throughout your career through academic study, collaboration with Intelligence Community peers, and attendance at professional meetings. 

Opportunities exist for foreign and domestic travel, language training, analytic tradecraft and management training, training to deepen substantive expertise, and assignments to other offices in the Agency and throughout the US Government.

Read More….

The post Cyber Threat Analyst appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Engineering #needs #cyber security #specialists to #beat the #threat

Source: National Cyber Security News

Awareness and concern over security against cyber threats is growing. It’s about much more than the risk of personal data being hacked into.

A hostile cyber attack is classed by the UK’s National Security Risk Assessment as a Tier 1 risk, putting it in the most serious category alongside international terrorism, an international military crisis and a major accident or natural hazard. The National Cyber Security Centre was set up in 2016 (as a branch of GCHQ), and later the same year the government confirmed a cyberstrategy budget of £1.9bn over five years.

And although there have been high-profile examples of cyber security breaches, including the ‘Wannacry’ ransomware attack on the NHS last year, the centre’s head Ciaran Martin recently said that the UK had been fortunate so far to avoid a so-called ‘category 1’ attack – an assault that could cripple critical infrastructure such as water or electricity supplies or financial services. He warned that it was a matter of “when, not if” such an attack occurred.

There is little wonder, then, that demand for cyber security specialists has grown dramatically in the past few years, as has demand for the services of companies seeking to hire their expertise.

Read More….


View full post on National Cyber Security Ventures

Cyber Security Threat Hunter

Source: National Cyber Security – Produced By Gregory Evans

Job Description:
In this highly visible role, you will perform research and analysis searching for indications of advanced threat actors existing on the network. Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise. Works with the Cyber Security Research and Development team to operationalize new and innovative techniques of discovering advanced threat actors. Works in Global Information Security in the Cyber Security Defense organization to ensure there are good data sources to enrich hunting capabilities.

Required Skills:
4-7 years of background in information security, cyber security or network engineering.
Must understand typical threat actor profiles, the typical indicators associated with those profiles, and be able to synthesize the two to develop innovative techniques to detect threat actor activity.
Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise
Ability to analyze logs, normalize and perform automated log correlations utilizing big data analysis or hunt tools to identify anomalous and potentially malicious behavior
Strong experience with Digitial forensics on host or network from malware perspective, ability to identify anomalous behavior on network or endpoint devices
Experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security, and security monitoring solutions (NSM,DLP,Insider, etc)
Self-starting, organized, proactive, and requiring minimal management oversight.
Ability to quickly learn new and complex concepts.
Strong analytical skills/problem solving/conceptual thinking/attention to detail.
Ability to work effectively with peers and multiple levels of management.
Well organized, thorough, with the ability to balance and prioritize competing priorities.
Excellent verbal and written communication skills across multiple levels of the organization.

Desired Skills:
A passion for Cyber Threat Hunting, research, and uncovering the unknown about threats and threat actors
Bachelors degree in Computer Science.
Ability to effectively code in a scripting language (Python, Perl, etc.)
Ability to understand big data and query languages (Splunk, SQL, etc)
Experience with either Red team or Blue team operations and ability to think both like an attacker and defender.
Experience setting up infrastructure to support Hunt Team operations
Previous experience working in the financial industry

Enterprise Role Overview
Key individual contributor, with accountability for researching, designing, engineering, implementing, and supporting information security & directory technology systems (software & hardware). Utilizes in-depth technical knowledge and business requirements to design & implement secure solutions to meet customer / client needs while protecting the Bank’s assets. Develops and implements security standards, procedures, and guidelines for multiple platforms and diverse environment (e.g. client server, distributed, mainframe, etc.). Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Typically 5-7 years of IT experience.

Shift: 1st shift (United States of America)

Hours Per Week: 40

The post Cyber Security Threat Hunter appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cyber Threat Technical Analyst

Source: National Cyber Security – Produced By Gregory Evans

We’re looking for Eagle Ray people. Eagle Ray is a rapidly growing, woman owned business specializing in strategic transformation services. We deliver complex professional services across the IC, DoD and DHS. With Eagle Ray’s help, our clients reduce cost and program risk, enhance operational performance and drive the development of new capabilities to end users in the National Security Enterprise. We offer an engaging corporate culture, a dynamic work environment and competitive total compensation.

Insight. Impact. Innovation. Eagle Ray people are hands-on, results-oriented, and invested in the success of our customers’ missions. Come work with us, you can really make a difference!

Produce, per analyst on average, 36 weekly threat reports, eight monthly threat reports, three quarterly threat reports, and one annual threat study for their specific focus or area. In addition, each analyst will average six reports of inquiry (ROI) and or requests for information (RFI) and publish or contribute to nine Intelligence Information Reports (IIR) annually. Finally, each analyst will produce, on average, 48 weekly status reports.

Support team members in completing forensics reports, CI Cyber Inquiries, and monthly, quarterly, and annual CI Cyber Threat reports.
Identify, analyze, define, and coordinate user, customer and stakeholder needs and translate them into technical requirements.
Detect anomalous activity through network data analysis.
Develop custom scripts/programs for automated cyber analytical tools.
Record best practices, lessons-learned, processes and procedures, and other pertinent quality topics in appropriate formats.
Design, construct and maintain a working lab environment for testing and research of advanced technical attack techniques and potential detection solutions.
Evaluate and analyze Intrusion Detection, incident tickets, event and log analysis, security change tracking and other network security systems and devices to identify risks and if required make recommendations for corrective actions.
Investigate instances of malicious code to determine attack vector, payload, potential origin, and determine extent of damage and data exfiltration and provide written reports based on findings.
Assist in the development and delivery of malware threat awareness products and briefings.
Collaborate with customers and team members to facilitate a premier malware program.

TS/SCI clearance
Bachelor’s Degree in Computer Science, Engineering, or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.
7 years of network analysis experience.
Mandatory Travel = 25%
Experience with network analysis tools, such as Wireshark.
Strong research, critical thinking and analytic skills.
Strong written and oral communication skills.
Strong listening and recognition skills.
Understanding of mission urgency.
Strong time management, prioritization, production, leadership and followership skills.
Graduate of an accredited federal or DoD CI training academy.

Post-graduate degree in Computer Science, Engineering, or a related technical discipline or the equivalent combination of education, technical certifications or training, or work experience.
Equal Opportunity Employer/M/F/Disability/Vet/Sexual Orientation/Gender Identity

The post Cyber Threat Technical Analyst appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Ignorance Of #Cyber Threat Creates #Conundrum For Small #Business #Data #Security

Ignorance Of #Cyber Threat Creates #Conundrum For Small #Business #Data #Security

McAfee Labs recently published its 2018 Threats Predictions report, and after a year of high-profile cyberattacks and data breaches, analysts say the threat won’t let up in the new year. A rising challenge for the enterprise is the fact that cyberattackers are becoming increasingly sophisticated in their methods. According to McAfee, while companies are embracing innovations like machine learning to safeguard their systems, attackers, too, are using these same tools.

“Machine learning can process massive quantities of data and perform operations at great scale to detect and correct known vulnerabilities, suspicious behavior and zero-day attacks,” McAfee said in its report. “But adversaries will certainly employ machine learning themselves to support their attacks, learning from defensive responses, seeking to disrupt detection models and exploiting newly discovered vulnerabilities faster than defenders can patch them.”

If there’s one thing the enterprise has learned this year, it’s that a data breach can happen to any business — including small businesses (SMBs). Or, according to the latest data, many small businesses haven’t learned this lesson.

In this week’s B2B Data Digest, PYMNTS dives into new research about small businesses’ data security and cybersecurity efforts. Small businesses seem quite confident in their ability to protect themselves and their customers’ data, but according to researchers, that confidence is likely misguided.

—60 percent of SMBs said they don’t follow PCI DSS or HIPPA rules when storing customer credit card and banking information, according to new research from Clutch. The firm surveyed 300 small businesses about how they store data in the cloud and found that the majority aren’t following the Payment Card Industry Data Security Standard (PCI DSS) and the Health Insurance Portability and Accountability Act (HIPPA) as required by law. Clutch warned that fines for non-compliance with these rules can reach into the millions of dollars.

—54 percent of SMBs that store medical data in the cloud admit they don’t follow storage industry regulations, meaning these businesses could be putting sensitive company and consumer data at risk, Clutch also found.

—90 percent of SMBs are at least “somewhat” confident in their cloud storage’s security, a 3 percent increase from 2016 figures. That statistic is troubling, considering so many small businesses are actually lagging in cloud data security, according to the survey.

—60 percent of small firms say they use encryption to safeguard data in the cloud, the most common security measure cited by SMBs in Clutch’s survey. More than half (58 percent) said they train employees in data security, and 53 percent said they use two-factor authentication, though Clutch warned that businesses should be using more cybersecurity strategies than these three methods alone.

—74 percent of SMBs don’t have cyber liability insurance, according to separate research from Insureon. The small business insurance company surveyed 2,500 members of the small business community Manta, and the results suggest that the SMBs that aren’t following data storage regulations may not only be at risk for fines, but could face added-on consequences if they go uninsured.

—25 percent of small firms have consumer data that is susceptible to an attack on their business network, Insureon found, while nearly a sixth said they have already experienced a data breach.

—82 percent of small businesses told Insureon they don’t feel they’re at risk for a cyberattack or data breach, echoing similar sentiments found by Clutch: SMBs could be ignorant to their cybersecurity threats, despite many having already experienced an attack. Insureon President Jeff Somers said in a statement that the research is “surprising, considering the amount of media circulating about mass data breaches and cybersecurity. Many small business owners have their whole life savings tied up in their businesses, and they don’t understand how vulnerable they are to a cyberattack.”

View full post on National Cyber Security Ventures

​Australia #fair game when it comes to the #threat of a #cyber attack

Source: National Cyber Security – Produced By Gregory Evans

For a country with a culture based on taking things as they come, Check Point has said Australia is taking the threat of cybersecurity seriously.

Previously, organisations in Australia were protected by the country’s geographic isolation, but as business is now being carried out at scale via the internet, Tony Jarvis, chief strategist of threat prevention at security vendor Check Point, has said everyone is “fair game” when it comes to the threat of a breach.

Speaking with ZDNet, Jarvis said organisations in Australia used to have the luxury of foresight, watching peers from bigger parts of the world deal with security-related incidents six months before the trend entered Australia, providing them with ample time to prepare.

However, that is no longer the case, as highlighted by the WannaCry ransomware that claimed hundreds of thousands of victims across 150 countries, reaching speed and red-light cameras on state roads in Victoria, and Petya, which even halted chocolate production at Cadbury’s Tasmanian factory.

“When you’re doing business on the internet, which everybody is, everybody is fair game at exactly the same point in time, so we have to be cognizant of that,” Jarvis said.

“Australia is good at taking that seriously, they do appreciate that risk, and translating that into taking the necessary actions and preventative measures is definitely on the agenda.

“Australia is making good progress.”

He said it is important to remember there’s no such thing as cybersecurity in the sense that nothing can be 100 percent secure.

“Rather, cyber resilience, and being prepared as you can be while also acknowledging the fact that something might slip through the cracks, and having a plan in place to deal with that should it happen,” he explained.

“Australia is definitely taking the right steps, everybody faces slightly different risks, but more or less they’re all on the same sort of path.”

Australians have a reputation of being heavy consumers of technology, and with the estimation that there will be 20.4 billion Internet of Things (IoT) devices deployed by 2020, Jarvis said securing these devices should be a priority, given that IoT presents a future that is very difficult to secure.

He said it’s important for everyone involved, including designers, manufacturers, retailers, and consumers, to be aware of the security risks.

“There’s always a lot of hype in the security industry, unfortunately, and a good part of our time is spent on deciphering what is hype and what is fact,” Jarvis explained.

“Unfortunately, when we start talking about IoT, a lot of the hype is real.

“We live in a capitalist society; we have manufacturers and companies whose job is to put products on the shelf that we want to go out and buy and they improve our life somehow, such as fitbits and other fitness trackers,

“Unfortunately, security lags quite a number of years behind bringing these products to market.”

While there are a number of best practice guidelines published by the likes of IoT Alliance Australia and the Cloud Security Alliance, there’s no unanimous decision on which standard to adopt, nor is there an overarching body to make sure every part of the process adheres to agreed guidelines.

“Not all manufacturers will adhere to those standards, but even if they do, if there’s a vulnerability that’s found on a specific device, how do you actually go and remediate or patch that, because it’s not always possible,” Jarvis added.

“A lot of the hype in this case is justified.

“We don’t need to be worried, but we do need to be cognizant.”

The post ​Australia #fair game when it comes to the #threat of a #cyber attack appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybersecurity: #Barely perceptible #threat has potential to #derail #Canada’s #economy

Source: National Cyber Security – Produced By Gregory Evans

What is nearly imperceptible, leaks important secrets and can keep Canada’s top bankers up at night?

A cyberattack.

It’s not a punch line but a seriously haunting prospect for those in the upper echelons of Canadian governments and corporations.

When Victor Dodig checks his phone in the morning, the chief executive of CIBC dreads reading that any government or corporation, anywhere in the world, has been hacked, he told an Ontario Securities Commission panel last month.

“Obviously, it would be more of a concern if our institution was, but we’re so interconnected that one weak link creates an issue for all of us.”

Of all the nightmare scenarios that run through Bank of Canada governor Stephen Poloz’s head, the threat of a cyberattack is “more worrisome than all the other stuff,” he told The Canadian Press in an October interview.

Cybersecurity experts fear government and corporate defensive capabilities are not keeping pace with growing ranks of sophisticated hackers, a sentiment underscored by recent events.

This week, The New York Times reported that the National Security Agency — America’s largest intelligence organization known for its own clandestine hacking operations — had been infiltrated by a hack, an insider’s leak, or both. The cyberweapons it developed to spy on other countries are now being used against it, and a 15-month investigation has not produced a clear source of the leak.

The latest revelations come two months after Equifax Inc. disclosed that nearly half the U.S. population had sensitive personal information stolen by hackers who exploited a weakness in its system.

The data breach was announced in September, almost five months after hackers first broke in. They downloaded sensitive information undetected for almost two months before Equifax discovered the breach.

While U.S. politicians lambasted the company for its slow response, the political reaction in Canada was decidedly less strident, despite the fact that the company declined for weeks to identify just how many Canadians had been affected.

Equifax Canada’s silence was enabled by the lack of federal laws to force companies to disclose breaches and theft of information or money.

But that could change if a mandatory data breach reporting requirement amendment to the Personal Information Protection and Electronic Documents Act is passed. It must undergo several more stages after a consultation period for a draft closed last month, more than two years after it was first proposed.

In the meantime, cyberattacks have become increasingly routine.

Almost 60 per cent of Canadian businesses who responded to an Ipsos poll in February said they either suspect or know for certain that they were hacked last year, while more than one-third of Canadian individuals said in an Accenture survey they have been the target of a cyberattack.

Hacks involving extortion were up 50 per cent last year, according to a report by Verizon Communications. And that company knows all too well the fallout from a hack: it recently acquired Yahoo Inc., the victim of the largest data breach in history, in which three billion user accounts were compromised.

Estimates suggest cybercrime costs the Canadian economy between $3 billion and $5 billion a year. The average per company cost of a data breach has risen as high as $6 million, according to the Canadian Chamber of Commerce.

The Bank of Canada has warned that Canadian banks are vulnerable to a cascading series of attacks that could not only undermine confidence in the financial system, but spill over into other sectors, such as energy or water systems.

Hacking has already been deployed as a weapon of war.

The first known attack to take out an electrical grid using malicious software occurred two years ago, in the middle of Russia’s siege of Ukraine. Russian hackers have undermined almost every sector in Ukraine, including the Ukrainian tax filing system, pharmacies’ prescription tracking system and the radiation monitoring system at Chernobyl.

The hacks of Ashley Madison, Yahoo and now Equifax have sparked alarming headlines, federal investigations and passing political ire, but have amounted to little real change, leaving our institutions vulnerable to Poloz’s nightmare cyberattack that could grind the gears of modern civilization to a halt — a scenario that suddenly doesn’t seem so far-fetched.

The post Cybersecurity: #Barely perceptible #threat has potential to #derail #Canada’s #economy appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Pacemakers and #patient #monitors can be #hacked in seconds, #San Diego experts discuss #threat

Source: National Cyber Security – Produced By Gregory Evans

 San Diego cyber security expert Ted Harrington with Independent Security Evaluators invited us to his Downtown office to see how quickly and easily he and his colleagues demonstrate successful hacks of modern medical devices. Medical devices like pacemakers and patient monitors are some of the newest vulnerabilities to cyber attack in the healthcare industry.

The threat hits home. According to the California Life Sciences Association, the state has more medical device jobs that anywhere in the nation, with 74,000 employees. A total of 7,700 of them are based in San Diego.

San Diego is a city that’s no stranger to malicious software or “malware” assaults on the medical sector. Last year, the 306-bed Alvarado Medical Center had its computer system affected by what it called a “malware disruption”. The hospital briefly considered doing an on-camera interview with us about the security changes that have been implemented since the incident, but then it backed out.

The hospital spokesperson cited in part, “A careless slip during an interview can reveal possible [vulnerabilities] in our ‘armor’ that a hacker can take advantage of.”

Also last year, nearby Hollywood Presbyterian Medical Center made headlines when it paid a $17,000 ransom to the hacker who froze its computer system for several days.

“Healthcare is attacked more than any other industry because that’s where the money is,” writes prominent cybersecurity company Sophos in its SophosLabs 2018 Malware Forecast report.

A records check on the U.S. Department of Health and Human Services’ Office of Civil Rights website shows a total of thirteen California healthcare facilities that are currently under investigation for reported hacks.

Now, the threat to patient privacy could be challenged by a threat to patient safety.

Harrington and his team connected my finger to a sensor that was attached to a patient monitor. My healthy vitals were displayed on the patient monitor screen and on the screen representing a nurse’s computer.

In a real-world setting, that nurse’s computer would be in a different room from the patient and his or her monitor. 10News Reporter Jennifer Kastner was asked to remove my finger from the sensor, to make it look like she was flat-lining, but Harrington and his team hacked the nurse’s computer in seconds to make the nurse’s computer show that she was still healthy.

He and his team also showed us they could hack a patient’s displayed blood type.

“If the physician thinks the patient is a certain blood type and orders a transfusion of a different blood type, that directly hurts the patient. It would most likely result in a fatality,” says Harrington.

In October, the FBI put out a warning about the growing concern over cyber criminals targeting unsecured “Internet of Things (IoT)” devices, including medical devices like wireless heart monitors and insulin dispensers.

Years ago, it was reported that former Vice President Dick Cheney had his pacemaker altered to prevent an assassination attempt.

“We can’t bury our heads in the sand anymore. These types of medical cybersecurity vulnerabilities are going to become commonplace,” says Dr. Christian Dameff with UC San Diego Emergency Medicine.

Dameff is also a self-described hacker. Despite the FDA’s claim that there aren’t any known cases of patients’ devices getting hacked, Dameff believes attacks have happened and they were likely accidental, but never got reported.

“These devices in our systems are not well equipped to even discover these types of attacks,” he said. “It’s essentially like asking a toaster to figure out if your house has been hacked. They’re just not designed to find out.”

The experts we spoke to want to make it clear that while there’s a threat of cyber attacks on medical devices, the likelihood of it happening to the average patient is low. They urge people to stay mindful of the risks and talk to their healthcare providers about solutions.

The post Pacemakers and #patient #monitors can be #hacked in seconds, #San Diego experts discuss #threat appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Basic #Payment #cash raises #computer #hacker #threat

Source: National Cyber Security – Produced By Gregory Evans

Basic #Payment #cash raises #computer #hacker #threat

EASY access to information about Scottish farmers’ Basic Payments has made them prime targets for cyber crime, the Scottish Business Resilience Centre has warned.

At the end of October, payments worth £254million were issued to farmers and crofters across the country, and SBRC advised farmers to be “extra vigilant” regarding their internet safety, including being aware of suspicious emails or phone calls.

Chief ‘ethical hacker’ with the SBRC, Gerry Grant, said: “I know how vital these payments are to the livelihood of farmers and crofters. This makes it even more important that they’re fully aware that it can make them an easy target for criminals to try and scam them.

“Criminals can easily work out an accurate estimation of what a farmer is likely to receive in CAP payments and armed with this information, they can try and steal the money. They can send various emails to try and get passwords for bank accounts or even try and trick unsuspecting farmers into making payments to the wrong account.”

The types of emails and calls farmers may receive will generally consist of them being asked to take urgent action regarding their finances/bank accounts. SBRC said that any unusual emails or phone calls should be investigated fully, and the contact details should be verified before any action is taken.

Things to look out for include:

• Emails from suppliers asking for funds to be transferred to a different bank account;

• Emails claiming that there is a problem with an account;

• Phone calls from banks saying that there appears to be unusual activity on their account.

The post Basic #Payment #cash raises #computer #hacker #threat appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybersecurity #Pros Can’t Keep #Pace with #Threat #Landscape

Source: National Cyber Security – Produced By Gregory Evans

Cybersecurity #Pros Can’t Keep #Pace with #Threat #Landscape

Most (54%) cybersecurity professionals believe the threat landscape is evolving faster than they can respond, with a lack of preparation and strategic thinking endemic, according to RedSeal.

The network resilience vendor polled 600 IT and security decision makers in the UK and US to compile its RedSeal Resilience Report 2017.

It revealed that most respondents feel they are under-resourced (54%), can’t react quickly enough when an incident strikes (55%) and can’t access insight to prioritize incident response (79%).

Just 20% said they’re extremely confident their organization will be able to function as normal in the event of a breach or attack.

What’s more, there seems to be a dangerous disconnect between perceived strengths and reality.

Some 40% of respondents claimed ‘detection’ is their strongest capability, stating it takes an average of just six hours to spot an incident.

However, this flies in the face of many other industry reports, compiled by the likes of Mandiant (99 days) and Trustwave (49 days).

RedSeal also claimed that only a quarter of respondents test their cybersecurity incident response annually, with many saying it’s too resource intensive (29%), outside their budget (27%) or takes too long (26%).

“Their data networks are dynamic. This dynamic nature creates a risk,” RedSeal CEO Ray Rothrock told Infosecurity.

“Given that they report in our research that they last created a map of their entire network on average nine months ago, there’s no way to know precisely if their most valuable assets are accessible to bad actors at the present time. The lag in knowing what the network looks like and where data lives is a crucial factor in being ready for the inevitable.”

The report also revealed that compliance rather than strategy is driving IT security planning for the vast majority (97%) of organizations.

“On the cyber front, digital resilience — the ability to contain the bad guys when they’re inside your network, and protect high value assets like customer data and content from exfiltration — will protect your networks and your vital financial assets,” concluded Rothrock.

“So, it’s important to know your network inside out. Know what is important to your business and your customers, where it is, and make sure it’s secure. Operational resilience means not only being ready, but having a plan and procedures and then rehearsing that action plan.”

The post Cybersecurity #Pros Can’t Keep #Pace with #Threat #Landscape appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures