Really enjoyed earning a CEU from Comptia by watching (actually re-watching, cause first time I saw it we had a thunderstorm and power went out 3 minutes before end of presentation and I didn’t get credit) the Comptia ChannelCon State of Cybersecurity talk.
Some of the points that caught my ear were
- One speaker posited a 5900% ROI for the average hacker (TrustWave puts it at a more modest – but still astonishing – 1425%)
- In fact, hacking is such a profitable business to be in that there are gangs of hackers running actual businesses. Even have health insurance for their employees, continuous training/development
- Women “better” at cyber security – we have more “attention to detail” and we “like puzzles” and “enjoy analyzing stuff.” Gag. Or…women are people and some people like puzzles and pay attention to detail. I mean, there is real, demonstrable strength in promoting diversity in hiring. Different viewpoints make the whole team stronger in planning and problem-solving. But seriously – women “like puzzles”?
- Some people in cybersecurity are so tense and stressed that there is a high prevalence of self-medicating with alcohol or other substances. How can we support our coworkers in this field? We need to move towards a more collaborative approach and a team-centric setup. The security and continence of your firm’s data shouldn’t just sit on one person’s shoulders. That is a lot for one person, especially as this is a constantly changing and expanding field.
- Cyber security is now just an extension of your personal security. It affects everyone, and we all need to learn and work together. We all have a lot of risk, and security is EVERYONE’S business.
- Website tech support (or sales ) chatbots as the perfect social engineer if they can be hacked – fascinating
ie, if as part of authenticating a customer or user, we ask for username/pw/PII of whatever sort …and it’s actually a black hat bot that is just impersonating a customer service bot and saving all that info for later
What do you think – what are you thoughts on the latest cyber security developments?