Monthly Archives: March 2018

Charles Leaver – More Women Needed In Cybersecurity And Girl Scouts Pushing This

Published by:

Written By Kim Foster And Presented By Charles Leaver


It’s no secret that cybersecurity is getting more international attention than ever before, and enterprises are rightfully concerned if they are training sufficient security specialists to meet growing security dangers. While this issue is felt throughout the commercial world, lots of people did not expect Girl Scouts to hear the call.

Beginning this fall, countless Girl Scouts across the country have the opportunity to earn cybersecurity badges. Girl Scouts of the United States teamed up with Security Company (and Ziften tech partner) Palo Alto Networks to create a curriculum that informs girls about the basics of computer security. In accordance with Sylvia Acevedo, CEO of GSUSA, they produced the program based on demand from the girls themselves to protect themselves, their computer systems, and their family networks.

The timing is good, since according to a research study launched in 2017 by (ISC), 1.8 million cybersecurity positions will be unfilled by 2022. Factor in increased need for security pros with stagnant growth for ladies – only 11 percent for the past several years – our cybersecurity staffing troubles are poised to intensify without significant effort on behalf of the market for better inclusion.

Of course, we cannot rely on the Girl Scouts to do all the heavy lifting. More comprehensive educational efforts are a given: according to the Computing Technology Industry Association, 69 percent of U.S. females who do not have a profession in information technology mentioned not knowing exactly what chances were available to them as the factor they did not pursue one. One of the excellent untapped opportunities of our market is the recruitment of more diverse professionals. Targeted curricula and increased awareness needs to be high top priority. Raytheon’s Women Cyber Security Scholarship is a good example.

To reap the benefits of having actually females supported shaping the future of innovation, it’s important to resolve the exclusionary perception of “the boys’ club” and remember the groundbreaking contributions made by females of the past. Lots of people understand that the very first computer developer was a woman – Ada Lovelace. Then there is the work of other famous pioneers such as Grace Hopper, Hedy Lamarr, or Ida Rhodes, all who might stimulate some vague recollection amongst those in our industry. Female mathematicians created programs for one of the world’s first fully electronic general-purpose computers: Kay McNulty, Jean Jennings Bartik, Betty Snyder, Marlyn Meltzer, Fran Bilas, and Ruth Lichterman were simply a few of the initial programmers of the Electronic Numerical Integrator and Computer (better known as ENIAC), though their important work was not extensively acknowledged for over 50 years. In fact, when historians initially discovered pictures of the ladies in the mid-1980s, they misinterpreted them for “Refrigerator Ladies” – models posing in front of the machines.

It deserves keeping in mind that numerous folk believe the very same “boys’ club” mentality that overlooked the achievements of females in history has actually resulted in limited management positions and lower salaries for modern-day ladies in cybersecurity, in addition to outright exemption of female stars from speaking opportunities at industry conferences. As trends go, excluding bright people with suitable understanding from influencing the cybersecurity market is an unsustainable one if we want to stay up to date with the cybercriminals.

Whether or not we collectively act to promote more inclusive workplaces – like educating, recruiting, and promoting ladies in larger numbers – it is heartening to see an organization synonymous with charity event cookies effectively inform an entire industry to the fact that ladies are genuinely thinking about the field. As the Girls Scouts of today are given the tools to pursue a career in information security, we need to prepare for that they will become the very females who ultimately reprogram our expectations of what a cybersecurity expert looks like.

Charles Leaver – Don’t Believe The Hype As Macs Can Affect Your Security

Published by:

Written By Roark Pollock And Presented By Charles Leaver


Do you have Mac computers? That’s fine. I have one too. Are your’s locked down? If not, your business has a possibly major security weakness.

It’s a fallacy to believe that Macintosh computers are inherently secure and don’t have to be protected against hacking or malware. People think Macs are undoubtedly probably more secure than Windows desktops and notebooks, due to the style of the Unix-oriented kernel. Definitely, we see less security patches released for macOS from Apple, compared with security patches for Windows from Microsoft.

Less security defects is not absolutely no defects. And much safer doesn’t indicate 100% safe.

Examples of Mac Vulnerabilities

Take, for instance, the macOS 10.13.3 update, released on January 23, 2018, for the current variations of the Mac’s operating system. Like a lot of current computer systems running Intel processors, the Mac was susceptible to the Meltdown defect, which implied that malicious applications might be able to read kernel memory.

Apple had to patch this defect – along with lots of others.

For instance, another flaw might allow malicious audio files to perform random code, which might break the system’s security integrity. Apple needed to patch it.

A kernel flaw meant that a malicious application may be able to execute random code with kernel privileges, giving cyber criminals access to anything on the device. Apple needed to patch the kernel.

A flaw in the WebKit library indicated that processing maliciously crafted web content might result in arbitrary code execution. Apple needed to patch WebKit.

Another flaw meant that processing a malicious text message might result in application denial of service, locking up the system. Whoops. Apple had to patch that flaw too.

Do not Make The Exact Same Errors as Customers

Numerous customers, believing all the talk about how terrific macOS is, choose to run without protection, trusting the macOS and its built-in application firewall program to obstruct all manner of bad code. Problem: There’s no built-in anti virus or anti-malware, and the firewall program can only do so much. And many enterprises want to overlook macOS when it pertains to visibility for posture tracking and hardening, and threat detection/ hazard searching.

Customers often make these assumptions due to the fact that they do not know any better. IT and Security experts need to never ever make the same mistakes – we need to understand better.

If a Mac user sets up bad software, or adds a harmful internet browser extension, or opens a bad e-mail attachment, or clicks a phishing link or a nasty advertisement, their device is corrupted – similar to a Windows computer. But within the business, we have to be prepared to deal with these concerns, even with Mac computers.

So What Do You Do?

Exactly what do you need to do?

– Install anti virus and anti malware on business Macs – or any Mac that has access to your company’s material, servers, or networks.
– Monitor the state of Mac computers, just like you would with Windows machines.
– Be proactive in applying patches and fixes to Mac computers, once again, similar to with Windows.

You must likewise get rid of Macs from your business environment which are too old to run the latest version of macOS. That’s a lot of them, because Apple is pretty good at maintaining hardware that is older. Here is Apple’s list of Mac models that can run macOS 10.13:

– MacBook (Late 2009 or newer).
– MacBook Pro (Mid 2010 or newer).
– MacBook Air (Late 2010 or more recent).
– Mac mini (Mid 2010 or more recent).
– iMac (Late 2009 or more recent).
– Mac Pro (Mid 2010 or more recent).

When the next version of macOS comes out, some of your older machines may drop off the list. They ought to fall off your inventory as well.

Ziften’s Perspective.

At Ziften, with our Zenith security platform, we work hard to keep visibility and security feature parity between Windows systems, macOS systems, and Linux-based systems.

In fact, we’ve partnered with Microsoft to incorporate our Zenith security platform with Microsoft Windows Defender Advanced Threat Protection (ATP) for macOS and Linux monitoring and risk detection and response coverage. The combination allows customers to find, view, investigate, and react to innovative cyber-attacks on macOS computers (as well as Windows and Linux-based endpoints) straight within the Microsoft WDATP Management Console.

From our perspective, it has actually constantly been very important to give your security teams confidence that every desktop/ notebook endpoint is safeguarded – and thus, the enterprise is protected.

It can be hard to believe, 91% of enterprises say they have a number of Mac computers. If those computers aren’t secured, and also properly integrated into your endpoint security systems, the enterprise is not protected. It’s just that basic.