The below commentary is an excerpt from a longer white paper being produced by the Silent Sector team on how to hire and retain quality security, and by extension, IT resources. This excerpt addresses finding and hiring IT and security professionals.
In early May of 2019, Microsoft reported that a new security vulnerability had been discovered and could be a tremendous threat to their users. The bug was originally detected by the United Kingdom’s National Cyber Security Centre. Officially tracked “CVE-2019-0708”, but referred to as “BlueKeep”, this exploit is a remote code execution vulnerability that is present in Remote Desktop Services.
The below commentary is an excerpt from a longer white paper being produced by the Silent Sector team on how to hire and retain quality security, and by extension, IT resources. This excerpt addresses compensation.
Cyber-crime is here to stay. Neither technology, compliance frameworks, nor government regulation will stop the threat. It is a fight we didn’t choose but has forced business leaders to take new measures to protect their organizations.
Penetration testing is now a permanent requirement in most governance frameworks from NIST to PCI DSS, making it a mandatory step in the annual budgets and operations. While most understand a penetration test is necessary in order to meet their client and regulatory requirements for the year, there is little knowledge on what these tests actually accomplish for the organization and how they are conducted. In addition, an industry-wide consensus of what defines a true penetration test does not exist, creating further confusion.
The proliferation and race to market for newer, better, and more stable security tools has thoroughly saturated the IT world. Who hasn’t walked through a trade show and seen booth after booth of the latest and greatest tools?
The hustle and bustle of the holidays make them an ideal time for cyber-criminals to attack. Cybersecurity firms deal with increased threats during this season, and Silent Sector offers tips to protect your personal data and devices.