FBI: Data Breaches Up 400%; Workforce Needs To Be “Doubled or Tripled”

As a follow up to last week’s post about the lack of cybersecurity personnel, this article talks about the increase in attacks and breaches and how it relates to the need for a more robust cybersecurity workforce.

James Trainor, acting assistant director of the FBI’s Cyber Division, said the agency used to learn about a new, large-scale data breach every two or three weeks. “Now, it is close to every two to three days.”

Trainor also said the cybersecurity industry needs to “double or triple” its workforce in order to keep up with hacking threats.

Read the story at thehill.com

Cybersecurity Talent Woes

It is no secret that there is a shortage of talented cybersecurity professionals in the US. As posted in the news, this issue is worse than a skills shortage, it’s a critical gap. As an article at thehill.com states: “We don’t have the workforce needed to address the challenges before us.”

The article goes on to further sum up the concern: “There are simply an inefficient number of qualified, skilled professionals available to do what’s needed to protect organizations and consumers.”

The problem becomes clear when organizations attempt to hire cybersecurity professionals. Many applicants don’t have the necessary skills for the open positions, which means it can take months to hire someone, while a short-staffed security team is trying to safeguard data and critical infrastructure.

SANS Institute is doing its part to help professionals launch cybersecurity careers and also assist companies and organizations to obtain the talent. This resource is available for employers: https://www.sans.org/cybertalent/

This week, on May 14, SANS is also hosting SANS CyberTalent Fair, a two-day, online meeting place for top cybersecurity employers and jobseekers in the US. According to the event website, “More than 209,000 cybersecurity jobs in the US are unfilled.”

MIT is hiring cybersecurity professions to work in Information Systems & Technology. See the MIT Careers website. Contract positions for IT Risk & Security Engineers are also available. For a job description, please contact Harry Hoffman.

Event: Challenges of Cybersecurity at MIT

MIT is launching a comprehensive effort to tackle the technical, regulatory and business challenges of cyber security. Included in this effort are three MIT research areas: CSAIL, the MIT Cyber Security Policy Initiative, and Interdisciplinary Consortium for Improving Critical Infrastructure for Cybersecurity (IC)3.

We are all invited to attend the public launch on Thursday, March 12th, at 8:30 am. It is located at the MIT Stata Center, in Kirsch Auditorium. Registration is required to attend.

Cambridge v. Cambridge Face-Off

As part of a series of cybersecurity initiatives made public during British Prime Minister David Cameron’s visit with President Barack Obama, the two nations announced that MIT’s Computer Science and Artificial Intelligence Lab (CSAIL) will face off against the University of Cambridge this fall for a special student hackathon dubbed “Cambridge v. Cambridge.”

The multi-day competition is part of continued efforts by the two nations to collaborate on cybersecurity and harness their collective brainpower to help combat global cyberattacks.

Read the full story on the MIT News page.

MIT is Part of Initiative on Cybersecurity Policy

MIT will be part of an initiative, sponsored by the Hewlett Foundation, to create a smart, sustainable cybersecurity policy against the growing cyber threats faced by governments, businesses and individuals.

This is the largest-ever commitment to cybersecurity by academic organizations. MIT will be heading the Cyber Policy Initiative (CPI), one of three new academic initiatives, to establish quantitative metrics and qualitative models to help inform policy makers. Stanford University and University of California at Berkeley are the other two academies involved in the effort.

Read the full story at the MIT News site.

IAP Session on Cybersecurity 101

January 23, 1:00 – 2:00 pm
Room: 1-150

Cybersecurity plays a role in everyone’s lives. It can affect family, friends and your colleagues. It is critical to understand how to be safer with today’s online threats.

Roy Wattanasin from MITM is offering an IAP class on cybersecurity. This one-hour introductory session helps you to understand more about the topic. Hear from information security professionals about their thoughts and recommendations on these topics: The threat landscape, lifecycle of an attack, Advanced Persistent Threats (APTs), passwords, and social engineering. Bring your questions and feel free to invite colleagues.

Please contact Roy Wattanasin for questions. No advance sign-up required.

DeterLab Offers Free Cybersecurity Exercises

The free, open-infrastructure DeterLab provides exercises for students to learn cybersecurity techniques by getting their arms around attacks and defenses. Dedicated to supporting cybersecurity education, DeterLab has been used by 99 classes, from 64 institutions and involving more than 3,500 users.

Deter stands for Defense Technology Experimental Research, and is a project started ten years ago at the University of Southern California. From the DETER Project came DeterLab, which enables faculty members from all over the world to use pre-built exercises in their classes, letting students try out security activities in a safe environment. Students can work through exercises without breaking or attacking something “for real.” Included are real-world activities such as buffer overflows, man-in-the-middle attacks, worm modeling and detection, denial-of-service and distributed denial-of-service attacks, and forensics and monitoring.

Read the full story online.