Businesses

How Can Businesses Close 'The Cybersecurity Gap'? (venturebeat.com) 179

Companies can't find enough qualified security personnel, and fixing it requires "a fundamental shift in how businesses recruit, hire, and keep security talent," according to a VentureBeat article by an Intermedia security executive: The trickle of security students emerging from post-secondary schools may not be fully prepared to tackle complicated security issues -- what we need are people who can protect businesses environments from everything from spam and BYOD vulnerabilities to complex threats like APTs and spear phishing. Second, certain companies may not know what to look for in a professional. Third, when skilled professionals are hired, they can often be overworked to the point where they don't have the time to keep up with the latest developments in the field -- and even in their own security tools... The fundamental problem facing the skills gap, however, is that there aren't enough people coming into the field to begin with. Here, companies need to do two things: step-up their advocacy when it comes to promoting cybersecurity careers, and look internally for employees who have the skills and desire to take on a security position but need the training and support to succeed...

Finally, businesses need to recognize that security threats today go well beyond just one department. Every employee should be responsible for knowing what to look for in an attack, how to report a suspected threat, and how they can simply disengage from content and files they deem suspicious. Basic security training needs to become a part of the onboarding process for any employee -- especially for those in the C-Suite, where a greater number of spear-phishing attacks occur.

The article also cites a study which found "about a quarter of all cybersecurity positions are left unfilled for about six months."
EU

European Parliament Committee Endorses End-To-End Encryption (tomshardware.com) 120

The civil liberties committee of the European Parliament has released a draft proposal "in direct contrast to the increasingly loud voices around the world to introduce regulations or weaken encryption," according to an anonymous Slashdot reader. Tom's Hardware reports: The draft recommends a regulation that will enforce end-to-end encryption on all communications to protect European Union citizens' fundamental privacy rights. The committee also recommended a ban on backdoors. Article 7 of the E.U.'s Charter of Fundamental Rights says that E.U. citizens have a right to personal privacy, as well as privacy in their family life and at home. According to the EP committee, the privacy of communications between individuals is also an important dimension of this right...

We've lately seen some EU member states push for increased surveillance and even backdoors in encrypted communications, so there seems to be some conflict here between what the European Parliament institutional bodies may want and what some member states do. However, if this proposal for the new Regulation on Privacy and Electronic Communications passes, it should significantly increase the privacy of E.U. citizens' communications, and it won't be so easy to roll back the changes to add backdoors in the future.

Security researcher Lukasz Olejnik says "the fact that policy is seriously considering these kind of aspects is unprecedented."
Privacy

Ask Slashdot: How Do You Prepare For The Theft Of Your PC? 262

A security-conscious Slashdot reader has theft insurance -- but worries whether it covers PC theft. And besides the hassles of recreating every customization after restoring from backups, there's also the issue of keeping personal data private. I currently keep important information on a hidden, encrypted partition so an ordinary thief won't get much off of it, but that is about the extent of my preparation... What would you do? Some sort of beacon to let you know where your stuff is? Remote wipe? Online backup?
There's a couple of issues here -- including privacy, data recovery, deterrence, compensation -- each leading to different ways to answer the question: what can you actually do to prepare for the possibility? So use the comments to share your own experiences. How have you prepared for the theft of your PC?

Slashdot Top Deals