Cyber Employment 2024: Sky-High Expectations Fail Businesses & Job Seekers | Next-Gen AI Security Risks

Unreasonable requirements, low salaries, and a lack of commitment to training leaves businesses unable to hire their perfect cybersecurity pros. So, is there really a workforce "shortage"? [TechWeb]( Follow Dark Reading: [RSS]( December 28, 2023 LATEST SECURITY NEWS & COMMENTARY [Cyber Employment 2024: Sky-High Expectations Fail Businesses & Job Seekers]( Unreasonable requirements, low salaries, and a lack of commitment to training leaves businesses unable to hire their perfect cybersecurity pros. So, is there really a workforce "shortage"? [Skynet Ahoy? What to Expect for Next-Gen AI Security Risks]( The innovation that ChatGPT and other LLMs demonstrate is a good thing, but safeguards and other security frameworks must keep pace. [Ransomware Attackers Abuse Multiple Windows CLFS Driver Zero-Days]( Attackers were escalating privileges left and right in 2023, thanks to one performance-oriented, security-lacking driver. [Russian Water Utility Hacked in Retaliation for Kyivstar Hit]( Moscow's Rosvodokanal water-management company was ransacked by Ukraine-aligned Blackjack group, with reports that the company's IT infrastructure was "destroyed." ['BattleRoyal' Hackers Deliver DarkGate RAT Using Every Trick]( The shadowy threat actor uses some nifty tricks to drop popular malware with targets that meet its specifications. [Chameleon Android Trojan Offers Biometric Bypass]( A more sophisticated version of a "work in progress" malware is impersonating a Google Chrome app to attack a wider swath of mobile users. [Google Releases Eighth Zero-Day Patch of 2023 for Chrome]( CVE-2023-7024, exploited in the wild prior to patching, is a Chrome vulnerability that allows remote code execution within the browser's WebRTC component. [Cisco Bets Big on Multicloud Security With Isovalent Deal]( Cisco says Isovalent will help expand the capabilities of Security Cloud, an AI-driven, cloud-delivered integrated security platform. [African Organizations Aim to Fix Cybersecurity in 2024]( The continent suffers $3.5 billion in losses every year, lending momentum to efforts to train a generation of cybersecurity professionals. [Iran's 'Peach Sandstorm' Cyberattackers Target Global Defense Network]( The FalseFont backdoor allows operators to remotely access an infected system and launch additional files. [Why CISOs Need to Make Cyber Insurers Their Partners]( Nobody has more data on cybersecurity risk and losses than a cyber-insurance carrier. [Strengthening Resilience: Navigating the Cybersecurity Landscape]( The significance of cybersecurity resilience has never been higher as we grow more reliant on digital infrastructure. [5 Tips for Strengthening the Developer-Security Team Relationship]( Adopt these best practices to move past a reactive approach to software development and build a productive work environment. Collaboration can turn security into a shared goal, not a bottleneck. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Name That Toon: Just for Kicks]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [8 Strategies for Defending Against Help Desk Attacks]( The help desk is under siege from AI-based and other attacks. Next-gen tactics call for in-depth cyber-defense strategies. [How AI Is Shaping the Future of Cybercrime]( Cybercriminals are increasingly using AI tools to launch successful attacks, but defenders are battling back. [MORE]( PRODUCTS & RELEASES [Ransomware Attacks in November Rise 67% From 2022]( [New DMARC Data Shows 75% Increase in Suspicious Emails Hitting Inboxes]( [Console & Associates, P.C.: ESO Solutions Notifies 2.7M People of Data Breach That Leaked Their SSNs]( [Black Hat Europe 2023 Closes on Record-Breaking Event in London]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [How Cybercriminals Will Sway 2024 US Elections, or Try To]( "Coordinated inauthentic behavior" networks are already attempting to build up audiences for their campaigns via fake news outlets, social media platforms, and other avenues. LATEST FROM THE EDGE [Europe Sees More Hacktivism, GDPR Echoes, and New Security Laws Ahead for 2024]( Political and economic motivations impel nation-state and independent hackers, while the European Union strives to keep its members secure and prepared. LATEST FROM DR TECHNOLOGY [AI, Supply Chain Are Fertile Areas for Cybersecurity Investment]( Cybersecurity continues to be a growing sector, but a lot of investment funding is gravitating toward supply chain security and artificial intelligence (AI) for solving a range of security problems. LATEST FROM DR GLOBAL [Saudi Arabia Strengthens Its Cybersecurity Posture]( The country is facing a skills shortage and increased attacks, but its cyber plans are rapidly developing. WEBINARS - [Tips for Managing Cloud Security in a Hybrid Environment]( - [2024 API Security Trends & Predictions]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Threat Terrain of the Modern Factory: Survey of Programmable Assets and Robot Software]( - [Pixelle's OT Security Triumph with Security Inspection]( - [The OT Zero Trust Handbook: Implementing the 4 Cornerstones of OT Security]( - [2023 Snyk AI-Generated Code Security Report]( - [Buyer's Guide: Choosing a True DevSecOps Solution for Your Apps on AWS]( - [2023 Software Supply Chain Attack Report]( - [Increase Speed and Accuracy with AI Driven Static Analysis Auditing]( [View More White Papers >>]( FEATURED REPORTS - [What Ransomware Groups Look for in Enterprise Victims]( Ransomware attackers cast a wide net -- they just care about causing damage, making money, and gaining new victims. That means no organization is automatically immune to attack just because of its size or industry. Organizations need to take steps ... - [How to Use Threat Intelligence to Mitigate Third-Party Risk]( The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ... - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... [View More Dark Reading Reports >>]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=120111&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Weekly_12.28.23&sp_cid=51149&utm_content=DR_NL_Dark%20Reading%20Weekly_12.28.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#e2 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)