Cybersecurity Roundup: Women in Leadership Roles, Atlas VPN, Verizon-Securonix
Mentorships are often part of the process of growing into leadership positions in cybersecurity.
U.S. companies will add nearly 550,000 new jobs in computer and IT through 2028, a rate higher than the average for all occupations, according to the U.S. Bureau of Labor Statistics.
Of those jobs, the bureau predicts a 32% growth rate for information security analysts. Women are emerging as cybersecurity experts, with the expectation of a much larger influx of women entering the field.
Women are ascending into senior or leadership positions within their companies, often through different pathways, according to the results of the Women in Cybersecurity Survey to be presented by SANS Institute in two webcasts later this month.
Some 41% of respondents credited being in the right place at the right time for their rise into senior or leadership positions. That means they had to make themselves visible to decision-makers. Others credited having varied experiences (38%) or pursuing certifications (34%) with their rise into a senior or leadership positions, both of which are within the control of the individual.
Mentorships are often part of the process of growing into leadership positions and continuing to grow once taking on such a role; however, only 7% of women in cybersecurity have been mentored by another woman, with 37% mentored by both men and women, and 31% by men alone, which leaves 25% who have never benefited from being mentored.
SANS Institute’s Heather Mahalik
Most survey respondents have done just that, with just 26% not participating in a mentorship relationship. Interestingly, the majority (57%) report mentoring both men and women, a positive sign for growing the leadership role of women in cybersecurity.
To find out more about the growing influence of women in cybersecurity, we spoke with Heather Mahalik, SANS analyst and survey author.
Channel Futures: Why is it important for more women to obtain leadership roles in cybersecurity?
Heather Mahalik: Why not? We have been in the field for quite some time and are gaining traction, so obtaining a leadership role fits the bill. Women taking more leadership roles also promotes attention to younger women who want to enter the field and have career goals to climb the so-called corporate ladder. It’s important to show that leadership in cybersecurity is gender neutral.
CF: How important is mentoring in attracting and opening more doors for women in cybersecurity?
HM: Mentoring is important to everyone. Meeting and knowing the right people can really open doors for you and someone entering the field. I have mentored many people in my life and made introductions for them that have really launched their careers. We need more mentors. Please reach out to someone new to cybersecurity and help pave the way for them.
CF: Are there fewer barriers to women becoming cybersecurity leaders? If so, how?
HM: I would say yes. In my opinion, most companies realize that your work is what matters, not your gender. I know many women who run companies and who have started their own. The days of “she is a woman and doesn’t deserve this” are over.
CF: How does getting more women involved help in the fight against cybercriminals?
HM: Bottom line — we need people, women and men included. There is always a shortage of women in cybersecurity and the focus often goes to why. We are trying to push the message to any woman wanting to get involved, learn and have a career that matters. Cybersecurity is important and there are so many facets and specialties one can dive into. I took the plunge into digital forensics 18 years ago and have never looked back.
Women can have a big impact in their organizations regardless of …
… their title. Your title and time in the field do not define what you know and the impact you can provide to this community. They do not define your impact or even narrow in on your capabilities — your actions do.”
Survey: Americans Fear Identity Theft More Than Murder
Americans are so scared of being a victim of identity theft that they even find murder less terrifying, according to a new report by Atlas VPN. More than 1,500 Americans were surveyed for the report.
The record-high data breaches in the United States explain why so many people are so afraid of getting their identity stolen. In 2019, cybercriminals exposed 7.9 billion private records, which means that every 2 seconds, someone becomes a victim of identity theft. Additionally, the number of compromised data cases increased by 33% compared to 2018, according to the report.
Data compiled by Atlas VPN shows that 67% of Americans are afraid of being a victim of identity theft, while only 20% are scared of being murdered. Getting burglarized (43%) and being a victim of terrorism (29%) are also two of the respondents’ top concerns.
Atlas VPN’s Rachel Welch
“In 2020, we can expect a tense atmosphere in the cybersecurity industry,” said Rachel Welch, Atlas VPN’s COO. “Hackers are finding new ways to overcome the current security measures. Every company has to be on its toes and expect a serious attack sooner or later. I believe the number of credit card-related identity theft cases will continue to grow. Nowadays, almost anyone who knows how to access the dark web can order equipment required to forge a fake credit card. In general, the damage related to cybercrime will hit $6 trillion by the end of this year.”
Typically, hackers invade systems with the primary goal of profiting. The most common identity theft complaint in the U.S. is credit card fraud (32%). Other complaints include loan or lease fraud (14%), phone or utility scam (11%), bank fraud (7%), and employment or tax-related fraud (6%) cases.
The number of identity theft cases also depends on the time of the year. As the tax-return season is now beginning, the number of identity theft cases may increase rapidly.
Verizon Chooses Securonix for MDR Service
Verizon has chosen Securonix to power its new managed detection and response (MDR) service, which launched this week.
The Verizon MDR overlays Verizon’s core remote threat monitoring, detection and response capabilities with Securonix next-gen security information and event management (SIEM) to provide a fully managed solution that scales to meet the needs of companies of all sizes, while enabling internal teams to focus on other business priorities.
Verizon chose Securonix after evaluating legacy SIEM platforms.
Securonix’s Nitin Agale
Nitin Agale, Securonix’s senior vice president of products and marketing, tells us his company sees its partnership with Verizon as “validation of the strategic investments we’ve made in our MSP offering over the past year or so.”
“The Verizon partnership not only open’s new doors for Securonix, but also for our technology partners that enable us to provide a top-of-the-class security monitoring and response solution to our customers,” he said. “Also, bringing on a significant partner like Verizon allows us to further invest in our channel program. We have onboarded over a dozen MSSP partners already, and are rapidly scaling our solutions and programs to continue meeting and exceeding partner needs.”
Securonix SIEM combines log management, user and entity behavior analytics (UEBA), and security incident response into a security operations platform. It collects massive volumes of data in real-time, uses patented machine learning algorithms to detect advanced threats, and provides AI-based security incident response capabilities for fast remediation.
“For Verizon partners, this news solidifies the expansion of …
… Verizon’s offerings into the MDR space,” Agale said. “Not only does it show how Verizon is continuously looking to innovate and expand its security portfolio, it also augments the value of Verizon’s managed security services, which raises the tide for all. Verizon partners have an opportunity to sell or upsell customers a new managed service offering.”
Verizon has decades of managed service and incident response experience, and when that’s teamed with the analytics capability of Securonix SIEM, “we’re able to help organizations dramatically enhance their cyberdefense strategies,” Agale said.
“It makes for an extremely compelling package for organizations looking to enhance their security posture that benefits both of our partner ecosystems,” he said.
“Securonix next-gen SIEM is key in our ability to reinvent managed security services by incorporating pattern and behavioral detection techniques to elevate cyberdefense strategies for our customers,” said Felipe Boucas, Verizon Business Group’s director of security services, global products and solutions. “Securonix fits our MDR solution perfectly as a fully managed cloud service that delivers advanced threat detection and response with built-in user and entity behavior analytics.”
KnowBe4, Agari Team Up for Email Defense
KnowBe4 has partnered with Agari, a provider of phishing defense solutions for the enterprise, to stop identity-based email attacks
As a result of this new partnership, information security leaders have access to phishing training content combined with science-based phishing defense capabilities. In addition, data integration between the two capabilities will enable increased detection and decision-making on suspected phish reaching the enterprise.
KnowBe4’s Tony Jennings
Tony Jennings, KnowBe4‘s senior vice president of global channel sales, tells us the partnership represents a “competitive answer to the emerging trend of combining email phishing defense solutions with security awareness training products.”
“Partners now have the opportunity to offer a best-of-breed detection and decision-making, and risk remediation through awareness (and policy) training [of] enterprise business personnel who may represent an increased risk to the organization,” he said.
And because KnowBe4 and Agari operate in a common IT security VAR community, there is a “significant opportunity” for Agari’s partners to address an emerging market trend and meet this demand,” Jennings said.
The partnership gives KnowBe4 and its partners a competitive advantage because the combined offering is in “very high demand in global enterprise and midmarket organizations where few competitors are able to offer a best-of-breed solution,” he said.
According to the FBI Internet Crime Complaint Center’s 2019 Internet Crime Report, phishing was the top crime reported by victims in 2019, with U.S.-based fraud losses in excess of $3.5 billion. Other forms of social engineering that use phishing emails as an entry include business email compromise (BEC), which has cost the global economy $26 billion in reported losses.