You’ve probably heard the phrase “you don’t know what you don’t know.” It’s a stage of learning most people find themselves in at one time or another. When it comes to cybersecurity, hackers succeed by finding the security gaps and vulnerabilities you missed. That’s true of malicious attackers. But it’s also true of their equivalent on your side: a certified ethical hacker.
A certified ethical hacker can be one of your best specialists for protecting against threat actors. Here’s why.
Career advancement is an art form with many facets. One vital tool is your cybersecurity resume, the quality of which can mean the difference between getting an interview for your dream job and not being considered at all.
Following the standard advice on building a resume will give you a standard resume that won’t set you apart from the pack. Fresh thinking will give your resume a huge advantage. This is true whether you’re an entry-level candidate or applying for a chief information security officer (CISO) position, whether you’re building a security analyst resume or a security administrator resume.
Yes, it’s important to pay attention to the do’s and don’ts of smart resume building. And, yes, there is a cybersecurity skills gap. But to make your resume stand out from the pack, you’ll want something new and different. Here are some great ideas for building a winning cybersecurity resume for those just entering the field, for the most seasoned veterans and everyone in between.
Our glorious and surreal return to Italy, a special discount for The Prosecco Experience and our soundtrack for the Provence Experience. Read the latest issue here. Subscribe here.
The zero trust model is going mainstream, and for good reason. The rise in advanced attacks, plus IT trends that include the move to hybrid cloud and remote work, demand more exacting and granular defenses.
Zero trust ensures verification and authorization for every device, every application and every user gaining access to every resource. This is a complete departure from the old model, where implicit trust was the norm and networks were protected by firewalls, VPNs and web gateways.
What we need now is a cultural pivot — a paradigm shift in how we think about digital defense. A zero trust model is dynamic and constantly changing. After your system verifies the user and device and assures minimum access, it’s vital to monitor, learn and adapt. That means zero trust is a growing, adaptable process.
Malware can show up where you least expect it. Researchers discovered a logic bomb attack in the Python Package Index (PyPI) repository, which is code repository for Python developers and part of the software supply chain. Attackers aimed to get honest software developers to include the bombs in their applications by accident.
The tablet is a provocative beast.
Make a big one, and people argue over whether it could replace a laptop. Make a small one, and some users want it to be a giant phone. These conversations have repeated themselves since then-CEO Steve Jobs announced Apple’s ground-breaking iPad in 2010.
It was a pointless conversation at the time. Only the most dedicated tech nerds with specific kinds of work could even contemplate a stunt like replacing a phone or laptop with a tablet. Despite all the talk, few even attempted it.
Neither the world, nor the tablets, were ready — so the iPad and other tablets were relegated to lean-back, content-consumption device status.
But suddenly, the idea of actually using a tablet as a work laptop or a tablet as a work phone makes sense for some users, and is possible for most. This is especially true with either this year's 12.9-in. iPad Pro or the new 8.3-in. iPad Mini 6 unveiled this week.
Here’s why tablets can replace phones and tablets now.
The rise of remote work is arguably the biggest change in how we work since the introduction of the networked PC. Yet so many unknowns remain.
When will pandemic-mandated remote work end? We don’t know.
What percentage of those now working from home will return to office work? We don’t know.
Is remote work, on balance, good for business? Or bad? Nobody agrees.
But we have learned a great many things about not only remote work, but office work, too — and the whole way business has been conducted in the past few decades. Because of what we’ve learned, business will function far better in the future.
Here are the eight ways remote work improved business by teaching us how to work together better.
No, really! I’m actually working!
Work, work, work.
I found a perfect spot to work for awhile — very socially distant!
Here comes the video:
A smartphone connectivity revolution may be upon us, and I’m not talking about 5G.
In fact, 5G is a bit of a mirage — or, at least, it doesn’t offer what the public thinks it does. If you buy a 5G-enabled phone, it won’t connect to 5G networks unless you find yourself in a rare urban space within range of a 5G base station without the obstructions that limit its access. And even if you are within range, your phone won’t kick over to 5G mode unless you’re doing something super intense. Also: For some people using some carriers in some circumstances, available 4G is actually faster than 5G.
It’s complicated. But the bottom line is that for most users, 99% of the time they spend on their 5G phone will take place over 4G networks.
Satellite connectivity is a bit of a mirage, too. The worst thing about satellite phones is the very high price of a satellite account, and the high price of phone calls and other services. The other downside is that you can’t use satellite phones indoors. So hardly anyone has a satellite phone or mobile satellite service. It’s just not practical for most people.
But the big news that hit today: Apple’s next iPhone could actually be a satellite phone.
Ming-Chi Kuo, who has a solid track record of predicting Apple products and features, said recently in a letter to investors that Apple’s iPhone 13 (expected next month) will support satellite connectivity.
Here’s what’s really going on.
(Check out the free version of Mike’s List here.)
This an amazing house, surrounded by glera vineyards (for making prosecco). Great place to work!
I’ve got a five-hour layover before taking off for Madrid.
Driving to the bay area from Los Angeles we had to pull over near Carpinteria, California, to check out this super dramatic sunset.
Plus, Sierra Nevada and cheese fries.
Data-driven personalization is the practice of delivering relevant content to your customers based on the information you've gathered about them. Before data and personalization, brands had to generate demand for their products or make assumptions about their audiences using generalized data. But thanks to the internet and mobile devices, it's possible to communicate with heightened awareness about your market.
A data-driven approach enables you to collect data and use that data for a better customer experience throughout the entire customer life cycle. More importantly, it allows you to communicate the right message at the right time, based on where the customer is in that cycle, increasing engagement and conversion rates.
But the secret to making this personalization work is trust, which is earned through responsibly managing your customers' data. You have to strike the right balance between data and personalization, and your customers' privacy.
Spending on cybersecurity is hitting record highs. And that makes sense. Because of big changes in how work gets done (plus the rising cost of breaches and attacks, like ransomware), companies are spending more than ever. But simply throwing money at the problem in order to try to become more cyber resilient is not a solution.
It’s time to think about exactly where and how you’re directing new spending.
In the past, some viewed the digital workplace as a kind of inevitability—something that will emerge organically as business tools and processes improve with the advance of new technology. But the pandemic changed everything. It prompted a swift move to cloud-based tools and a sharp rise in remote work.
The overwhelming majority of companies around the world believe that in the future, remote working will increase (78%) and that the digital workplace and the physical workplace will coexist (86%), according to a 2020 report from Harvard Business Review. Rather than allowing gradual trends to shape the digital workplace, many organizations are keen on accelerating the process to get in front of the changes happening to business and the culture. Success in these efforts will require deliberate digital workplace governance.
By driving a digital workplace culture, organizations can improve communication, connection and collaboration—leveraging the power of unified action across the organization. This can remove the barriers of time and place, enabling teams to work in physically distant locations, while mobile and in all time zones while staying coordinated and connected. It also boosts business agility, which is increasingly necessary in today's fast-moving, fast-changing and unpredictable world.
But the digital workplace needs more than the right tools. The other vital part? A digital workplace framework and workplace governance.
Plus: Sandworm robots, margarita robots and sneakers made out of food! Read Mike's List free now!
Getting a second opinion is a great idea in both medicine and end-user cybersecurity. Two-factor authentication (2FA) and multifactor authentication (MFA) are powerful tools in the fight against all kinds of cyberattacks that involve end-user devices and internet-based services.
There’s just one big problem: It’s far, far too common for people to use text messaging as the second factor. That turns phone numbers into digital identity devices — a role they are poorly designed to play. If someone loses a smartphone or has it stolen or taken from them, they also lose their access to authentication. Worse, the attacker can transfer the phone number to another person, who will now receive authentication requests.
Here’s what to do about the 2FA and MFA phone problem.
You know those annoying people who hang out in coffee joints for hours on end, either chatting, doing business deals or working on their laptops?
Yeah, I’m one of them.
Before you judge, hear me out.
Do you know where coffee houses come from? Most people don’t.
All modern Starbucks and other coffee places descend directly from an Oxford coffee house that opened in 1650. That shop descended from similar establishments in Vienna, which themselves were modeled on coffee houses in Mecca and Istanbul and elsewhere in the Muslim world. (Coincidentally this photo was taken at an Istanbul Starbucks.)
Coffee was a novel beverage to Europeans in 1650. The first Oxford house was a hit, and coffee houses rapidly proliferated across the country, especially in London.
These establishments fueled the industrial revolution and the enlightenment — societal transformations that never could have happened in ale houses.
Their purpose wasn’t to dispense coffee. Entire businesses were set up and run inside the coffee houses. The world’s first newspapers were run out of them, then pamphlets distributed in them. Insurance companies operated entirely out of coffee houses. (Lloyd’s of London was named after Edward Lloyd’s coffee house on Tower Street, which opened in 1688.) Isaac Newton did most of his argumentation and idea exchanging with other scientists in the Grecian coffee house on the Strand.
For more than three centuries, coffee houses have served primarily as offices and meeting spaces for business people, journalists and intellectuals and secondarily as places to buy coffee.
Coffee houses came into existence not as a place where people are supposed to line up like addicts at a methadone clinic, then slink out. They’re a social meeting space for the community.
There’s a reason why 50 cents worth of coffee costs $4 at Starbucks and other places. You’re paying mainly for the space. You're paying for the seat and the table and the WiFi and the outlet and the bathroom and the climate control and the lighting.
In recent decades, we’ve been trained like lab rodents to drop our cash and leave. McDonald's even trained the public to bus their own tables. In fact, the idea of buying coffee at a coffee house and taking it to go is an extraordinarily new phenomenon. They’ve recently conned us into paying the premium for the real estate, then feeling bad about using what we paid for.
The transition from coffee houses as the public’s place of business to the coffee house as a fast-food joint is part of the disgusting consumerization of the human animal.
We’re not supposed to be citizens, thinkers or makers. We’re supposed to be consumers. Give me your money, then fuck off.
Ironically, Starbucks gets it. Considered derisively as the McDonald’s of coffee houses, the characterization is totally unfounded. Starbucks is committed to allowing anyone to use their WiFi free for as long as they want, at least in the United States and many other countries. Their stores have tables and outlets and couches and barstools. They invite everyone to hang out and linger. And there are other coffee places that understand the purpose of a coffee house as well.
But far too many believe a coffee house is just a place to extract money from customers, then force them to leave by failing to provide a social space. And when customers can’t find a table because people are staying too long, they don’t blame the establishment for failing to provide enough tables. They blame the campers.
My view is that if today’s coffee houses don’t know what a coffee house is for, they should close up shop and get out of the business. Maybe they can open a McDonald’s franchise.
Just don’t blame the customers who are using coffee houses for their intended and vital purpose.
A cybersecurity researcher discovered a new category of Wi-Fi vulnerabilities recently. But the surprising news is that this new category is actually very old. Called FragAttacks, these 12 Wi-Fi vulnerabilities have existed since the late 90s. But they’re new to the cybersecurity world because people only recently discovered and described them. Here's what you need to know about FragAttacks.
