Weekly News Roundup July 3-7, 2022


Posted on by Kacy Zurkus

My husband and I went for a walk on Tuesday, July 5, and he cheekily declared, “Well, the summer is over!” For some, the 4th of July week is the pinnacle of summer. Though I have no hard data to back this claim up (aside from a lot of OOO auto-replies to emails I’ve sent), I think a lot of people enjoyed some much-deserved time off during this week. If this is a big summer vacation week for people, it will make sense that many people besides my husband have the gloomy outlook that summer is over.

That’s not good news as we know that burnout is a major issue in any industry, and it’s especially concerning in cybersecurity. Burnout is the result of stress, and the sources of stress for security professionals are omnipresent across all sectors, making it difficult for people to take time off. Undoubtedly, many practitioners fear all that could go wrong in their absence, so they tend to either not take time off at all or fail to fully disconnect while they are away.

Interestingly, University Business explored the 10 pitfalls to be mindful of in preparing for the start of the fall semester. (Let’s enjoy the moment before we start thinking about fall!) Two of these pitfalls involved cybersecurity, and another was about burnout. When it comes to burnout, we can solve for this fear of taking time off by building stronger security teams, which, of course, demands that organizations look at their hiring practices and take actionable steps to close the skills gap. Additionally helpful is this guidance from TechTarget on how to write a cybersecurity job description.

Education is also critical to feeding the pipeline, and there is a lot of money being invested in educating everyone about cyber. The University of Idaho was awarded $4.46 million for cybersecurity scholarships. Also, to address cybersecurity concerns in the K-12 sector, the University of Georgia is reportedly providing cybersecurity education to teachers.

To learn more about Transforming Security Champions, join RSA Conference on July 13 for a follow-up conversation with Tanya Janca or explore a variety of topics available in our Library.

And, before you look at this week’s headlines, look at your calendar and make sure you are taking time off to relax and recharge because (sorry, Mr. Zurkus) the summer isn’t nearly over yet!

Jul. 7: CISA published an alert encouraging users and administrators to review the updates Cisco released for vulnerabilities in several of its products.

Jul. 7: “Chinese hacking groups are targeting the Russian government and organizations in the telecommunications industry, according to a new report from cybersecurity company SentinelOne,” The Record reported.

Jul. 6: Threatpost reported, “A prominent Chinese tech CEO has cited human error as the likely reason hackers got their hands on the personal data of 1 billion people in China from a Shanghai police database and then put some of it up for sale on illicit online markets.”

Jul. 6: State-sponsored actors in North Korea are allegedly targeting the healthcare sector with ransomware.

Jul. 6: School is out for summer programs in Cedar Rapids, Iowa, after a cyberattack on the district’s systems.

Jul. 6: Apple will reportedly add a lockdown mode in an effort to defend the iOS platform against state-sponsored mercenary spyware attacks.

Jul. 6: More than $7 million has been allocated to a cybersecurity improvement plan by the government of Puerto Rico.

Jul. 5: According to Infosecurity Magazine, “The British army’s Twitter and YouTube accounts were compromised by a malicious third party on Sunday and used to direct visitors to cryptocurrency scams.”

Jul. 5: A former HackerOne employee allegedly stole internal data from the platform, which the company had received through a bug bounty submission.

Jul. 4: “The U.S. and Israel have agreed to a new joint cybersecurity program called BIRD Cyber to enhance the cyber resilience of both countries’ critical infrastructures. Grants of up to $1.5 million will be given to entities who jointly develop advanced cybersecurity applications under this program,” Information Security Media Group reported

Contributors
Kacy Zurkus

Content Strategist, RSA Conference

RSAC Insights

professional development & workforce cyberattacks ransomware data security access control malware cyber espionage patch vulnerability & configuration management security awareness security jobs security education

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community