Intercast Staffing – August 2022 Newsletter

Welcome to the August edition of Intercast’s monthly newsletter for cybersecurity professionals. As always, we’ll bring you the latest news and views to make you a better-informed consultant. In this edition:

  • Meet The Team
  • Cybersecurity Stars On The Small Screen
  • Stress Still Bringing Industry Uncertainty
  • Apple Lockdown Mode No Slam-Dunk
  • Staff Want To Plug Cyber Skills Shortfall
  • Best of the Rest

Meet The Intercast Team - Nebai Tecleab

 

Meet The Team – Nebai Tecleab

For the first of an occasional series, we fired some quick questions at Intercast recruiter Nebai Tecleab:

 

What drew you to cybersecurity? 

My interest in technology and my passion to help others. Living in a technology-driven era, cybersecurity is around us every day and the field has evolved rapidly. The pace, the people, and the opportunity to positively impact my community, on a micro and macro level, are what I find most rewarding in this field.

What would surprise people about your work?

Our attention to detail. From our initial call to onboarding to post, we constantly re-visit conversations with our clients and consultants to ensure the highest levels of satisfaction, fostering retention.

What’s the biggest tip you have for candidates that they might not think about? 

The power of networking. One conversation can provide candidates with insights and opportunities they otherwise would not find on the internet.

What are the most important qualities for a candidate beyond technical knowledge and ability?

Attitude! Every day can present unique challenges and how you approach those challenges can make all the difference.

What’s the most surprising thing a client has asked for when searching for a candidate? 

Adaptability. Being a team player and possessing the desire and willingness to learn new skills cultivates a culture many employers work towards every day.

Do you think of recruiting as more of a science or an art?

I think of recruitment as more of an art. To be able to understand a client’s vision, then express that vision back to the client in the form of a perfect candidate involves creative skills.


Stress Still Bringing

Industry Uncertainty

Fears of an exodus from the cybersecurity workforce continue to concern employers, with even senior staff rethinking their future. A survey of “critical national infrastructure decision makers” found just five percent said they weren’t experiencing any factors that could make them reconsider their position in the next 12 months.

The second most commonly cited factor, mentioned by 40 percent of respondents, was the all-to-familiar “stress and burnout”, driven particularly by an increase in attempted cyberattacks.

The top factor, covering 42 percent of respondents, was more of a surprise: people who said that a breach was inevitable and that they didn’t want to stick around and have it taint their career.


Apple Lockdown Mode

No Slam-Dunk

Apple’s latest attempt to protect high-target users from cybersecurity attacks has received a mixed reception. “Lockdown Mode” has been described as effective but limited and focused purely on defense.

The mode will be available to all iPhone users but is particularly targeted at people “who face grave, targeted threats to their digital security.” It’s driven by the rise in state-sponsored attacks using spyware such as Pegasus.

Lockdown mode largely blocks features that are at particular risk of attack, including:

  • Message attachments other than images.
  • Web technologies such as just-in-time JavaScript compilation (except for manually excluded sites.)
  • Incoming service requests and invitations, including FaceTime calls, from people the user hasn’t previously contacted.
  • Wired connections to external devices when the phone is locked.
  • Configuration profiles and mobile device management.

Critics concede that the features will inherently reduce the potential attack surface, but at the risk of severely limiting functionality, particularly for activists and journalists who may most need the protection. Brian Contos told Cybernews that Lockdown Mode didn’t really add any new ways to tackle the attacks and would likely lead “nation-state hackers” to put their resources into finding workarounds.


Staff Want To Plug

Cyber Skills Shortfall

Boosting cybersecurity expertise is now top of the wish list for general IT workers looking to develop new skills. A survey of 700 tech professionals found 43 percent said cybersecurity was their “top skill concern.”

That overtook cloud computing (39 percent), the leading area of skill gaps in a similar survey last year.

It’s not just a case of personal advancement however: 44 percent of respondents said a general cybersecurity skills gap was the biggest threat to their organization. Plugging that gap is severely limited by the fact that just 32 percent of tech companies covered by the survey allow staff to formally learn new skills during work hours.


Best of The Rest

Here’s our round-up of some of the other stories you need to know about:

 

A bug in Microsoft Teams bug brings security risks:

https://portswigger.net/daily-swig/microsoft-teams-security-vulnerability-left-users-open-to-xss-via-flawed-stickers-feature

 

Microsoft is still buying up cybersecurity companies:

https://www.theregister.com/2022/06/15/miburo/

 

Hospital hacking is becoming a matter of life and death:

https://www.theguardian.com/technology/2022/jul/14/ransomware-attacks-cybersecurity-targeting-us-hospitals

 

Space may be the next arena for cybersecurity:

https://www.weforum.org/agenda/2022/05/increased-cybersecurity-for-space-based-services

 

Isabella Hartford of TechTarget has the take of the month, explaining how to find your cybersecurity niche:

https://www.techtarget.com/searchsecurity/feature/How-to-find-your-niche-in-cybersecurity