Category: Tech

Tech
Posted on

3 skills could make or break your cybersecurity career in the generative AI era

by Grabv

ndeed reports that almost one in five jobs are highly exposed to generative AI. The technology has proved advantageous for cybersecurity careers, automating threat data analysis and allowing cybersecurity professionals to focus more on mitigating the risks. And let’s face it, considering the number of high-profile breaches we’ve seen in recent months, from MOVEit to Johnson Controls, cybersecurity pros need all the help they can get.

Generative AI can be a powerful tool for identifying new risks and alerts, but using it requires a unique skill set. When interviewing cybersecurity candidates, I look for three critical soft skills: lateral thinking, persistence, and communication.

1. Lateral thinking

While many employers emphasize problem-solving skills in job descriptions, the ability to think outside the box is imperative in cybersecurity. Candidates must be able to quickly pivot when addressing risks and threats in real-time. For example, a good candidate with lateral thinking skills will consider how new technologies like generative AI can be integrated into existing resources to identify security risks more quickly and streamline operations.

Candidates must be able to quickly pivot when addressing risks and threats in real time.

In addition to its benefits, generative AI introduces data security and privacy concerns that we can’t disregard. While candidates should know how to use this technology to their advantage, they must also understand how large language models (LLMs) can leverage and compromise organizations’ internal data. Unsurprisingly, nearly half of executives worry that the integration of generative AI will result in new attacks against their AI models, services, or data. Security professionals should be proactive and question how new threats can bypass existing tools and processes. They must be able to seek new ways to approach challenges, whether it’s assuming the attacker’s point of view or discovering new vulnerabilities.

To gauge whether a candidate possesses lateral thinking skills, the interviewer should focus on situational questions demonstrating how they used different resources to overcome a challenge. I often ask, “Tell me about a time when you faced significant ambiguity or limited information and had to take action.”

2. Persistence

Cybersecurity is not a static learning career — security threats are dynamic and changing day by day. A successful practitioner should show determination in their learning and execution. While ransomware has existed for decades, other risks, such as AI-powered attacks and third-party data breaches, have emerged in recent years. And with threats becoming more dynamic and damaging, companies face more significant consequences for even the most minor lapse in security. Security practitioners must demonstrate their ability to navigate new industry guidance, security and privacy legislation, as well as the escalation of attacks. Candidates should demonstrate how persistence and determination help them overcome even the most complex cybersecurity challenges.

It’s essential to look for a résumé highlighting professional development throughout the candidate’s career, as this shows their persistence and determination. CISOs should ask interview questions that demonstrate how a candidate addresses a challenge, such as, “Tell me about a time you failed. What did you do about it?” These questions can give the hiring team a good understanding of whether the candidate is a quick learner and how they respond to adversity.

3. Communication

READ MORE ABOUT CYBERSECURITY STARTUPS

Cybersecurity is not a one-person sport. It’s a team effort that requires ongoing collaboration and information sharing. As security professionals, we sometimes need to realize how easy it is to get lost in the jargon of technical concepts. We constantly communicate with nontechnical stakeholders — executives, customers, and employees — who aren’t as keen on convoluted security terms. The ideal cybersecurity candidate will know how to frame different concepts clearly and concisely, breaking them down and offering analogies wherever possible.

A good indicator of effective communication skills on a résumé would be evidence of cross-functional responsibilities with past roles. An example question I might ask in an interview to gauge this would be, “In as much detail as you can, tell me everything that happens when you type www.cnn.com into a web browser and hit enter.” Such a question would show me firsthand how the candidate would respond if a nontechnical executive were to ask the question.

The No. 1 mistake cybersecurity candidates can make

It’s often apparent when a cybersecurity candidate is chasing the dollar and not considering their commitment to the position or demonstrating a passion for the specific domain in which they work. The high pressure and demands of cybersecurity roles can lead to burnout, and a passionless role can seriously affect mental health. Sixty-six percent of security leaders report experiencing high levels of stress at work. While generative AI can help relieve some of the pressure, it is crucial to find a role that you are passionate about to avoid burnout.

Identifying whether a candidate is money-motivated is difficult, but a fair warning would be “job hopping.” Hiring teams should be aware of frequent job changes, especially if they do not indicate career progression. I once hired a candidate for a highly compensated incident response position, which is often fast-paced and high stress. My team and I explained the nature of the work and its pace to the candidate. While highly competent, he was unmotivated and not eager to stretch himself. As a result, we had to let him go.

Acing your cybersecurity interview

Generative AI is a valuable resource in the cybersecurity industry, but we must consider it an accessory rather than the silver bullet for combating cybercrime. Cybersecurity professionals must be able to think strategically, stay determined, and know how to communicate convoluted concepts — qualities that cannot be replaced with technology. By demonstrating these skills in their résumés and interviews, candidates will be one step closer to securing their next cybersecurity role.

Tech
Posted on

Ukraine’s Cybersecurity Shake-Up: Leadership Changes Spark Concerns and Questions

by Grabv

In a surprising turn of events, Ukraine, a country known for its cybersecurity resilience, has witnessed a major shake-up at the top echelons of its cybersecurity apparatus. The recent firing of key cybersecurity officials has raised concerns both domestically and internationally, prompting questions about the motives behind the abrupt changes and the potential implications for the nation’s digital security infrastructure.

The Dismissals:

The dismissals, which included high-ranking officials responsible for overseeing Ukraine’s cybersecurity strategy, were met with a mix of shock and skepticism. Among those affected were individuals with extensive experience and expertise in cybersecurity, leaving many to wonder about the rationale behind their abrupt removal from crucial positions.

Ukraine’s Cybersecurity Reputation:

Ukraine has been at the forefront of cybersecurity efforts, especially in the face of persistent cyber threats and attacks from various quarters. The country has demonstrated resilience in the wake of numerous cyber incidents, including the well-documented NotPetya ransomware attack. The sudden removal of key cybersecurity figures has thus prompted concerns about potential vulnerabilities and the nation’s ability to navigate the evolving landscape of digital threats.

Speculations and Questions:

The circumstances surrounding the dismissals have given rise to speculations and questions. Some observers posit political motivations behind the shake-up, especially considering Ukraine’s geopolitical context and its ongoing tensions with neighboring countries. Others question the timing, which comes at a juncture when cybersecurity vigilance is of paramount importance globally.

Potential Implications:

The implications of these personnel changes extend beyond the immediate aftermath. A strong and cohesive cybersecurity strategy is essential for any nation, and Ukraine’s recent actions have raised doubts about the continuity of its approach. The new appointees, yet to be named, will face the formidable task of maintaining the country’s robust cybersecurity posture and reassuring both domestic and international stakeholders.

The Importance of Cybersecurity Leadership:

Leadership in the realm of cybersecurity is critical, and sudden changes can disrupt the momentum of ongoing initiatives and compromise the effectiveness of established security protocols. The expertise and institutional knowledge of seasoned cybersecurity officials are invaluable assets, and their absence may create a void that is not easily filled.

Global Attention:

Given Ukraine’s prominence in the cybersecurity arena, the international community is closely monitoring developments. Collaborative efforts in cybersecurity have become increasingly important in the face of transnational threats, and any perceived vulnerabilities in a nation’s digital defenses can have ripple effects on a global scale.

Conclusion:

As Ukraine grapples with the aftermath of the dismissal of top cybersecurity officials, the spotlight is firmly on the country’s ability to maintain its strong stance in the face of digital threats. The decisions made in the coming weeks, including the selection of new leadership and the articulation of a coherent cybersecurity strategy, will shape Ukraine’s digital resilience for the foreseeable future. In a world where cyber threats are both sophisticated and pervasive, the importance of robust cybersecurity leadership cannot be overstated, and Ukraine’s response to these recent changes will undoubtedly be closely scrutinized by cybersecurity experts and policymakers worldwide.

Source : Tech crunch

Tech
Posted on

BusCaro: Transforming Transportation in Pakistan for Safer Journeys, Especially for Women

by Grabv

In the bustling urban landscape of Pakistan, where transportation challenges often impede daily life, BusCaro has emerged as a beacon of change. This Pakistan-based company is revolutionizing the way people commute, with a special emphasis on providing safer transportation options, particularly for women. In a society where safety concerns have been a significant barrier to mobility, BusCaro’s innovative approach is making waves and reshaping the transportation narrative.

It ensures rider safety with features like driver background checks, vehicle inspections and tracking. BusCaro also has an emergency response team and a 24/7 customer support team, and a live-tracking feature that lets riders share their locations with friends and family. Another feature, created specifically for women, lets them used a masked name instead of their real name to show to their drivers. The startup is currently working on building a panic/SOS button in the app that will connected passengers directly with BusCaro and its safety partner, security agency Mohafiz.

Since its launch in 2022, BusCaro has expanded operations into Karachi, Lahore and Islamabad and now has over 300 vehicles, owned by private operators, and does over 20,000 bookings per day. The startup says it is on track to become profitable by early 2024 and recently hit $2.5 million in revenue.

Community Engagement and Awareness:

BusCaro actively engages with local communities to raise awareness about the importance of safe transportation and to address any reservations or cultural nuances. By fostering open dialogues and understanding the specific needs of different communities, BusCaro aims to create an inclusive transportation model that serves the diverse population of Pakistan.

Future Expansion and Impact:

As BusCaro continues to make strides in providing safer transportation options, especially for women, the company’s impact is poised to expand. The success of its women-only services and the integration of technology for safety are likely to set benchmarks for the broader transportation industry, encouraging other players to adopt similar measures.

She adds that BusCaro’s advantages include aggregating demand, while stabilizing and optimizing for supply payout, which helps transporters’ cash flows. It is also able to offer customers competitive prices because it uses buses and minivans, which result in lower costs per fixed seat and saves on fuel.

Many commuters in Pakistan spend about 20% to 50% of their income on commute and transport, with women spending more as they look for safer options. BusCaro’s target customers are people who earn less or who can’t afford to spend that much of their monthly income on transportation.

Another audience for BusCaro are office workers who are tired of driving their own vehicles to work because of rising fuel prices and lack of parking spaces. Other users include students, especially girls, whose parents want to them to use a safe commuting option.

“With BusCaro, they feel safe because of the measures we have in place including back checking our captains, vehicle inspections and track your ride feature in our application, which enables both the user and anyone they wish to share it with to track the ride,” says Shazhad.

BusCaro founder Maha Shahzad

BusCaro founder Maha Shahzad

BusCaro competes against several categories of ride-hailing platforms and public transportation. Shazhad says Careem is expensive even for its existing user base, but BusCaro is a third of the cost. There are other ride-hailing companies in Pakistan like In-Driver which are slightly cheaper and reliable, but they don’t have security measures, which BusCaro does.

BusCaro is also up against public transport, but Shazhad describes that as “insufficient” and “extremely unsafe.” She adds that most riders use it because of affordability constraints and they would be willing to find other alternatives if it was available to them. Other public transport options include government-funded buses in Karachi, but Shazhad says there are not enough vehicles to fill demand, and most cover limited routes.

Finally, BusCaro is up against private players, but they don’t have the same tools as BusCaro to aggregate demand and optimize supply playouts.

Shazhad said BusCaro is currently “laser focused on growing our current business with adding more accounts to our portfolio now.” It plans to expand its B2B2C partnerships and add more B2C partnerships. BusCaro also plans to work with the public sector on things like transportation subsidies, carbon emissions reduction, SaaS and government transportation contracts. BusCaro is currently looking at adding electronic vehicles for the next year, to lower its costs as fuel prices increase.

Source : https://techcrunch.com/2023/11/22/pakistan-based-buscaro-is-providing-safer-transportation-options-especially-for-women/

1 2