Latest news with #DataBreachInvestigationsReport
Yahoo
6 days ago
- Business
- Yahoo
Why Cyber Specialists Thrive During Economic Downturns
New INE Security Analysis Shows Targeted Cybersecurity Training Creates Career Stability in Uncertain Times Cary, NC, May 30, 2025 (GLOBE NEWSWIRE) -- While tech giants have eliminated 300,000+ jobs over two years, cybersecurity professionals face a different reality. Organizations desperately need cybersecurity talent, yet many positions remain unfilled -- not from lack of demand, but because employers won't settle for candidates without specialized skills. This creates a unique opportunity: professionals who invest in targeted cybersecurity education and security certifications can build recession-proof careers while others Security, a leading provider of cybersecurity training and certifications, analyzed this market dynamic and found that specialization doesn't just improve job prospects, it multiplies career value exponentially."Specialization in cybersecurity creates a career insurance policy that generalists simply can't match," explains Dara Warn, CEO of INE Security. "While general IT professionals compete on price and availability, specialists compete on unique value. When you're one of the few professionals in your region who can architect zero-trust implementations or perform advanced mobile pentesting, you're not just employed – you're essential."The Math That Matters: Why Specialization PaysThe U.S. Bureau of Labor Statistics projects 33% growth for information security analysts through 2033, which is ten times faster than the average occupation. But despite 87% of companies reporting cybersecurity skill gaps (McKinsey & Company), many are willing to wait for the right candidates rather than hire creates a mathematical advantage for specialists. When hundreds apply for general IT roles, specialized positions like mobile security pentester or cloud architect often struggle to find even five qualified candidates. That scarcity translates directly into negotiating power and compensation $4.88 Million QuestionWith the average cybersecurity breach spiking 10% over the last year to $4.88 million (IBM Ponemon Institute), organizations can't afford mediocre security. They need specialists who can prevent, detect, and respond to threats immediately. Since 68% of breaches involve human elements like social engineering, according to Verizon's 2024 Data Breach Investigations Report, employers seek professionals who understand both technical vulnerabilities and human behavior urgency explains why 91% of hiring managers prefer certified candidates (Fortinet) and why specialized roles command premium rates: : The global pentesting market will grow from $2.74 billion to $6.25 billion by 2032. Certified pentesters with hands-on experience often earn double general security salaries (Fortune Business Insights). : With 38% of mobile apps containing high-risk vulnerabilities, mobile security specialists are in extreme demand but short supply (Positive Technologies). : Specialists command emergency rates exceeding $750/hour because when breaches happen, organizations need immediate expertise, not someone learning on the job (Industry Research). The Certification Advantage: Real NumbersProfessional certifications create measurable career advantages beyond just knowledge validation. Gallup research shows 81% of Americans with professional certifications are employed versus 68% without them. In cybersecurity, this advantage amplifies because security certifications prove competency in high-stakes foundational credentials like Sec+ to advanced pentester certifications, the progression path is clear. Career advancement opportunities expand dramatically with specialized certifications. This motivation helps combat feelings of career stagnation that contribute to burnout, an increasingly critical problem within the cybersecurity industry. But certifications alone aren't enough—employers increasingly demand proven practical Paper: Why Hands-On Training Multiplies ValueThe business case is compelling: well-trained cybersecurity teams generate $70,000 in annual savings and 10% productivity increases (IBM). Organizations recognize this ROI, which explains why 67% prefer team members with certifications - they validate both knowledge and practical capability (Fortinet).Modern cybersecurity education leverages cyber ranges and virtual labs that simulate real attack scenarios. This allows professionals to practice incident response, penetration testing, and threat analysis without risking production systems. The result? Professionals who can demonstrate actual competency rather than just theoretical Application: The eMAPT ExampleINE Security's enhanced Mobile Application Penetration Tester (eMAPT) certification exemplifies this integrated approach. Beyond advanced mobile security methodologies, the program includes extensive hands-on exercises in dedicated cyber ranges that replicate real mobile application infrastructures. Through June 24, 2025, learners can save $200 on the eMAPT certification and gain access to INE Security's updated Mobile Application Penetration Testing Learning practice iOS and Android security assessment against actual vulnerabilities in controlled environments. This combination of security certifications and practical lab experience addresses the core employer demand: verifiable expertise backed by demonstrated Ultimate Career Insurance PolicyThe cybersecurity profession rewards those who invest in continuous learning through specialized training. The combination of recognized security certifications, hands-on laboratory experience, and practical skill application creates professionals who thrive regardless of economic traditional IT training paths may offer broader options, cybersecurity education provides something more valuable: career resilience in an increasingly uncertain world. As threats evolve and breach costs climb, organizations will continue prioritizing specialists who can deliver immediate INE Security:INE Security is the premier provider of online networking and cybersecurity training and cybersecurity certifications. Harnessing a powerful hands-on lab platform, cutting-edge technology, a global video distribution network, and world-class instructors, INE Security is the top training choice for Fortune 500 companies worldwide for cybersecurity training in business and for IT professionals looking to advance their careers. INE Security's suite of learning paths offers an incomparable depth of expertise across cybersecurity and is committed to delivering advanced technical training while also lowering the barriers worldwide for those looking to enter and excel in an IT career. CONTACT: Kathryn Brown INE kbrown@ in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
6 days ago
- Business
- Yahoo
Why Cyber Specialists Thrive During Economic Downturns
New INE Security Analysis Shows Targeted Cybersecurity Training Creates Career Stability in Uncertain Times Cary, NC, May 30, 2025 (GLOBE NEWSWIRE) -- While tech giants have eliminated 300,000+ jobs over two years, cybersecurity professionals face a different reality. Organizations desperately need cybersecurity talent, yet many positions remain unfilled -- not from lack of demand, but because employers won't settle for candidates without specialized skills. This creates a unique opportunity: professionals who invest in targeted cybersecurity education and security certifications can build recession-proof careers while others Security, a leading provider of cybersecurity training and certifications, analyzed this market dynamic and found that specialization doesn't just improve job prospects, it multiplies career value exponentially."Specialization in cybersecurity creates a career insurance policy that generalists simply can't match," explains Dara Warn, CEO of INE Security. "While general IT professionals compete on price and availability, specialists compete on unique value. When you're one of the few professionals in your region who can architect zero-trust implementations or perform advanced mobile pentesting, you're not just employed – you're essential."The Math That Matters: Why Specialization PaysThe U.S. Bureau of Labor Statistics projects 33% growth for information security analysts through 2033, which is ten times faster than the average occupation. But despite 87% of companies reporting cybersecurity skill gaps (McKinsey & Company), many are willing to wait for the right candidates rather than hire creates a mathematical advantage for specialists. When hundreds apply for general IT roles, specialized positions like mobile security pentester or cloud architect often struggle to find even five qualified candidates. That scarcity translates directly into negotiating power and compensation $4.88 Million QuestionWith the average cybersecurity breach spiking 10% over the last year to $4.88 million (IBM Ponemon Institute), organizations can't afford mediocre security. They need specialists who can prevent, detect, and respond to threats immediately. Since 68% of breaches involve human elements like social engineering, according to Verizon's 2024 Data Breach Investigations Report, employers seek professionals who understand both technical vulnerabilities and human behavior urgency explains why 91% of hiring managers prefer certified candidates (Fortinet) and why specialized roles command premium rates: : The global pentesting market will grow from $2.74 billion to $6.25 billion by 2032. Certified pentesters with hands-on experience often earn double general security salaries (Fortune Business Insights). : With 38% of mobile apps containing high-risk vulnerabilities, mobile security specialists are in extreme demand but short supply (Positive Technologies). : Specialists command emergency rates exceeding $750/hour because when breaches happen, organizations need immediate expertise, not someone learning on the job (Industry Research). The Certification Advantage: Real NumbersProfessional certifications create measurable career advantages beyond just knowledge validation. Gallup research shows 81% of Americans with professional certifications are employed versus 68% without them. In cybersecurity, this advantage amplifies because security certifications prove competency in high-stakes foundational credentials like Sec+ to advanced pentester certifications, the progression path is clear. Career advancement opportunities expand dramatically with specialized certifications. This motivation helps combat feelings of career stagnation that contribute to burnout, an increasingly critical problem within the cybersecurity industry. But certifications alone aren't enough—employers increasingly demand proven practical Paper: Why Hands-On Training Multiplies ValueThe business case is compelling: well-trained cybersecurity teams generate $70,000 in annual savings and 10% productivity increases (IBM). Organizations recognize this ROI, which explains why 67% prefer team members with certifications - they validate both knowledge and practical capability (Fortinet).Modern cybersecurity education leverages cyber ranges and virtual labs that simulate real attack scenarios. This allows professionals to practice incident response, penetration testing, and threat analysis without risking production systems. The result? Professionals who can demonstrate actual competency rather than just theoretical Application: The eMAPT ExampleINE Security's enhanced Mobile Application Penetration Tester (eMAPT) certification exemplifies this integrated approach. Beyond advanced mobile security methodologies, the program includes extensive hands-on exercises in dedicated cyber ranges that replicate real mobile application infrastructures. Through June 24, 2025, learners can save $200 on the eMAPT certification and gain access to INE Security's updated Mobile Application Penetration Testing Learning practice iOS and Android security assessment against actual vulnerabilities in controlled environments. This combination of security certifications and practical lab experience addresses the core employer demand: verifiable expertise backed by demonstrated Ultimate Career Insurance PolicyThe cybersecurity profession rewards those who invest in continuous learning through specialized training. The combination of recognized security certifications, hands-on laboratory experience, and practical skill application creates professionals who thrive regardless of economic traditional IT training paths may offer broader options, cybersecurity education provides something more valuable: career resilience in an increasingly uncertain world. As threats evolve and breach costs climb, organizations will continue prioritizing specialists who can deliver immediate INE Security:INE Security is the premier provider of online networking and cybersecurity training and cybersecurity certifications. Harnessing a powerful hands-on lab platform, cutting-edge technology, a global video distribution network, and world-class instructors, INE Security is the top training choice for Fortune 500 companies worldwide for cybersecurity training in business and for IT professionals looking to advance their careers. INE Security's suite of learning paths offers an incomparable depth of expertise across cybersecurity and is committed to delivering advanced technical training while also lowering the barriers worldwide for those looking to enter and excel in an IT career. CONTACT: Kathryn Brown INE kbrown@
Perth Now
23-04-2025
- Business
- Perth Now
Businesses being held to ransom but more refuse to pay
Cyber criminals are demanding ransoms from their victims in more than half of all data breaches, a study has found, and small and medium-sized businesses are their biggest targets. Human error and social engineering scams were also rising in the Asia Pacific region, it found, although artificial intelligence software had yet to help criminals spread their reach. Verizon Business issued the warnings in its annual Data Breach Investigations Report on Thursday, which analysed more than 22,000 security incidents and more than 12,000 data breaches around the world. The findings come weeks after major Australian superannuation firms were targeted in an online attack that siphoned $750,000 from one fund, triggering an investigation by the National Cyber Security Co-ordinator. The data breach report analysed online incidents from 139 countries in 2024 and found attacks involving ransomware spiked during the year, rising 37 per cent to make up 44 per cent of all data breaches. The financially motivated attacks were more prevalent in Australia, the study found, with figures showing ransom demands were issued in 51 per cent of data breaches in the Asia Pacific region. Small to medium-sized organisations were also the most commonly targeted with ransomware, while large organisations received half the rate of attacks. Smaller companies were often more vulnerable and more likely to pay ransoms, Charles Sturt University AI and Cyber Futures Institute executive director Ganna Pogrebna said, simply because they were not prepared for them. "When we have finance companies, for example, they're quite sophisticated in understanding ransomware and following guidelines, not paying ransoms and thinking about resilience," she said. "You would be surprised how many companies have never thought about what they're going to do." Despite the rise in attacks, the report found the median amount paid to ransomware groups fell from $US150,000 to $US115,000 in 2024, with almost two in three organisations choosing not to pay. Other online threats identified in the analysis included breaches involving third parties and those involving human error, which played a role in 60 per cent of all data breaches. AI technology did not take "over the threat landscape" as feared, the report noted, despite evidence it had been used to craft more convincing phishing emails. The technology remained a threat in the hands of online criminals, Professor Pogrebna said, and advancements in its use should be monitored. "The next thing to watch out for will be more sophisticated generative AI tools," she told AAP. "AI in itself is not providing anything new but it allows cyber criminals to do things better and at scale." The growing number of data breaches also warranted more attention from organisations, Verizon Business Asia Pacific regional vice-president Robert Le Busque said, and reassessment of their defences. "This year's report reinforces the complexity and persistence of cyber threats facing organisations worldwide," he said. The Australian Signals Directorate responded to more than 1100 cybersecurity incidents in 2024, according to its annual report, while calls to the Australian Cybersecurity Hotline rose by 12 per cent.
Time of India
23-04-2025
- Business
- Time of India
APAC sees 38% on-year rise in data breaches due to system intrusions in 2024: Verizon Business
NEW DELHI: The Asia Pacific region recorded a 38% year-on-year rise in data breaches in 2024, resulting from system intrusions , according to the latest report released by Verizon Business on Wednesday. Collectively, 97% of APAC breaches were caused by just three tactics – system intrusion, social engineering, and basic web application attacks, highlighting the region's increasingly concentrated cyber threat landscape. 'In the Asia-Pacific region, external actors are targeting critical infrastructure and exploiting third-party vulnerabilities. The rising incidence of breaches highlights the imperative for businesses to reassess their risk frameworks, said Robert Le Busque, regional vice president (Asia Pacific), Verizon Business. As per the findings, malware in data breaches in APAC jumped significantly, from 58% in 2024 to 83% this year (till now), with email being the key vector for distributing various malware. This is followed by ransomware, which now accounts for 51% of the total breaches in the region, while social engineering now accounts for only 20% of the total breaches. The findings are based on an analysis of over 22,000 security incidents, including 12,195 confirmed data breaches spanning 139 countries, according to Verizon Business. With the median ransom payment to cybercriminals last year being $115,000, this is a significant amount for many small and medium businesses (SMBs), as per the company. It added that a proactive and comprehensive cybersecurity strategy can help businesses safeguard their assets, protect their customers, and ensure their long-term success in an increasingly digital world. 'Glass-half-full types can celebrate the rise in the number of victim organisations that did not pay ransoms, with 64% not paying versus 50% two years ago. The glass-half-empty personas will see in the DBIR (Data Breach Investigations Report) that organisations that don't have the proper IT and cybersecurity maturity, often the SMB sized organizations, are paying the price for their size with ransomware being present in 88% of breaches,' said Craig Robinson, research vice president (security services), IDC.
Yahoo
23-04-2025
- Business
- Yahoo
AI impact on data breach outcomes remains ‘limited': Verizon
This story was originally published on CIO Dive. To receive daily news and insights, subscribe to our free daily CIO Dive newsletter. Despite fears, the recent waves of AI uptake have yet to require a cybersecurity overhaul, according to Verizon's 18th edition of its Data Breach Investigations Report published Wednesday. AI-generated text in malicious emails has doubled in the past year, but the rate of successful phishing breaches stayed stable, the report found after analyzing more than 22,000 security incidents. 'While we've observed gradual adoption of these technologies, their impact on breach outcomes remains limited,' Chris Novak, VP of Verizon Global Cybersecurity Solutions, said in an email. 'We are actively tracking AI developments but, currently, no breakthroughs necessitate major shifts in defensive strategies.' Cybersecurity risks are a top concern for business leaders globally, especially as ongoing AI additions expand the attack surface and make techniques like phishing more accessible for novice bad actors. For now, however, the cybersecurity status quo remains relatively unchanged, but that could shift. 'More traditional attacks, like exploiting software vulnerabilities, continue to be more prevalent,' Novak told CIO Dive. 'We anticipate AI advancements on both the offensive and defensive fronts will likely progress in tandem as practical applications are explored.' IT leaders still need to keep an eye on shadow AI within their organization. Verizon found a large number of employees using AI via a non-corporate email or without an integrated authentication system in place, suggesting unsanctioned use. Technology decision-makers should also begin to adapt protocols and upskill teams to address worries around AI's risks. More than half of executives say the complexity of AI applications has weakened their company's cybersecurity posture, and around 2 in 5 organizations don't have the skills needed to secure workloads, according to a Flexential report. The cybersecurity market is poised to balloon as AI's risks come into clearer view. Global cybersecurity spending is predicted to reach $338 billion by 2033, up from $152 billion in 2023, Bloomberg Intelligence analysts expect. Even as employers take a 'wait-and-see' approach to hiring amid uncertain economic conditions, cybersecurity engineers and analysts are among the roles in highest demand, a CompTIA analysis of U.S. Bureau of Labor Statistics data found. Sign in to access your portfolio
