Almost half of Australian IT leaders will drive their organisations' transition to hybrid cloud infrastructure over the next few years, according to a study by Microsoft. Approximately 40 percent of Australian respondents indicated that their organisations are already transitioning to hybrid cloud with either integrated or non-integrated public and private cloud infrastructure. Microsoft expects this number to increase to 49 percent in the next 12 to 18 months. However, 43 percent of IT leaders in Australia are still using only private cloud, while 17 percent are using only public cloud solutions, according to the survey that sampled 1,200 IT leaders within Asia Pacific. Australian organisations are not likely to increase their investments in private or public-only cloud solutions, it added.
AustCyber is working with the Australian Department of Education and Training, and PwC's Skills for Australia program, to understand our needs for cyber vocational education and training. "We are gathering insights to learn about key cyber security skills needs and industry trends," wrote AustCyber on Wednesday. The aim is "to provide an evidence-based case for developing vocational training in cyber security skills that are transferable across multiple industries". We've been hearing that for years, although some of the guesstimates seem extravagant. Cisco said in 2015 that there were one million unfilled cyber jobs [PDF].
If your IT help desk team isn't highly trained in cybersecurity and isn't delivering good customer service to your organization's end users, you need to get back to the drawing board. This is made especially true in this post-pandemic working environment in which employees are still highly reliant on technology – and the security of it – to do their jobs, according to the results of a new survey from IT trade organization CompTIA. The survey suggests that help desks need to be staffed with high quality and highly available help as IT becomes critically important to organizations everywhere. According to the CompTIA, 70% of IT professionals surveyed say demand is increasing for issues related to cybersecurity, while 67% said the same for both securing networks and remote work. Meanwhile, 60% of respondents said there is increasing demand for mobile device support, and 57% said demand is rising for cloud-based services.
The National Security Agency develops advanced hacking tools in-house for both offense and defense--which you could probably guess even if some notable examples hadn't leaked in recent years. But on Tuesday at the RSA security conference in San Francisco, the agency chose for the first time demonstrated Ghidra, a refined internal tool that it has chosen to open source. And while NSA cybersecurity advisor Rob Joyce called the tool a "contribution to the nation's cybersecurity community" in announcing it at RSA, it will no doubt be used far beyond the United States. You can't use Ghidra to hack devices; it's instead a reverse engineering platform used to take "compiled," deployed software and "decompile" it. In other words, it transforms the ones and zeros that computers understand back into a human-readable structure, logic, and set of commands that reveals what the software you churn through it does.
To no one's surprise, end users continue to be the favorite target of cybercriminals. Verizon's 2017 Data Breach Digest, the companion to its annual data breaches report, states that of the data-loss incidents studied, 90% involved phishing or the social engineering of end users. A July 2018 Cybersecurity Insiders report (PDF) concluded, once again, that more than 90% of the participating organizations felt vulnerable to insider malicious behavior or inadvertent errors by end users. Some experts suggest attitude is a big reason why end users are targeted. "Some IT pros will say that training end users is a waste of time, as they [end users] will click through the training but not heed the warnings," writes CompTIA product manager Stephen Schneiter, in his CompTIA.org