Terrifying Cyber Crime Statistics

Archive for IT Security

Terrifying Cyber Crime Statistics

#1 | 780,000 records were lost per day in 2017

According to McAfee’s Economic Impact of Cyber Crime (February 2018) cyber criminals adapt at a fast pace. The scale of malicious activity across the internet is quite astounding. The figures are frightening on a monthly or yearly scale, let alone daily! Cyber criminals are constantly finding new technologies to target victims. With the introduction of Bitcoin, payment and transfers to/from cyber criminals is untraceable.

McAfee reports that one of the major internet service providers (ISP) sees 80 billion malicious scans a day

#2 | Over 24,000 malicious mobile apps are blocked daily

Symantec’s Internet Security Threat Report details that lifestyle apps are the main targets. The majority of these apps leak phone numbers. Further sensitive information like device location is also being made accessible. It would be completely impossible to monitor or check each of these apps for vulnerability issues. It’s essentially an open ticket for cyber criminals to do their worst.

In the first quarter of 2018, Google Play had over 3.8 million apps on their store.

#3 | Microsoft Office file formats are the most used file extensions

In the top 10 most malicious file extensions, Microsoft Office took the number 1 spot. Emails are a common way for cyber criminals to attack their victims. Emails are used on a daily basis around the world. If you see an email containing a .doc or .xls file extension, most users would relate it to Microsoft. Microsoft being a reputable company means people are more likely to open an attachment.

According to Cisco’s 2018 Annual Cybersecurity Report, 38% were Office formats

#4 | The U.S., U.K., & China are more vulnerable to Smart Home attacks

The majority of smart home devices are connected via an external network. If the router you’re using doesn’t have decent security protection, you could be opening up your home to a cyber attack. With smart home devices becoming more prevalent, criminals are finding new ways to exploit vulnerabilities.

According to Trend Micro, The U.S., accounted for 28% of smart home device incidents. The U.K. and China followed with 7% each

#5 | 21% of files aren’t protected

Varonis’s 2018 Global Data Risk Report is quite terrifying. 6.2 billion files were analysed. These files contained credit card information, health records, etc. 21% of these files were open for global access. Furthermore, 41% of companies have more than 1000 sensitive files open to everyone.

#6 | Healthcare industry ransomware attacks will quadruple

By 2020, CSO Online predicts ransomware attacks will be quadruple. The healthcare industry gets attacked more than most industries. Thankfully not all attacks will be successful. Healthcare industries should not give into demands and ensure their data is safe and backed up. Phishing emails are particularly common and often where cyber attacks originate from.

#7 | Cyber Crime to cost $6 trillion by 2021

In the 2017 Official Annual Cybercrime Report, it’s estimated that cyber crime will cost $6 trillion annually by 2021. In 2015, that figure was $3 trillion.

Cyber crime is now becoming more profitable than the global trade of illegal drugs!

#8 | 30% of phishing emails in the U.S. are opened

That’s almost one-third of all emails, according to Verizon’s 2018 Data Breach Investigations Report. Phishing emails no longer take the same approach they used to. Do you remember seeing an email from your bank, Apple, PayPal etc. asking for sensitive information? With the figures that high, it’s no wonder cyber criminals are preying on email victims.

So many of us receive these emails each day and 12% are clicking on the links/attachments contained within them

#9 | 58% of U.K. businesses sought cyber security advice

The Cyber Security Breaches Survey 2017 shows U.K. businesses are more aware of cyber issues. However, it also shows that a large percentage of businesses aren’t seeking any advice or potentially protecting themselves from threats.

79% of medium firms sought advice whereas only 50% of micro firms did

#10 | 300 billion passwords worldwide by 2020

It may seem like passwords are dying, due to encryption etc. but according to Cyber Security Media, they’re not. It’s predicted that 300 billion passwords will be used by 2020. That takes into account humans and machines! That’s an awful lot of passwords, all of which require cybersecurity protection. If not, that’s 300 billion potential threats, worldwide.

#11 | French president Emmanuel Macron emails hacked

Yes, even a president can get hacked! In 2017 Emmanuel Macron’s emails were hacked. His emails were posted online just days before he was due to go head to head against his opponent. 9GB worth of data was posted to Pastebin. Macron’s campaign confirmed it had been hacked.

#12 | More than 60% of fraud originates from mobile devices

The world has gone mobile, and so have fraudsters. 60% of fraud comes from mobile devices; of that figure, 80% comes from mobile apps. Once a cyber criminal has access to your mobile, it can access your mobile banking app and initiate multiple levels of cyber crime. Fraudulent transactions are now over double the value of real transactions.

#13 | 2.53 million fall victim to cyber crime in UAE

In 2016, Norton by Symantec reported over 2.5 million people were victims of cyber crime in UAE. Despite reports stating that awareness of cyber crime was high, people are still engaging in online behaviour that is deemed as risky. People know they should be aware of links and protect their information. 70% of those people still click on information that they aren’t 100% sure of. Millennial’s seem to be the most affected group of people.

53% of millennial’s experienced cyber crime in the last year

#14 | Netherlands have the lowest cyber crime rate

In 2015, Symantec reported the Netherlands as having the lowest cyber crime rate. Only 14% of the population were affected. Although 14% is still high, compared to other countries, it wasn’t! Indonesia, for example, was subject to the highest cyber crime rate in the world.

59% of the population fell victim to cyber crime

#15 | Personal data sells for as little as $0.20

Have you ever thought how much your personal data is worth to you? Well, to some, it could sell for as little as $0.20, up to $15. Credit card information and account information can be accessed and purchased much more easily than you might think. The value of information is dependent on the type of details included. For example, credit card details are more valuable than other information. As well as this, it’s also dependent on how easy it would be to resell the information. If it’s too difficult, the value of personal data decreases.

#16 | Japanese exchange lost $530 million due to hacking

Coincheck is one of the biggest Bitcoin and cryptocurrency exchanges in Asia. In January 2018 it reported that it had lost $530 million due to hacking. Due to the incident, Coincheck seized and stopped all sales and withdrawals of it’s cryptocurrency at the time. The cryptocurrency used for the exchange was called NEM. Coincheck deal with other cryptocurrencies too.

#17 | In 2016, Adware affected 75% of organisations

Cisco investigated 130 organisations in it’s Cisco 2017 Annual Cybersecurity Report. It found that 75% of companies were affected by adware. Adware in itself is a nuisance, but it can also facilitate further malware or virus attacks. Adware presents itself in the form of advertisements. Whether you’re using your device on or off the internet, adverts can be displayed. Often if you’re trying to perform an internet search, the results direct you to other websites or marketing pop-ups to obtain your personal data.

#18 | Average ransomware demand is $1,077

Although not every ransomware demand is paid, the average demand value is $1,077. Since the last report, this shows an increase of around 266%! When victims are faced with a ransom amount, they often pay up. We rely on the internet for daily activities, for personal and work. We rely on the internet to connect our devices, and even our homes with the introduction of smart home products.

Demands are significantly increasing because we’re so reliant on the internet. As ransomware attacks increase, we can expect the demand values to increase as well

#19 | China have the most malware in the world

Over 55% of China’s computers are infected with malware. Since 2014, that figure increased by nearly 30% more! Even with people being more and more aware about cyber crime, it’s clear to see it doesn’t stop attackers. Taiwan follow closely with 49% of their computers being infected. Of all the malware across the world, Trojans were the cause of the most infection. Trojan’s are malicious programs that provide a back-door kind of entry to computers.

Once hacked, attackers can access personal information, passwords, and infect other devices connected to the same network

#20 | 90% of hackers use encryption

Encryption is a process which involves encoding a message, information, or program. Encryption allows only authorised people to access it. For example, a document that may be readable in normal circumstances would appear completely illegible when encrypted. In order to access encrypted information, it must be decoded first. Hackers are of course aware of how best to hide their tracks. 90% of them use encrypted traffic to disguise what they’re doing. If we, as users, used encryption to the same level, it would be much more difficult for cyber crime to take place.

#21 | Companies take over 6 months to notice a data breach

For me, this is one of the most terrifying statistics. Research suggests that most businesses take up to 197 days to notice breach of their data. ZDNet reports finance firms can take an average of 98 days! Due to the amount of time it takes for companies to realise a data breach, attackers are able to obtain even more information. Think about it, imagine what a cyber criminal can obtain over a 6 month period. Certain industries are of course more vulnerable to attacks, due to the data they hold.

83% of finance companies incur over 50 attacks per month. Once data has been stolen, it gets sold on the black market


Source: Original report can be found on VPN Geeks.

The Best Cybersecurity and Information Security Certifications

Information Security CertificationsLet’s begin with “Information Security” and “Cybersecurity”.  There are two expressions that people often use somewhat interchangeably. They are not quite the same though, as we have already explained in one or our previous blog posts. In any case, both have – naturally – the security aspect in common. This means, that if you are planning for a professional career in this field, not only are your knowledge and skill set of particular importance, but also are your reputable credentials, such as, Cybersecurity and Information Security Certifications.

Let us have a look at some of the best information security certifications to boost your career as an information security professional.


Information Security Certifications

Certified Penetration Testing Engineer (C)PTE)

The Certified Penetration Testing Engineer certification constitutes an upgrade to the Certified Ethical Hacker/CEH. The Techsherpas certification course is based on proven, hands-on penetration testing methods and the Five Key Elements of Pen Testing:

  • Information Gathering
  • Scanning
  • Enumeration
  • Exploitation
  • Reporting

CISM: Certified Information Security Manager

The certification as a CISM/Certified Information Security Manager demonstrates your proficient knowledge and skill set in the field of Information Security Management, such as:

  • Threat analysis and risks
  • Risk and incident management
  • IS security strategy/frameworks
  • Security programs and CISO roles
  • Creation of policies for audit and risk management, compliance and awareness
  • DR and BCP development/deployment/maintenance


CompTIA Security+

With Information Security Certifications like CompTIA Security+ you demonstrate the necessary computer security skills to successfully perform your duties in a wide range of IT security-related roles. Such skills are, for example:

  • Identification of the fundamental computer security concepts
  • Identification of (potential) security threats
  • Data management and application
  • Host security management
  • Network security implementation
  • Identification/implementation of access control
  • Identification/implementation of account management security measures
  • Identification/implementation of compliance and operational security measures
  • Certificate and risk management
  • Troubleshooting and management of security incidents.
  • Business continuity and disaster recovery planning


CISSO: Certified Information Systems Security Officer

A Certified Information Systems Security Officer (CISSO) demonstrates proficiency in the knowledge and skill set (including industry best practices) that characterize the work of a security manager/security officer, such as:

  • Expertise regarding the in-depth theory of core security concepts, practices, monitoring and compliance
  • Use of a risk-based approach
  • Ability to implement and maintain cost-effective security controls

The CISSO certification training also covers the exam objectives of the CISSP: Certified Information Systems Security Professional


C)IHE: Certified Incident Handling Engineer

The Certified Incident Handling Engineer (C)IHE) is directed toward IT professionals, such as incident handlers, system administrators and general security engineers. The training, which also covers the GCIH- GIAC Certified Incident Handler, teaches students:

  • Planning, creation and utilization of systems for attack prevention, detection and response
  • Step-by-step approaches as used by hackers worldwide
  • Identification of the latest attack vectors and implementation of safeguarding measures
  • Incident handling procedures
  • Strategies for each type of attack
  • Recovery measures after an attack


Have a look at our public training schedule to find out more about how we can support you to achieve the Cybersecurity and Information Security Certification that is best for your career plans.





2 Additional Technology Jobs In Demand and How to Qualify for Them

In our recent post, we have already talked about technology jobs in demand.  Since the world of technology is getting more and more complex, so diverse are the type of professionals to navigate it. Therefore: Here are MORE of those tech/IT jobs that are particularly in demand.

Technology jobs in demand

Data Analyst/Data Scientist

Computers and networks run on data, and every day, more data is being generated and collected. Therefore the amount of such data (big data) is constantly increasing. In order to evaluate and interpret this flood of information (words, numbers, pictures etc.), specialists are in high demand.

Many decisions and business strategies, across all industries are based on such information.

If you aim for a job as a data analyst/scientist, the minimum of a bachelor degree is typically expected. Most professionals who work with big data have obtained an advanced degree, such as  a Masters or Doctorate Degree in an area such as computer sciences, but also subjects like mathematics or statistics.

Information Security Analyst/Computer Security Analyst

Since the information stored on computers and in computer networks are often of a confidential nature, keeping it secure is of the utmost importance. Experts in information security and computer security (see also: “Cybersecurity”) are definitely technology jobs in demand. An information security analyst’s responsibility involves the planning and implementation of protective measures.  They also need to detect potential security gaps and anticipate future data breaches by computer hackers.

The methods of computer hackers are constantly evolving. Therefore, the information security analyst needs to stay up-to-date with the developments in computer sciences and related technologies. Just as it is the case with most IT jobs, it is important to participate in further education and training beyond the achievement of a college degree. This is possible by participating in additional IT training courses and IT certification training (see TechSherpas IT Certification Training overview).

Maybe you already have an IT-related college degree and want to enhance your career. In any case, you should have a look at our various computer training and certification programs, including our on-demand learning solutions that can help you obtaining your certification on your own schedule and at your own pace.

Here are just a few examples for the training that we currently provide:

  • MCSE: Data Management & Analytics 70-773 Analyzing Big Data with Microsoft R
  • MCSE: Data Management & Analytics 70-767 Implementing a SQL Data Warehouse
  • CVSE: Certified Virtualization Security Engineer
  • CSSO: Certified Cloud Security Officer






7 DON’Ts for Your Computer Security

We have recently written several articles revolving around cyber-, IT and computer security. While certain aspects of these topics are more complex (you can find information on further training and certifications we provide here), here are a few simple things to keep in mind, some DON’Ts as in things that you should better not do – or at least think twice about before doing so – to avoid risking your computer’s and personal information’s integrity and security.

Ways to Protect Your Information- Even Before Training and Certifications

Saving passwords on shared devices

Don’t save any passwords or PINs (Personal Identification Numbers) that grant access to your profiles and accounts on any computer devices that you share with others or that might potentially be shared with others, for example:

  • Office computers
  • Computers at internet cafés, public libraries or
  • any kind of public computer terminals

Staying logged in on shared devices

Don’t leave the above mentioned computers without first logging out of your accounts and closing your browser tabs. (The very least you should do when leaving your office computer unattended, is using a password-protected lock-screen.) For added security, you might even want to delete your browsing history.

Leaving mobile devices unattended

That one should really be a “no-brainer”: Don’t leave your mobile devices unattended. Not only are you risking unauthorized access by other people – you are risking THEFT of the device (laptop, tablet, smartphone).

Staying on outdated operating systems/internet browsers

Don’t ignore security patches and updates for your software, especially when it comes to your operating systems and internet browsers: Many software providers frequently provide updates and patches for their products, and for a good reason. Outdated operating systems, internet browsers etc. can make you more vulnerable to malware, hacking attacks etc. (Needless to say: If you do your updates manually, make sure you are getting them from their genuine source.)

Clicking on unknown attachments

Don’t blindly click on email attachments if you don’t know or have not verified the sender. This especially refers to (but is NOT limited to) .exe and .zip files, since those formats are more likely to contain malware.

Trusting potential phishing emails that want you to “verify your account”

They might claim to come from one of your providers or even banks, and they might ask you to click on a given link to re-enter your log-in details. Make very sure that the email actually does come from the sender it claims to be coming from. Be suspicious, and when in any doubt, go to your already familiar provider’s home to log into your account and see if you are prompted to verify or change any personal information.

Storing of login information next to your computer

Don’t leave notes with your login information with your computer (i.e. on your desk, under the monitor, in your laptop case etc.)









Safety and Security Measures You Should Follow

Security is important, especially with computers, internet, and personal information.  Here’s a few cybersecurity tips to keep yourself safe.

Follow These Cybersecurity Tips for Safe Computer Access

Make use of passwords and PINs

Your passwords and PINs are an imperative line of defense, not only for your devices, but especially for your online “existence” – your social media profiles, online-shop accounts and access to your online-banking.

In other words: When your device offers you the option to use are protective password or PIN (personal identification number) in order to access it, then do make use of it. (The access to your various online profiles is usually password-protected as a rule, anyway.)

Avoid easy guesses

Don’t use PINs like 1234 or your birthday – those are combinations that other people often try first to get unauthorized access.

The same goes for passwords: Neither your own name, nor your partner’s or your children’s names are a difficult leap – and would-be hackers know that, too – so it’s better if you stay clear of such password choices.

Make your passwords more complex (and therefore more difficult to guess or hack) by making them at least eight digits and a combination of letters, numbers, and where applicable, even symbols. When you set up an online-profile, the provider often gives you a guideline regarding the minimum security requirements for your password choice.

Don’t use the same password every time

Make sure not to use the same password all over your various accounts, especially not in combination with the same username or email-address. The reason is a simple one: In case one of your accounts should get hacked after all, you don’t want the hackers to have access to your other accounts as well!

Keep changing your passwords periodically

For similar reasons, it is a good idea to change a once determined password after a while, so that even if your account had been compromised at one point, maybe without your noticing, the hacked password will not work for unauthorized people’s future use.

Organize your passwords and keep them safe

It’s obvious that all these different passwords and user names need some organization as well as safekeeping. You might want to write them down somewhere, but if you do, keep them away from open display and if possible not in direct vicinity to your computer. One way to do this electronically is using a special password-manager software (that can even create unique and elaborate passwords for you).

Make sure to log out of your accounts when you leave, especially on computers that are not yours

Many online-shops provide the option to stay logged in your profile with them, so that you are not automatically logged-out once you check out and leave the shop. This is usually done by checking a little box where you log into your account (e.g. “Keep me signed in”).

While this can be a handy little option to use on your personal device in order to do some quick shopping without having to go through the log-in process, you should definitely not use this option on a public computer, or any computer that other people might have access to. This is one of the basic steps to protect your profiles and accounts – so basic, that the providers of this option usually expressly advise against staying logged-in themselves.








The Difference between Cybersecurity, Information Security and Computer Security

First things first: cybersecurity and IT security (information security) are not precisely the same thing, even though many people tend to use these terms interchangeably – which is understandable, because they are very closely related. In general, they both refer to the world of computers, computer networks and the information that is stored and processed there. This information is often highly sensitive and therefore, of course, needs to be protected by various measures.

Security for IT Professionals Explained

Security for IT professionals is a complicated matter, so here’s a basic explanation of the main types of security.

Simply put, one could probably say that “cybersecurity” (or according to the Merriam-Webster dictionary “cybersecurity”) aims at protecting the computer and/or computer network or computer system (which of course includes access via the internet as well), while “information security” or “IT security”, as the expression might suggest, concentrates on the protection of the data within those computers/computer networks.

Almost the same – but not quite the same

Of course, one could argue that the reason for protecting “the computer(s)” as such is the protection of the data/information, one way or the other.

According to the Glossary of Key Information Security Terms from May 2013 that is published by the National Institute of Standards and Technology (NIST), Cybersecurity refers to the “ability to protect or defend the use of cyberspace from cyber attacks” (CNSSI-4009)

According to Merriam-Webster, Cybersecurity is defined as “measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack”.

On the website of “The School of Business at George Mason University”, one can read the following definition: “protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability”.

This might sound/read rather similar, but this time, the definition happens to refer to the term of Information Security. So, how can that be? Is it simply a question of semantics?

Actually, there is a slight difference between those two definitions: The second one focuses on the protection of the information.

Two aspects of the same challenge

Does this still sound quite the same? That’s because in both cases, the eventual challenge is the same. But the focus of the protective measures is slightly different – just like there is a difference between a watchdog and/or security guard securing the entrance to a building and the bodyguard that might protect a person that lives inside.

Back to the world of computers, one could probably argue that Cybersecurity and Information Security are two aspects of the same challenge – Computer Security or “COMPUSEC”, defined by NIST as: “Measures and controls that ensure confidentiality, integrity, and availability of information system assets including hardware, software, firmware, and information being processed, stored, and communicated.” (CNSSI-4009)

How Cloud Storage Has Changed Technology

The concept of the cloud technology has been well-loved since it was first introduced, but very few truly understand what it is and the power it has to influence our daily lives. Basically, the cloud is responsible for any process that you don’t do or store on your own computer. If you’re accessing some remote server or computer to do a task, like save a big file, that’s the cloud. See, when the cloud first came into creation, it looked different and served limited functions. Now, it has morphed into a very useful technology that people can’t seem to live without.

How Cloud Technology Changed Our Lives

To fully understand just how much the cloud affects our day to day lives, here are some of the ways that cloud storage has changed the technology as we know today.

  • Quick and easy repairs or upgrades

From here on out, any technology linked to the cloud can be fixed with ease and almost zero intervention from their owners. That’s why when your car’s GPS needs updating, the cloud makes sure it’s able to quickly do that. The same goes for the apps in your phone and the accounts you maintain online.

This same feature is used by medical companies to remind technicians when they have to maintain specific medical equipment. To make their jobs even easier, there are even readily accessible manuals that would help them fix new equipment that they don’t have the expertise for.

  • Obscure and hands-free computers

The more you use the cloud, the more you’re contributing to spreading that same network. You have to understand that the cloud is nothing but a huge, well-maintained computer network. As the spreads, it is able to cover more functions and takes it off of users. You don’t have to manually update your apps, store your files or check the battery of your car. Everything will be tailor fitted to your needs. Slowly, you won’t have any use for bulky technology, thus the rise in popularity of hands-free devices.

  • Consumer-centric technology

Because there is more data readily available for different businesses to base their marketing approaches off of, like when you’re most likely to work or shop, their approach to sales will shift from quick conversion to building a relationship with their users. You can already observe this in bigger e-commerce sites where they give a lot of space to recommendations for what movie to watch, how to dress up certain clothes and so on.



Why We Recommend Norton Software

Since we are constantly online, our laptop and desktops are always exposed to the possibility of getting a virus. That’s why there’s a need to set up a software that’s guaranteed to spot that and stop it from infecting our files or, worse, divulging private information. You have to protect your computer from the possibility of losing information or getting hacked, considering that most laptops contain pertinent information about your personal and business life.

Get IT Certified Professionals’ Recommendation:  Norton Software

To help you protect your interests, you need a software that provides your computer the security it needs. This is what Norton is known for. It’s been the industry leader for years and is able to provide up-to-date protection against the most recent of malware, spyware, adware, and viruses.  If you want to get IT certified professionals’ opinion, Norton is the top choice. To get to know this software more and find out the type of security it gives you, here are some of its benefits:

  • Comprehensive Protection

Being in the industry for years, Norton has already set up specific mechanisms in their software to protect your computer from almost every type of attack, whether it’s a malicious spyware or a generic virus. This type of comprehensive protection will not be available with just any antivirus, especially those which you download for free. It also goes beyond that firewall that you own computer’s operating system can provide.

  • Up-to-Date

The issue with most other anti-virus is they can only combat the usual virus. They are not made to progressively protect your computer from recently made malware or adware. Norton keeps you safe no matter where and how much you shop, surf or even bank online. It instantly blocks any infected downloads and backs up your files in case of a threat. That way, regardless of an attack, your files and memories on that laptop are safe.

  • Proactive

Instead of waiting for your files to get damaged or your information to be stolen, the Norton software does proactive checks that will alert you if a particular app is risky or may contain a virus. The software is also able to warn you if you’re walking into a social media scam, like click bait and links with suspicious content. That’s one of the most common ways to infect computers these days.

On top of all that, you can download Norton on almost any operating system, from desktops and MacBook to iOS and Androids – all with a single subscription. It also comes with other fringe benefits, like constant and often free updates and hard drive clean up.



Will Future Auto Technology be Open or Closed?

An Open Car System: What Is It?

Because this topic is recent, there is a need to differentiate between the closed and open car systems. An open car means that your vehicle is now equipped with an information technology system that allows car companies to constantly make upgrades, check your system for security breaches or bugs and widens the ability of a company to provide after service. Despite this opening up you car’s platforms to developers, this does not mean that your data is vulnerable.

Technological Advances Will Open New Doors for Tech Careers in Security

Experts argue that the open car system actually allows developers to protect the data on your cars more because of clearly laid out and implemented data privacy and security. This will also come with heightened data accountability, which is what most drivers want to hear after the controversial scandals regarding the OEM hacks.  Just think of all the tech careers in security that will become available to protect your data!

Comparison: A Closed Car System

Before going into the details of the benefits of open technology, it should be compared to how a closed system works. As you can imagine, it has its own systems in place, but they are not as far reaching as an open system. In fact, most of the systems in your car become obsolete after a few years and seldom can they upgrade each time a new model comes out. Once you buy your car, whatever system is in place – like the GPS – is what you will be using for the whole duration that you own your car.

Clearly, there are still merits to a closed car system. That’s why some car experts argue that the future of cars still lies in a closed car system. In this system, the vehicle is locked down with the company that manufactured it. Knowing the leading car manufacturers, they are trusted, well-funded and also well-researched. Allowing them to have full control over the cars that they produce and offer to market, when they make upgrades and to what extent those upgrades are made gives them sole accountability on the matter. What that means for drivers is that your car will most likely be just a car, which is an OEM’s expertise, rather than a fully functional computer within a car.

What a closed car system cannot give drivers, though, is complete freedom when it comes to updating the system of their cars. Because that’s where the trend is going now – users have the power to add in features and upgrades they want, the future of cars will most likely be headed that direction as well.




Qualified IT Security Professionals Needed – IT Security Certifications can help

With IT security threats increasing and the number of qualified IT security personnel decreasing, organizations, both public and private, are facing a serious problem. Countless organizations are realizing they need more IT security man power to handle the growing number of threats that can harm their business and their valued customers. The small number of IT security staff is just not cutting it these days, and because of this, IT security is the fastest growing field in IT. Data from Indeed, a popular job site, showed help ads for security professionals increased by 100% during the past five years.  So do you think investing in IT security education is a good idea right now? I would think yes! Not only would a career in IT security provide job security, but the pay isn’t too shabby either. The average salary of a Security Specialist or Network Administrator is almost $94,000. Be the solution organizations are looking for by getting qualified in IT security.

Getting qualified for an IT Security Career

Pursuing a career in IT security is an excellent path to travel down, when deciding how you want to create job and financial stability. So where should you begin? There are several ways that you can build your resume to showcase your IT security skills. What can you do to land the security job you are looking for? What will help you stand out from the group?

1)      Know IT Security – Be knowledgeable on the subject. Read about IT security news and events both historical and current. Follow the trending topics. There are plenty out there, as you can’t turn on the TV without hearing about some IT security threat. These threats are even making great story plots for Hollywood.

2)      Obtain Security Certifications – Having a solid foundation, understanding, and skillset is also crucial to successful deployment of IT security practices. It’s these skills that save organizations money and hassles, and also give them peace of mind. Certification and specialized training are excellent ways to get those skills and build the knowledge of a highly respected IT security professional. There are various certifications you can get, which we will discuss in more detail.

3)      Hands-On Experience – Set-up your own “working lab”. Take things apart, and put them back together. Hack into your system, and then create security features to prevent those break ins. Hands-on experience is always best. Experience allows you to put your skills and knowledge to use. Get in an entry-level position as soon as possible, or volunteer. Experience is developed by working through the problems.

Security Certifications

When it comes to IT security there are several certifications that are worth looking into and obtaining. Depending on your level of IT experience, you will want to start with more entry-level certifications, and build up to the more advanced ones as you feel more comfortable, gain more experience, and are ready to advance your IT security career.

CompTIA Security+

CompTIA Security+ is an international, vendor-neutral certification. It is an entry/foundation –level certification that demonstrates competency in:

  • Network security
  • Compliance and operational security
  • Threats and vulnerabilities
  • Application, data and host security
  • Access control and identity management
  • Cryptography

CompTIA Security+ not only ensures that candidates will apply knowledge of security concepts, tools, and procedures to react to security incidents; it       ensures that security personnel are anticipating security risks and guarding against them. Candidate job roles include security architect, security engineer, security consultant/specialist, information assurance technician, security administrator, systems administrator, and network administrator. Kick start your IT security career – start training for your CompTIA Security+ certification.

Certified Ethical Hacker (CEH)

Certified ethical hackers aka “Whitehats” are those highly skilled IT professionals that have the ability to beat hackers at their own game by uncovering systems’ weaknesses and vulnerabilities. By revealing these vulnerabilities and identifying the access points, these can be addressed before the “bad guys” have the opportunity to penetrate the system and create havoc on the company as well as its customers. The CEH credential is an intermediate certification, and demonstrates competency in:

  • foot-printing and reconnaissance,
  • scanning networks, enumeration
  • system hacking
  • Trojans
  • worms and viruses
  • sniffers
  • denial of service attacks
  • social engineering
  • session hijacking
  • hacking webservers, wireless networks and web applications
  • SQL injection
  • Cryptography
  • penetration testing
  • and evading IDS, firewalls, and honeypots

Those with a CEH certification are good candidates for the following positions: Network Testing, Systems Analyst Specialist, Information Technology Security Specialist, IT Vulnerability Specialist, and Tester/Ethical Hacker. To kick-off your IT security career, and start training for your Certified Ethical Hacker certification click here.

Certified Information Systems Security Professional (CISSP)

For those IT professionals that are serious about a career in IT security the Certified Information Systems Security Professional (CISSP) is a must. These IT professionals possess expert knowledge and technical skills necessary to develop, guide, and then manage security standards, policies, and procedures within their organizations. This is an advanced vendor-neutral IT security credential that is recognized world-wide, and demonstrates competency in:

  • Access Control
  • Application Development Security
  • Business Continuity and Disaster Recovery Planning
  • Cryptography
  • Information Security Governance and Risk Management
  • Legal Regulations
  • Compliance and Investigations
  • Operations Security
  • Physical Environmental Security
  • Security Architecture and Design and Telecommunications and Network Security

The CISSP certification is meant for experienced IT professionals and offers three concentrations for targeted areas:

  • CISSP Architecture
  • Engineering
  • Management

Those with a CISSP certification are good candidates for the following positions: Senior Analyst, IT Security Threat & Vulnerability Director, Principal Security Strategist, and Network Engineer. To advance your career in IT security, start training for your Certified Information System Security Professional (CISSP) certification.

Certified Penetration Testing Engineer (CPTE)

Another certification based around ethical hacking, Certified Penetration Engineer (CPTE) specializes in penetrating systems – they learn how to locate a system’s vulnerabilities and exploit a system’s weakness, which allows them to create safeguards against the real threats. The CPTE certification demonstrates competence in several area of penetration testing:

  • Information Gathering
  • Scanning
  • Enumeration
  • Exploitation
  • Reporting

Through utilizing and mastering these important techniques, penetration engineers are able to discover the latest vulnerabilities, threats, and techniques blackhat hackers are using today. To build a career with a focus penetration testing, start training for your Certified Penetration Testing Engineer (CPTE) certification..

Job Security through IT Security

IT Security threats are everyday occurrences that organizations world-wide, both private and public, need to be aware of and face head-on. They need to be pro-active in preventing breaches and penetration of their valuable and confidential systems. These are real threats that can be devastating to any organization, big or small. This is the reason the need for IT security professionals is increasing on a daily basis, with no sign of slowing. The world needs more, many more, qualified IT professionals to handle the growing threat. Get knowledgeable in the IT security world. Know the threats that are out there. Even better, get certified! Contact TechSherpas to start your journey of a successful career in IT security.