The week in security: SOC stress is driving employees away

There were concerns about device security after attacks on a range of network-storage devices saw demands for ransom under threat of wiping the devices.

Government CSOs in the US were moving quickly to reevaluate their defences after a Department of Homeland Security edict to improve their protections against a potentially crippling ransomware attack.

A security breach at the NAB sent the bank’s response team into action, with more than 13,000 customers’ details involved.

In managing problems like that, no wonder working in a security operations centre (SOC) is so stressful that around two-thirds of employees want to leave their jobs – creating new challenges for CSOs already struggling to build out and maintain enough cybersecurity staff to man their defences.

Of course, each week is bringing new reports of use – and abuse – of data-analytics techniques applied to personal information, with many going well beyond what users are ready to accept.

Users aren’t always helping the situation either – but a new analysis of live end-user cybersecurity training shed some light on the areas where users are really struggling to improve their knowledge and practices.

Meanwhile, Cisco paid $US8.6m ($A12.44m) to settle a lawsuit over selling equipment with known flaws.

Google was defending itself from criticism for revealing new zero-day vulnerabilities 90 days after notifying the developers in question, noting that 97.5 percent of the bugs it revealed were fixed before that deadline.

Copyright © 2019 IDG Communications, Inc.

The 10 most powerful cybersecurity companies