November 10 2020 | ~2 min read
November 4 2020 | ~2 min read
November 3 2020 | ~3 min read
October 22 2020 | ~3 min read
State Government Training: Supporting Citizens Starts with a Strong Cyber Team
October 2 2020 | ~5 min read
State government organizations (and the departments within) have a lot to focus on. From public health and safety to transportation to education and the environment, state government departments own and process a lot of data, making each division particularly vulnerable to cyber-attacks. This poses a significant risk since the primary role of state government is to support its citizens through these varying departmental services. With so much sensitive data housed in each department within each state government organization, threats like ransomware and phishing are on the rise since hackers know how to manipulate and exploit state government networks, some of which can be running on legacy systems or managed without all the resources desired to do so effectively. Ensuring state government departments and the cyber professionals employed there have the skills they need to protect all this data requires these organizations to assess its cyber readiness—and it can start with better cyber training.
Celebrate National Cyber Security Awareness Month (and Beyond!)
September 28 2020 | ~4 min read
Every fall, businesses and organizations direct their attention to participate in National Cyber Security Awareness Month, which has taken place every October for the past 17 years under leadership from the U.S. Department of Homeland Security and National Cyber Security Alliance. It’s an important time to reflect on how cyber security impacts our lives both personally and professionally, as well as from business and operational perspectives. It’s also a time to take action, to intentionally alter behavior to improve your cyber security practices and behaviors for the better. What’s unique about this year is the level of attention cyber security is garnering, primarily because of how much our professional working environments have shifted due to the pandemic and requirements to work remotely have increased; the result has been heightened concerns for cyber safety and best practices to protect organizations.
This year, Circadence is extending its motto of ‘cyber security for all’ by focusing on the value of cyber education and training at the core of that philosophy.
Breaking Through the National Guard Cyber Training Backlog with Hands-On, Cloud-Based Learning and Practice
September 23 2020 | ~3 min read
Between the current nationwide pandemic and the election, cybercrime is on the rise and is expected to grow even more this year. A recent report in Cybersecurity Ventures predicts cybercrime damages will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. Cyberattacks are the fastest growing crime in the U.S., and they are increasing in size, sophistication, and cost. With current events and expected growth in cybercrime impacting national security, domestic and federal cyber operators with the National Guard require ‘always available’ training to prepare for the challenges ahead.
Workforce Development Professionals: Use Cyber Training to Meet Client's Talent and Readiness Needs
September 16 2020 | ~7 min read
In honor of Workforce Development Professionals Month in September, we want to recognize the hard work that workforce development professionals are doing to help companies and organizations keep talent pipelines full with qualified candidates. In the context of cyber training and education, perhaps now more than ever, it’s important to understand the value of hands-on cyber training solutions for companies actively seeking to fill cyber security job positions in their respective departments.
Resource Roundup: Remote Teaching Resources for Educators
September 10 2020 | ~3 min read
The school term is back in session, but it certainly looks a lot different than year’s past with COVID-19 requiring more remote/hybrid learning environments for the academic community. The shift to remote teaching and distance learning is not only impactful for students and families, but perhaps equally significant for today’s educators who need innovative ways to keep standards of learning high while being amenable to environmental shifts that can impact learning outcomes (not to mention affecting instruction and course delivery). We’ve compiled our top list of remote teaching resources to help educators (either high school, collegiate, or trade/alternative school) navigate these tough teaching circumstances.
Living our Mission: Project Ares Product Updates, Summer 2020
September 8 2020 | ~7 min read
Summer 2020 was a busy time for Circadence. We recently launched a redesigned website at www.circadence.com and deployed enhancements to our flagship cyber learning platform, Project Ares. The refreshed web look and feel and product updates inspired a revitalized mission statement.
To Buy or to Build a Cyber Range? That is the Question!
September 3 2020 | ~4 min read
Distance learning is likely here to stay yet today’s cyber educators still need to find ways to meaningfully connect with their students during these socially-distant times. Cyber educators can effectively enrich student remote learning with hands-on cyber ranges. To actualize these goals to create immersive, engaging learning environments, educators must decide whether to build or buy a cyber range—yet it can be a significant decision to weigh by yourself.
Cybersecurity Education: 7 Tips for Creating a Successful Career Pathway
August 19 2020 | ~6 min read
The reality is self-evident: exponential advances in technology, the escalating complexity of systems, society’s increasing reliance on digital devices to manage daily tasks, and the global rise of significant threats posed by malicious actors ensures cybersecurity is here to stay.
How Cyber Professionals Can Adapt to Shifts to the Cloud
August 17 2020 | ~2 min read
If your SOC team is gearing up for a shift to the cloud in any capacity, it’s going to require a new way to think about and deploy cyber security practices. Securing physical data takes on whole new meaning when transferred to the cloud and IT professionals need to understand what the cloud IS, how it is structured, and the impacts to day-to-day cyber security roles and responsibilities.
Transforming Distance Learning: Technology and Tools for Today's Educators
August 5 2020 | ~4 min read
From pre-school to Ph.D. programs, education is undergoing a sea-change. Due to the immediacy of pandemic defense, it was necessary to jump into online meeting apps in March 2020 for everything from storytime with the librarian to class lectures to dissertation defense. But the experiences of the last few months have shown us that ‘distance learning’ must continue to evolve to be more intuitive, more engaging, and more accessible for instructors and students across the education spectrum.
Starting a Cyber Security Career: a Presentation for Summer Discovery
July 28 2020 | ~2 min read
Our VP of Strategy Josh Selfe recently presented to a cohort of students from the Summer Discovery program online. With more than 500,000+ cyber security job openings across the U.S. today (CyberSeek.org) and only 3% of bachelor’s degree graduates have cyber-related skills, there is a clear need to communicate the routes to starting a cyber security career path to today’ students.
Cyber Security Learning During the Pandemic with Online Cyber Range Training and Digital Networking
July 21 2020 | ~5 min read
We’re living and working in a virtual world these days since the pandemic halted the traditional and routine in-person activity. For cyber professionals, you may feel challenged more than ever to work and learn about cyber security remotely. Yet those challenges shouldn’t stall your ability to learn and build skills. Learning can happen anywhere…and as we’ve all experienced, out of times of chaos and uncertainty, can emerge opportunity. Cyber security professionals: There’s never been a more ideal time to advance in the cyber security profession than now.
Real World Cyber Security Experience: From Learning to Earning
July 6 2020 | ~3 min read
Real world, experiential learning helps students develop knowledge, skills, and abilities that they can take directly from the classroom to the workplace.
3 Ways Tech Companies Can Improve the Talent Acquisition Process
June 23 2020 | ~7 min read
It’s reasonable to correlate the quality of the talent acquisition process to the quality of employees in the company– which is tied to the success of the company. Yet, there is currently a shortage of qualified experts in field of cyber security and there has been for quite some time. And while tech companies have pulled back the reins on hiring tech talent due to the economic consequences of the coronavirus outbreak, reports CBNC, more emphasis is being placed on preserving team member jobs and revitalizing the hiring process as we all prepare to re-open and heal. Out of the chaos of recent events comes opportunity and tech companies are showing more resilience than ever as tech leaders identify pragmatic ways to staff up. We’ve got three foundational tips to help hiring managers and senior cyber security / IT leaders fill their cyber talent and candidate pools with qualified professionals who not only look good on paper, but can demonstrate their qualifications.
How person-centered cyber training supports threat prevention in financial companies
June 16 2020 | ~4 min read
Cyber security threats and preventive measures go hand-in-hand. Yet cybercrime continues to impose threats on the financial industry. Financial services firms are 300 times as likely as other companies to be targeted by a cyberattack,” according to a report by the Boston Consulting Group. These threats can arise at any time and occur through various sources (external sources such as hackers, and internal sources such as staff members and contracted employees). Some financial companies have developed action plans with steps to take if a cyber-attack strikes, but cyber security best practices also includes establishing and initiating threat prevention methods. One example of a threat prevention method is person-centered cyber training.
Living our Mission: Circadence Collaborates with Academia and Army to Support Cyber Range Virtual Environment Replication and Construction with N/CRAF
June 12 2020 | ~4 min read
Circadence announced in May 2020 the latest development of an automated network mapping tool for IT use, based on collaborative work with Mississippi State University engineers and researchers. Circadence has had a six-year partnership with the university and the Threat Systems Management Office of Redstone Arsenal (TSMO) and has worked on several projects over the years to solve challenges related to National Defense. We sat down with two of our Circadence personnel: Dwayne Cole, the JMN NOSC (Network Operation and Security Center) Operations Manager and Craig Greenwood, Project Manager with Opposition Force/Advanced Red Team Intrusion Capabilities to understand more about the tool and learn about the benefits it provides to the technology community at large.
Transform Fall Cyber Security Classes with Hands-On Learning
May 29 2020 | ~1 min read
As educators blend classroom and online learning for safe fall course experiences, Project Ares helps get the balance right for teaching cyber security. Whether instructing cyber security courses remotely or in-person, Information Security and Cyber Security educators must make learning engaging and relevant to best prepare students for careers in the field. Circadence can help educators transform existing cyber security curriculum to support teaching challenges with the Project Ares online learning tool.
Prioritizing risk mitigation for your financial services company
May 29 2020 | ~1 min read
Financial services companies and departments are experiencing increased cyber-attacks, leaving their data and personnel at high risk. Mitigate risk using Project Ares to train professionals persistently and hands-on manner to stop threats coming into the company purview.
An Educator’s Perspective: The Impacts of Distance Learning and Teaching, a Q&A with Dr. Bradley Hayes
May 19 2020 | ~8 min read
We are continuously reminded of the stark reality that higher education teaching and learning is indeed different today than it was a few months ago. Since Circadence is committed to cyber security education and training, we try to stay on top of the latest developments with distance learning so that we can think through how to keep supporting cyber and information security teachers during this unprecedented pandemic time. We often hear from higher education partners and customers how much of a challenge distance learning and teaching can be, so we sat down with our own Dr. Bradley Hayes to hear firsthand what his experience has been like. Brad is the Chief Technology Officer at Circadence, and Assistant Professor in the College of Engineering and Applied Science, Director of the Collaborative AI and Robotics Lab at the University of Colorado, Boulder. We also solicited the perspectives of several other higher education teachers who were willing to share their thoughts on the challenges and opportunities to adapt to this ‘new normal’ of teaching and learning.
Distance Learning and Teaching for Cyber Security Programs
May 11 2020 | ~6 min read
Practically overnight distance learning has become the ‘new norm’ for academic institutions. Educators worldwide are figuring out what Emergency Remote Teaching (ERT) means for their specific courses and subject matter for summer term and likely fall term 2020. And while the immediate remote learning requirements for pandemic mitigation will eventually recede, there is a growing awareness that online and blended learning options in Higher Education curriculum will likely be a strategic part of the post-pandemic norm.
Cyber Security and Risk Mitigation Go Hand in Hand
May 4 2020 | ~4 min read
Cyber Risk means different things to different people in an organization. Deloitte distinguishes it well: A CEO might worry about the expected financial loss related to cyber risk exposure; while the CFO is challenged to show the value of security while managing the associated costs. The CMO might worry about the impact to the brand if a breach to the company occurs; while the CISO is thinking about which key initiatives to prioritize to maximize risk buy down. But one thing that savvy executives agree on is that cyber security is a business risk that should be included in corporate risk mitigation strategy and processes.
Why Cyber Risk Mitigation is a Priority for Finance Leaders
April 15 2020 | ~5 min read
The role of the CFO is evolving. Whether at a bank or credit union, today’s finance leaders wear many hats. One of which is a cyber security ‘hat’. Constant breaches within financial institutions warrant such a ‘wardrobe’. Insider threats are growing, outside adversaries are multiplying at rapid pace, and attacks on financial departments and companies are ever-increasing. Unfortunately, classic security controls like firewalls and antivirus are easily compromised as attackers become more sophisticated.
Cyber Ranges and How They Improve Security Training
March 30 2020 | ~9 min read
Cyber ranges were initially developed by government agencies looking to better train their cyber operators on new skills and techniques. To do this, a physical range or ranges were installed on-premise. Cyber range providers built representations of actual networks, systems, and tools that helped cyber professionals safely train in virtual, secure environments without compromising the agency’s operational network infrastructure.
Gamification for the Greater Good: Why We Need More Diverse Learning Approaches for the Workforce
February 18 2020 | ~12 min read
“Gamification” is a term that has been popularized by the modern cultural and consumer demand of video games. It is the application of design elements (e.g. leaderboards, scoring, points) to an activity or set of activities, made popular by video games. Today, it has made its way into software programs as a way to increase engagement and productivity. Yet when we think about gamification today, we don’t generally think of its application in educational settings, let alone in the business world. After all, when was the last time Ubisoft had a press conference about how gamified Assassin’s Creed is? So what are we talking about? We’re talking about the challenge of engaging adults in professional training and development while being sensitive to their learning preferences. The reality is, it’s hard to get adult learners excited to go back to the classroom to learn something for their job. But there exists a potential for gamification to lower the barriers to learning for adults. Today’s professionals are a prime target for using gamification in a more meaningful way—to break through the “sheer fun and games” if you will, and leverage gamified elements for a greater, more significant purpose. Gamification is really all about education, and it’s alleviating the age-old struggle of how to teach effectively and remain relevant.
Top Tax Season Scams and How to Avoid Them
February 18 2020 | ~3 min read
Doing taxes can be stressful enough without worrying that your sensitive information may fall into the wrong hands. With more and more taxpayers doing their taxes online, having awareness of potential threats is the first step in practicing cyber safety this tax season. Here are 4 of the most popular tax scams used by hackers each year to be on the lookout for:
Things to do at RSA 2020
February 11 2020 | ~5 min read
This year’s RSA Conference is sure to be chock–full of exciting innovations, new technology, and swag galore. As much as we love the excitement of being on the expo floor, it’s always a good idea to take time to explore the conference, meet new people, and unwind with a few good colleagues or newfound friends. This list of networking gatherings and affiliate events will help you make the most out of your RSA experience!
Living Our Mission Blog Series:Early Aspirations in Technology Become a Reality for Circadence's Paul Ellis
January 28 2020 | ~6 min read
Early Aspirations in Technology Become a Reality for Circadence’s Paul Ellis
Living Our Mission: Building a Roadmap to Bring Product Vision to Reality with Circadence's Raj Kutty
January 20 2020 | ~4 min read
This installment of the “Living our Mission” blog series features Circadence’s Rajani “Raj” Kutty, Senior Product Manager.
Microsoft Security Blog: Rethinking cyber scenarios—learning (and training) as you defend
January 14 2020 | ~1 min read
In this third and final post in the series, Microsoft’s Mark McIntyre addresses more advanced SecOps scenarios that an experienced cyber practitioner would be concerned with understanding.
New Year, New Threats: Top Cyber Threats Anticipated to Hit Big in 2020 for Enterprise Companies
January 13 2020 | ~4 min read
As we enter the New Year, one thing is certain: cyber attacks aren’t going anywhere. Enterprise companies have been tasked with defending their networks from unyielding cyber crooks who want a piece of the pie for themselves. What’s on the horizon for enterprise security threats in 2020? We’ve got a few predictions.
The Future of Finance Cyber Security in 2020
January 6 2020 | ~3 min read
Cyber attacks seem to grow more sophisticated and menacing with each passing year. No industry understands this better than finance, as their enormous stores of cash and sensitive data make them a prime target for hackers year-round. Let’s look ahead at four trends that are likely to play a role in 2020’s biggest banking hacks and share how we can help harden financial services firm’s security posture to prevent attacks.
Living our Mission: Project Ares Takes Full Flight with Cloud-Native Architecture
December 19 2019 | ~6 min read
According to CIO magazine, about 96% of organizations use cloud services in one way or another. In partnership with Microsoft, we are proud to announce that Circadence has redesigned its Project Ares cyber learning platform to fully leverage a cloud-native design on Microsoft Azure. This new, flexible architecture improves cyber training to be even more customized, scalable, accessible, and relevant for today’s professionals.
Holiday Hacks in the Financial Sector: What You Need to Know to Stop “Grinches” during the Holiday Season
December 18 2019 | ~6 min read
Not everyone gets into the holiday spirit, but whether or not your stockings are hung by the chimney with care, there are real world cyber grinches out there looking to steal holiday joy and sensitive data. The Financial Sector in particular is a high-profile target for hackers in the cyber industry year-round but the holiday season has historically attracted a larger quantity of cyber criminals who conduct attacks designed to steal money, social security numbers, addresses, and other sensitive information. The volume of e-commerce and e-banking transactions that occur during the holiday season provide ample opportunities for hostile actors to exploit financial institution networks. Specifically, “attacks on SWIFT—the leading global network for money and security transfers—alone cost $1.8 billion year-to-date” Forbes reports. To understand just how vulnerable banking and financial organizations are, let’s review the attacks that financial cyber teams should look out for and then discuss systemic solutions to safeguard finance networks, companies, and their stakeholders.
Living Our Mission Blog Series: Cyber Security + Teaching = the Perfect Match for Developing Cyber Curriculum in Project Ares for Circadence's Megan Daudelin
December 16 2019 | ~5 min read
Ever wondered about the people behind Project Ares’ development? How does Circadence identify and develop learning curriculum material to benefit today’s cyber professionals? The crux of the strategy stems from the talents within our own Circadence family and is the driving force behind this “Living our Mission” article. We are sharing the unique talents of Megan Daudelin, Team Lead of Curriculum Development for our flagship gamified learning platform, Project Ares. While one might expect that a cyber background is critical to any tech-focused role in a security company, Megan would argue that having a strong understanding of learning theories, experience teaching cyber subjects, and placing oneself in the customer’s shoes equally weigh in importance to successfully build rich cyber curriculum into our products.
Living our Mission Blog Series: Connecting the Dots – Academic Virtual Labs, Microsoft Ignite, and Battle Room Design from Circadence's Matt Surprenant
December 11 2019 | ~6 min read
After serving in the Coast Guard and learning IT, Matt Surprenant applied his technical abilities to the academic community, building out cyber ranges for students to practice their tradecraft in virtual environments. Managing virtual labs for 250-500 students wasn’t an easy job by any means, but it certainly gave him invaluable insight into how learning occurs to best train today’s cyber enthusiasts (tomorrow’s frontline defenders).
Predictions for Cyber Security in 2020
December 3 2019 | ~7 min read
The dynamic world of cyber security is prompting a new shift in focus for security execs and frontline defenders as we head into a new year in 2020. Given the rapid pace by which enterprises have adopted Cloud computing services to improve operations, the frequency of threats and attack methods, and the widening skills gap facing many industries, we expect 2020 will finally be the Year of Preparedness & Cyber Proactivity—from the CISO, to the Director of Risk Management, to the Network Analyst professional—and we’ll tell you why.
Rethinking cyber learning—consider gamification
November 26 2019 | ~1 min read
This post originally appeared on Microsoft’s Security Blog, authored by Mark McIntyre, Executive Security Advisor, Enterprise Cybersecurity Group
Cyber Monday and Black Friday Cyber Security Safety Tips to Prevent Holiday Hacks
November 25 2019 | ~5 min read
If you’re anything like me, you get really excited when the holidays roll around. The music is cheerful (the Hallmark Channel is on 24/7–high five!), the fireplace is roaring, and I can curl up with my blanket and mobile phone to SHOP ONLINE (of course). Ah, the spirit of the holidays…But the bah humbug part about the scene I’ve just set, is I’m not the only one feeling “festive.” Cybercriminals LOVE when surges in online shopping occur because people are looking for the best deals on gifts, bargain hunting, and planning for the biggest online shopping days of the year: Black Friday and Cyber Monday. This means adversaries can more easily manipulate our holiday spirits with cyberattack methods like phishing and social engineering, credit card fraud, and more.
Living our Mission Blog Series: How Tony Hammerling, Curriculum Developer, Orchestrates a Symphony of Cyber Learning at Circadence
November 19 2019 | ~4 min read
Circadence’s Curriculum Developer Tony Hammerling wasn’t always interested in a career in cyber—but he was certainly made for it. In fact, he initially wanted to be a musician! While his musical talents didn’t pan out for him early in his career, he quickly learned how to create unique harmonies using computers instead of instruments…After joining the Navy in 1995 as a Cryptologist and Morse Code operator, he transitioned to a Cryptologic Technician Networks professional where he performed network analysis and social network/persona analysis. It was there he learned more offensive and defensive strategies pertinent to cyber security and was introduced to network types and communication patterns. He moved to Maryland to do offensive analysis and then retired in Pensacola, Florida. The world of cyber grew on Tony and he enjoyed the digital accompaniment of the work it offered.
8 Tips to Keep Your Small Business Cyber Safe this Holiday Season
November 14 2019 | ~5 min read
The holiday season is a time of giving, however, for hackers it can be a time of swindling. We are all susceptible to cyberattacks, but small businesses can hurt the most from the fall out. With limited staff numbers, small IT departments (if any at all), and no money allocated toward remediation, it is of the utmost importance to protect your small business, especially over the holidays. So, what can you do to protect yourself?
Operation Gratitude: 5 Reasons to Give Thanks for Cyber Security
November 12 2019 | ~4 min read
With daily breaches impacting business operations and security, it’s easy to forget about the good ways that cyber security keeps us safe behind the scenes. This holiday season, we’re giving thanks to cyber security and all that it does to make our lives easier and more secure with what we’re calling Operation Gratitude (inspired by our Project Ares missions, uniquely titled “Operation Goatherd” or “Operation Desert Whale”). #OperationGratitude is a rally cry for security professionals and business leaders to remember the positive aspects of cyber security and share those positive thoughts with each other. Too often we live in fear from cyber attacks and persistent threats, and while, there is always cause for concern, we must remember how advances in the field have equally made aspects of our digital life easier. We’re thankful for these advances in cyber security:
What you need to know about a cyber security career path
November 5 2019 | ~5 min read
Getting a job in cyber security doesn’t have to be an intimidating process. If you haven’t been taught the basics and/or are looking to change careers for something different, launching a cyber security career can start with basic learnings that lead to more formal training, certifications, and skills development. And there are several online resources for developing security competencies that are free or at a minimal cost. These resources can be complemented with cyber range training to expedite learning to land the cyber security job you want.”
Will Artificial Intelligence Replace Cyber Security Jobs?
October 29 2019 | ~3 min read
The cyber security workforce gap continues to grow, and the availability of qualified cyber professionals is predicted to decrease in the coming years. In fact, a Cyber Security Workforce Study from the International Information System Security Certification Consortium predicts a shortfall of 1.8 million in the cyber workforce by 2022. Some resources even claim upwards of a 3.5 million worker shortfall within the next two years. While this can feel like impending doom and gloom for the industry, AI, or artificial intelligence, can help to quell the concerns while empowering existing cyber workers.
Why Cybersecurity is Important for Higher Education Institutions
October 22 2019 | ~4 min read
It might surprise you to know that the education industry is a prime target for malicious hackers. While threats in this sector are on the rise, many education institutions are not prepared for a cyber attack nor do they know how to recover from one. In fact, there were 122 cyber attacks last year at 119 K-12 public education institutions, averaging out to an attack every three days. A 2018 Education Cyber Security Report published by SecurityScorecard also found that of 17 industries, the education sector ranked dead last in total cyber security safety. Schools are leaving themselves open to student and faculty identity theft, stolen intellectual property, and extremely high cost data breach reconciliation. In fact, a study done by the Ponemon Institute shows the average cost of a data breach in the education sector is $141 per record leaked.
Trick or Cyber Treat? How Quickly Hackers Use Your Information
October 17 2019 | ~3 min read
We’re getting in the Halloween spirit (with a cyber security spin of course)! We started wondering about the mysterious (or not-so-mysterious) world of hacking. We wondered just how frightfully easy it might be to gather intel from social platforms with minimal prerequisite knowledge.
Living our Mission Blog Series: Programming Innovation in Orion, Thanks to Raeschel Reed, Circadence Software Engineer
October 16 2019 | ~2 min read
There’s never a dull moment at work for Circadence Software Engineer Raeschel Reed. Between learning ways to use new technology, improving coding techniques, and operationalizing cyber innovations, Raeschel is a critical part to the success of the company’s product suite.
Living our Mission Blog Series: Hitting a Home Run with Circadence's Security Management, thanks to TS Reed, Cybersecurity Engineer
October 10 2019 | ~4 min read
The journey to cybersecurity engineer has been an exciting one for Circadence’s TS Reed. The former baseball pro turned security tech expert found his passion for problem solving at Circadence. After completing an undergraduate degree in criminology at Cal State Northridge, he pursued a master’s degree in mechanical engineering at CSUN and then a master’s in cybersecurity engineering from the University of San Diego.
Living our Mission Blog Series: Supporting Cyber Red Teams, with Consultations and Pen Testing from Josiah Bryan
October 8 2019 | ~3 min read
While Circadence is proud to be a pioneer that has developed innovative cyber learning products to strengthen readiness at all levels of business, there’s one professional area at Circadence that doesn’t tend to get the limelight, until now. Meet Josiah Bryan, principle Security Architect for Circadence’s security consultation services, aptly called Advanced Red Team Intrusion Capabilities (ARTIC for short). For almost two years, Josiah has provided support and services to Red Teams around the country, those leading-edge professionals who test and challenge the security readiness of a system by assuming adversarial roles and hacker points of view.
How to stay safe from social engineering attacks
October 3 2019 | ~6 min read
What is social engineering and why does it matter? In the context of information security, it is a hacking tactic designed to psychologically manipulate or “trick” a person into performing actions or divulging confidential information. Social engineering threats are a wildly popular way for cybercriminals to get access to money or damage a company’s reputation. In fact, social engineering attack statistics in the past year are daunting. In 2018, more than 17% of workers fell victim to social engineering attacks, according to InfoSecurity Magazine. This is problematic, as you can imagine because it disempowers people who place their trust in digital communications and leaves them feeling scared to engage with anyone online (especially if they’ve fallen victim to an attack already). Likewise, the propensity of workers who fall for these attacks tells cyber professionals that more needs to be done to: 1) educate people on what social engineering is, 2) how it manifests and impacts your personal life, and 3) the effects it can have on companies whose workers succumb to the attacks. In this article, we will discuss ways to recognize social engineering in your digital life and how to increase your cyber security awareness for these types of attacks using…games (yes, games!). More to come on that later.
Exclaim “Cyber for All!” During National Cyber Security Awareness Month
October 1 2019 | ~7 min read
Happy National Cyber Security Awareness Month! We all know that cyber security isn’t just a month-long focus area for businesses and individuals—but this month, we are grateful for the collaborative effort between government entity Department of Homeland Security and the National Cyber Security Alliance that together, place a lens on cyber (as an industry, strategy, and operation). It reminds us that the industry is ever-evolving and impacts each of us. It is not an isolated moment in time (despite the month-long focus), nor is it targeted to a specific industry or professional. Breaches continue to damage businesses and the discussion about the cyber talent “gap” forges on in conversations. As the world draws its attention around cyber in October and the industry evolves to better serve today’s professionals and businesses, we wanted to communicate the critical idea that cyber really IS for all as we strive to make cyber awareness learning accessible, intentional, and effective.
Why Alternatives to Traditional Cyber Training Are Needed Immediately
September 24 2019 | ~6 min read
Are you looking for a more effective, cost-conscious cyber training tool that actually teaches competencies and cyber skills? We’ve been there. Let us share our perspective on the top cyber training alternatives to complement or supplement your organization’s current training efforts.
Help Wanted: Combating the Cyber Skills Gap
September 18 2019 | ~6 min read
Recent news headlines frequently communicate about the massive cyber security skills shortage in the industry so we wanted to dig deeper into this phenomenon to find out why there’s a cyber security talent gap and what can be done about it. Cyberattacks are permeating every commercial and government sector out there yet industry and analyst reports indicate there isn’t a large enough talent pool of defenders to keep pace with evolving threats. When data is compromised and there aren’t enough cyber security staff to secure the front lines, we ALL are at risk of identity theft, monetary losses, reputational damage, fines, and operational disruption. cy
Living Our Mission: Embracing the Art of Gamification with Hector Robles, Lead Game Designer at Circadence
September 17 2019 | ~6 min read
If there’s anyone who truly embodies the art of gamification, Hector Robles name just might top that list. As a lead game designer at Circadence, Hector works closely with the company’s content and curriculum departments to take complex cyber concepts and learning paths and artistically weaving them into fun cyber games that make learning desirable.
Living Our Mission Blog Series: Building Hyper-Scalable Cyber Training Experiences with Randy Thornton, Enterprise Architect at Circadence
September 9 2019 | ~4 min read
A newly minted Engineering Fellow, Randy Thornton has dedicated his craft to software development for over 30 years. His passion for learning and using new technologies is evident in Circadence’s cyber range platform, Project AresÒ.
Living Our Mission: Learning is Built into Project Ares, Thanks to Victoria Bowen, Instructional Designer at Circadence
September 4 2019 | ~5 min read
Victoria Bowen has worked in the instructional design field for about 35 years – primarily developing e-learning with a smattering of web development, SharePoint development, and Learning Management System administration. She holds an undergrad degree is in psychology, a master’s in special education, and doctorate in curriculum, instruction, and supervision with emphasis on instructional design. What that means is that she knows how people learn and what aids and interferes with learning in training products. Victoria worked an IT security services company and then transitioned to a training role with the Air Force’s Cyberspace Vulnerability Assessment/Hunter (CVAH) weapon system. “I was responsible for the training database and the app store for several versions of CVAH. I also developed user guides and training materials,” she said. Victoria served in that role for about nine months before joining the Circadence team.
Living our Mission: Creating Authentic Cyber Training and Learning Environments Inspired by Real-World Experience: Todd Humes, Sr. Mission Designer
August 19 2019 | ~3 min read
Bringing his Air Force and military security engineering background to use, Senior Mission Designer Todd Humes understands what it takes to defend networks from adversaries. Prior to Circadence, he served in various government security roles including as a Systems Security Engineer and Systems Administrator and on the commercial side as a Director of Network Defense Operations at a Managed Security Service Provider. He noticed a gap in commercial cyber training and readiness that eventually lead him to Circadence.
Cyber Security and the Baby Boomer, Gen X Populations
August 13 2019 | ~4 min read
We all have someone in our lives who isn’t tech-savvy. They don’t know how to convert a word doc into a PDF, or they try to do a Google search on Facebook, or they seem to struggle with the ‘simple’ act of text messaging. These are not uncommon missteps when using smart devices for people who didn’t grow up with Siri ® (let alone the Internet!) at their fingertips. While these mistakes seem harmless or even comical at times, there can be much more serious cyber security consequences.
DeepFake: The Deeply Disturbing Implications Behind This New Technology
August 5 2019 | ~5 min read
DeepFake is a term you may have heard lately. The term is a combination of “deep learning” and “fake news”. Deep learning is a class of machine learning algorithms that impact image processing, and fake news is just that – deliberate misinformation spread through news outlets or social media. Essentially, DeepFake is a process by which anyone can create audio and/or video of real people saying and doing things they never said or did. One can imagine immediately why this is a cause for concern from a security perspective.
When cyber security meets machine learning
July 30 2019 | ~3 min read
What happens when cyber security and machine learning work together? The results are pretty positive. Many technologies are leveraging machine learning in cyber security functions nowadays in order to automate and augment their cyber workforce. How? Most recently in training and skill building.
How Cyber Security Can Be Improved
July 22 2019 | ~7 min read
Every day we get more interconnected and that naturally widens the threat surface for cybercriminals. In order to protect vulnerabilities and keep pace with hacker methods, security – and non-security professionals must understand how to protect themselves (and their companies). And that involves looking for new ways to improve cyber security. To start, we believe cyber security can be improved by focusing on three areas: enterprise-wide cyber awareness programs, within cyber teams via persistent training, and in communication between the C-suite and the CISO. Check out our recommendations below and if you have a strategy that worked to improve cyber security in your company or organization, we’d love to hear about it.
Living our Mission Blog Series #3: New Learning Curriculum in Project Ares 3.6.4
July 8 2019 | ~5 min read
We’ve made several new updates to our gamified cyber learning platform Project Ares. We are releasing new battle room and mission cyber security exercises for professionals to continue training and honing skills and competency and have optimized some aspects of performance to make the learning experience smoother.
Targeted Cybercrime on the Rise
July 8 2019 | ~5 min read
Targeted attacks against particular groups or entities are on the rise this year. Instead of a “spray and pray” approach, malicious hackers are getting particular about who and what they attack and how for maximum accuracy. Why? The right ransomware attack on the right data set to the right group of people can yield more monetary gain than an attack towards a general group of people at varying companies. To empower ourselves, we need to understand how cybercrime is “getting personal” and what we can do to prevent attacks like this.
Good Bots and Bad Bots: How to Tell the Difference to Stay Cyber Safe
July 1 2019 | ~3 min read
You may have heard or read the term “bot” in the context of cyber security. Normally we hear this word in the wake of a cyberattack and relate it to breaches in computer or network security. While there are certainly bad bots, there are good bots too! So what exactly is a bot, how can you differentiate, and how do they work?
Ransomware – The Attack Du Jour!
June 25 2019 | ~5 min read
Ransomware is gaining traction among hackers; emboldened by financial success and anonymity using cryptocurrencies. In fact, ransomware is now considered a tried and true cyberattack technique, with attacks spreading among small and medium-sized businesses, cities and county governments. Coveware’s recent 2019 Q1 Ransomware Report notes:
Cyber Security and the LGBTQIA Community
June 18 2019 | ~3 min read
While most of us recognize the inherent vulnerabilities of putting our personal information online, we may not think about how marginalized communities are at even greater risk of malicious attacks on the internet. The LGBTQIA (lesbian, gay, bi-sexual, transgender, queer, intersex, and asexual) community certainly understands the ramifications of sharing their lifestyles on the web, and it is of vital importance to consider how compromised online privacy can specifically impact these already vulnerable groups.
Spotlight: Cyber Security Readiness for the Electricity and Energy Industries
June 18 2019 | ~3 min read
When your power goes out, you recognize just how many things you use every day rely on energy. From phones to WiFi to air conditioning and heat, our homes and offices almost entirely rest on this silo of critical infrastructure.
Cyber Attacks and Risk Mitigation in Critical Infrastructure
June 10 2019 | ~6 min read
Critical infrastructure is a term used by the government to describe assets that are essential for the functioning of a society and economy (think oil and gas, water, electricity, telecommunication, etc.). According to the Department of Homeland Security, there are 16 sectors of critical infrastructure. In the past few years, we’ve seen attacks on departments of transportation, cities, and other network infrastructure that are prompting many cyber security leaders to pay closer attention to their readiness strategy and risk management. With the threat of cyberattacks against public and private sector infrastructure on the rise, it is important to understand the history of these attacks, as well as what critical infrastructure cyber security professionals can do to protect themselves against them. Today, we are going to focus on three sectors: oil and gas, energy and electricity, and transportation.
Resources for starting a career in Cyber Security
June 4 2019 | ~3 min read
Jumpstarting a new cyber security career path can feel like a daunting initiative, however, it may be more attainable than you think. By utilizing online cyber resources and persistent learning exercises, you can start learning everything you need to know to understand career options and land your dream job.
Microsoft Azure Government Secret Helps Enhance Cyber Training
May 30 2019 | ~2 min read
Across the board there’s been a push from a policy perspective to get into secure cloud environments that provide organizations with the on-demand and protected availability that they need to improve business processes. Azure Government Secret is a cloud solution that delivers comprehensive and mission-enabling cloud services to US Federal Civilian, Department of Defense (DoD), Intelligence Community (IC), and US government partners working within Secret enclaves. It can also have global implications for how cyber defenders prepare for tomorrow’s threats.
Girl Scout Troop Visits Circadence to Earn Cyber Security Badges
May 29 2019 | ~4 min read
Introducing girls to the world of cyber security and empowering their access to this STEM discipline is incredibly important to Circadence as we advocate for a cyber workforce with diversified thinking and problem-solving perspectives to keep pace with today’s adversaries. In mid-May, Circadence was honored to host 12 Brownies from a local Girl Scout troop at our San Diego office to help them earn their cyber security badges. Some of Circadence’s own family members are involved with the local troop and several co-workers facilitated a series of workshops for the girls to teach aspects of cyber security including cryptography, spamming, and virus detection.
How to Launch a Cyber Security Career
May 21 2019 | ~8 min read
Preparing for a cyber security career is more enjoyable than you may think! The technical challenge, problem-solving, constant change (you’re never bored!), and continuous learning opportunities are positive experiences one can have when entering the field of cyber security.
The Future of Cyber Security in the Wake of Standardized Workforce Development
May 19 2019 | ~5 min read
The implications of the Executive Order on America’s Cybersecurity Workforce and what it means for cyber workforce development going forward
Nichols College Students Spearhead Cyber Security Education for the Entire Campus
May 16 2019 | ~4 min read
Policy makers are now prioritizing data security over talent, efficiency and controlling costs. As students growing up and being educated in the digital age, we are just starting to understand the importance of cyber security to individuals and their companies. Taking part in a Research Associate Internship on campus at Nichols College, our eyes have been opened to the vast number of threats we face on a daily basis.
Diversity in Cyber Security: Why It's Important and How To Integrate It
May 10 2019 | ~5 min read
You may have heard that the cybersecurity skills gap is widening, and that there is a massive shortage of cyber professionals today. In fact, Cybersecurity Ventures predicts that there will be up to 3.5 million job openings in the field by 2021. In spite of the growing need for people in cyber, women continue to be underrepresented in the field.
Healthcare Cybersecurity: In Critical Condition
April 29 2019 | ~3 min read
The digitalization of healthcare communication has greatly impacted how healthcare professionals use medical devices, perform patient care, and conduct internal operations. Electronic health record (EHR) mandates and widespread adoption of mobile devices has accelerated at such a rapid pace, healthcare cybersecurity companies are making mistakes that are inviting malicious hackers inside. Unfortunately, the healthcare industry has developed a negative reputation due to frequent data breaches, ransomware attacks, and security threats. It is time to revive the industry and get it on a path to a healthy recovery.
Obstacles and Opportunities in Cybersecurity Regulation and Legislation
April 22 2019 | ~4 min read
As our world becomes increasingly dependent on the internet, more safeguards must be put in place in order to keep our information and services we rely on secure. In the last few years, we have seen an increase in regulations and legislation passed to uphold these safeguards, but it is unclear how much this has helped in thwarting attacks. Not only are we as consumers and individuals vulnerable to data breaches and cyberattacks, but our governments are at risk for cyberwarfare and potentially crippling assaults on resources and infrastructure.
The Internet of Things Ushers in a New Wave of Cybersecurity Needs
April 15 2019 | ~4 min read
The internet has changed rapidly since its inception in 1983. The way we communicate, consume news and media, shop, and collect data are just a few examples of the way the internet has changed the world. A term you may have heard crop up in recent years is IoT, or The Internet of Things. IoT is about extending the purpose of the internet from use in day to day devices like smartphones and computers to use as a host of connected “things.”
A New Perspective: Changing How We Think About Cybersecurity Training
April 8 2019 | ~5 min read
What if someone told you that there was a new way to commute to work in the morning? A way that was more efficient than taking the highways or backroads to avoid traffic – a way that would allow you to save time, headaches and the dangers of driving altogether…you’d be interested, right? Maybe a little skeptical, certainly, but interested. So would we! Changing the way we think about a process or an act does not happen at the flip of a switch. We know that. However, the speed at which technology advances and new products and services hit the market with attempts to make our daily lives easier, faster, better requires us to be open to new ways of thinking about traditional approaches. In this blog, it’s about changing how we think about “cybersecurity training.”
Are you living the CISO nightmare? Five Cyber Concerns Keeping Them Up at Night
April 1 2019 | ~5 min read
What keeps CISOs up at night? Is it the looming concern of a threat? The uncertainty of cloud security? Wondering if you have enough cyber pros on the frontlines to defend and protect? Maybe it’s all three –and more. CISOs are carrying a lot of security responsibility on their shoulders, all while trying to make sure their department is transparent, vigilant, agile, and of course, secure. Focusing on so many areas of digital opportunity, security vulnerability, and defensive improvement make it challenging for CISOs to truly dedicate attention to any specific operational “thing” for too long before they have to move to the next issue. Adapting to this rapid change of pace in the security industry can compromise security strength and lead to growing concerns about whether teams are really prepared for the next threat. We’ve pinpointed the top five cybersecurity concerns of CISOs that are stuff nightmares are made of.
On the Move: Cyber Attacks on Transportation Systems
March 27 2019 | ~4 min read
Everything is on the move. People. Agriculture. Water. Power. Materials ranging from home goods to hazardous waste all flow through a massively complex, public/private, interconnected – and increasingly automated – hive of vehicles and transport systems.
Hope for Cybersecurity: Cyber Teaching Challenges & New Horizons for Cyber Learning
March 18 2019 | ~4 min read
The statistics are dismal. An estimated 3.5 million unfilled cyber positions by 2021 and today, we have over 300,000 openings in the U.S. alone. According to a New York Times article, “filling those jobs would mean increasing the country’s current cybersecurity workforce of 715,000 people by more than 40 percent,” according to data presented at the National Initiative for Cybersecurity Education Conference. If you’re a student in cyber or are just undeclared, there hasn’t been a better time to consider cybersecurity as a professional career. The field has come a long way from the stereotypical hoodie-wearing, Mountain Dew sipping worker in a dark room performing tedious coding tasks.
Guest Blog: Embracing Immersive, Gamified Cybersecurity Learning, Featuring Divergence Academy
March 11 2019 | ~3 min read
What is immersive, gamified cybersecurity learning? The term was originally coined in 2002 by a British computer programmer named Nick Pelling. The term hit the mainstream when a location-sharing service called Foursquare emerged in 2009, employing gamification elements like points, badges, and “mayorships” to motivate people to use their mobile app to “check in” to places they visited. The term hit buzzword fame in 2011 when Gartner officially added it to its “Hype Cycle” list. But gamification is more than a buzz word. Companies have seen gamification work for them in cyber team training—so we thought it wise to take what is working and apply it at the earlier stages of career development—in the classroom.
Guest Blog: Reimagining Cyber Learning for Students, Featuring Divergence Academy
March 4 2019 | ~4 min read
Ten Reasons to Check Out San Francisco while at RSA
February 13 2019 | ~5 min read
Your definitive guide to de-compressing from the tradeshow chaos.
Guest Blog: Taking Cybersecurity Learning to a Whole New Level
February 12 2019 | ~2 min read
Last week I was lucky enough to be able to attend Circadence’s Cyber Learning Tour at the Microsoft Technology Center in Chicago. This event was hosted by Laura Lee, VP of Rapid Prototyping, and one of the lead creators of the Project Ares training platform.
A Call to Diversify the Cybersecurity Workforce
February 11 2019 | ~4 min read
You’ve read about it, know it well, and can probably instantaneously identify one of today’s top cyber crises: the cybersecurity skills gap. It’s putting enterprises, governments and academic institutions at greater risk than ever because we don’t have enough professionals to mitigate, defend, and analyze incoming attacks and vulnerabilities. According to recent estimates, we are looking at the possibility of having as many as 3.5 million unfilled cybersecurity positions by 2021. The widening career gap is due in part to the lack of diversity in the industry.
Making Cybersecurity BETTER: Dan Manson to Speak at RSA 2019
January 23 2019 | ~2 min read
With the New Year in full swing, we are resolved to improve not only our own products to meet industry shifts but helping improve cyber professional’s skill sets against evolving threats. One of the ways we are doing this is through the help of our team member Dan Manson, Instructional Designer (Level 5) and current Professor of Computer Information Systems at California State Polytechnic University, Pamona.
What We've Learned from the Evolving IT Landscape and Where Cyber Security is Headed in 2019
January 15 2019 | ~6 min read
The new year is always a good time for reflection. At Circadence, we look back on how cyber security has evolved and think about the dynamic IT landscape to understand where CISOs and security leaders can direct their attention. To learn more, we tapped into our own cyber security expert Laura Lee, Executive Vice President of Rapid Prototyping, to answer some questions for us.
Finding the needle in the cybersecurity haystack: Why gamification is the answer you've been looking for
January 9 2019 | ~4 min read
To say we’re on an upward trajectory in the cybersecurity space would be an understatement. Cyber threats are increasing. Organizational spending is increasing. And the cost of a data breach is increasing—to somewhere around $3.62 million per breach according to the Ponemon Institute. With such exponential growth across the field, CISOs are actively looking for ways to strengthen their efforts. With the plethora of information available today, it is like finding a needle in a haystack. It’s hard to know whom to believe, what to believe and how often. With so many options available, CISOs are understandably stymied in making educated decisions for an optimal solution. Fortunately, our 20+ years in the gaming industry have led us to a valuable conclusion that can help CISOs professionally develop their teams—and protect their organization. The answer lies in gamification.
Circadence Takes “A Different Look at Cybersecurity” on the Road
January 8 2019 | ~2 min read
In partnership with Sirius Computer Solutions, Snowflake Computing, and Puppet software, Circadence is pleased to participate in the roadshow series, “A Different Look at Cybersecurity.” In cities across Tennessee, Mississippi, and Alabama, Circadence, and partners will help businesses discover new ways to approach cybersecurity readiness in the wake of imminent and persistent cyberattacks affecting every industry today.
Artificial Intelligence and Learning Through Robotics: An Interview with Circadence CTO Bradley Hayes
January 8 2019 | ~6 min read
We sat down with Circadence’s own Chief Technology Officer, Brad Hayes, to delve deeper into the meaning of AI and machine learning as it relates to the cybersecurity field, to discuss how robotics inform best cybersecurity practices, and to learn about new developments that are shaping the future of the field.
Cybersecurity & Artificial Intelligence Trends from 2018
December 19 2018 | ~3 min read
A study conducted by SailPoint reported that nearly 75% of employees engage in password re-use across accounts, as opposed to just over half four years ago. Nearly half of people surveyed admitted to sharing passwords across personal and work accounts. Part of this is being driven by employees seeing IT practices as inconvenient, as they seek circumvention in favor of personal efficiency.
Utilizing Cyber Range Learning in Academia
December 14 2018 | ~3 min read
Cyber ranges are virtual learning environments used for cyber warfare skills development. A cyber range offers hands-on learning opportunities for cybersecurity professionals by marrying traditional classroom concepts with more ‘sticky’ experiential learning techniques.
Living Our Mission Blog Series #2: New Developments for Project Ares 3.6
December 10 2018 | ~4 min read
From new training content to Intelligent Cloud-based hosting options, our immersive, gamified Project Ares cybersecurity learning platform continues to evolve to meet the changing needs of our customers. Enterprise, government, and academic institutions are looking for scalable, diversified, results-driven cybersecurity readiness solutions that allow their organization to flex based on ever-evolving cyber threats. We are pleased to share the latest developments with you.
2019 Cybersecurity Predictions
December 6 2018 | ~4 min read
Well, it’s safe to say that 2018 for the cybersecurity industry has been a little doom and gloom. And rightly so. More than 3.5 million unfilled job positions expected by 2021, 90 percent of cyberattacks caused by human error, and what we thought were once effective learning methods prove to only yield a 5 percent information retention rate. The financial sector, governments, and healthcare organizations continue to rank in the top most attacked industries. Cybersecurity spending keeps increasing and phishing, insider threats, and malware keep infiltrating enterprise systems. It appears in 2018, cyber professionals just couldn’t keep pace with evolving threats!
Oil and Gas Cyber Security: Understanding Risks, Consequences, and Proactive Measures
November 27 2018 | ~5 min read
The oil and gas sector is susceptible to security vulnerabilities as it adopts digital communication methods that help power energy production and distribution. To understand the cyber threats to the oil and gas industry, there exist approximately 1,793 natural gas-powered electricity plants in the U.S. and they generated 34% of the nation’s electricity in 2018. Much of how we live and work is dependent upon the energy produced from oil and gas production, including everyday cooking, heating/cooling, communication, and use of electronic devices and appliances. Therefore, even the smallest cyber attack on one of the thousands of interconnected and digital systems can pose a serious cyber risk to oil and gas production.
Close the Cybersecurity Workforce Gap with Apprenticeships, Internships, and Other Alternative Pathways
November 14 2018 | ~5 min read
We’ve all heard by now that the cyber workforce gap has reached a level of desperation that puts all of us, and our country, at risk. It’s time we start moving the conversation away from the problem and towards innovative solutions.
Modernizing Cyber Ranges
November 13 2018 | ~4 min read
Cyber ranges were initially developed for government entities looking to better train their workforce with new skills and techniques. Cyber ranges provide representations of actual networks, systems, and tools for novice and seasoned cyber professionals to safely train in virtual environments without compromising the safety and security of their own networks.
Penetration Testing Challenges and Solutions
November 7 2018 | ~5 min read
It’s one of the most direct and proactive cyber security activities organizations can do to protect themselves from an attack, penetration testing.
Keeping Critical Infrastructure Strong and Secure
November 1 2018 | ~3 min read
November is Critical Infrastructure Security and Resilience Month, a nationwide effort to raise awareness and reaffirm the commitment to protect our Nation’s critical infrastructure. Circadence’s mission is to build awareness about how next-generation cybersecurity education and training can improve cyber preparedness. This month is an excellent time to talk about that in relation to critical infrastructure.
A Rising Tide Lifts all Boats: Celebrating National Cybersecurity Awareness Month
October 30 2018 | ~4 min read
National Cybersecurity Awareness Month (NCAM) in October reminds us of the importance of being safer online, in both our professional and personal lives. Easier said than done, eh? Who’s to say the majority of us even know what makes us “safer” online, or for that matter what makes us vulnerable or should raise a red flag?
How To Tell If Your Cybersecurity Strategy Is Prone to a Cyberattack
October 26 2018 | ~3 min read
What does your current InfoSec environment look like? Are teams prepared to tackle evolving threats? Is your cybersecurity strategy aligned with business objectives? Do you and your team undergo regular training to stay ahead of hackers? If you’re not sure, this blog is for you. Today, we’re outlining some of the most common, overlooked, unrecognized, and “I-just-don’t-have-time” aspects that comprise an insecure InfoSec culture so CISOs can cross reference these items against their own cyber environment.
Living Our Mission Blog Series: New Developments for Project Ares
October 17 2018 | ~2 min read
The only constant in cybersecurity is change. To best serve our customers’ needs and equip them with the latest technology, tools, and best practices that help them successfully combat evolving threats, Circadence regularly updates its cybersecurity solutions. This is the first of a regular blog post series where we will share platform news about our cybersecurity solutions.
Cultivating the Next Generation of Cyber Professionals: Recapping Summer Internship Projects
October 12 2018 | ~3 min read
Circadence® is proud to live out its mission to continuously educate and upskill the next generation of cyber professionals. We had the pleasure of hosting several interns over the Summer season who showed us firsthand the promise and potential they have for the industry. We had more than 20 interns spread across our offices in Tupelo, MS, San Diego, CA, and Boulder, CO. Students were placed departments pursuant to their degree programs or learning interests.
Bridging the Cybersecurity Skills Gap with Artificial Intelligence
October 10 2018 | ~5 min read
You know it and we know it. We cannot train our way out of the widening cybersecurity skills gap (expected to reach 3.5 million by 2021). We’ve discussed at length why traditional, passive learning models in training classroom settings are ineffective (not to mention boring), but at Circadence®, we are optimists and innovators, dedicated to finding a solution—and for now, in the industry’s current state of affairs, we’ve found what works. It lies in leveraging artificial intelligence (AI) and machine learning.
3 Ways to Prevent Cyber Security Election Interference
October 3 2018 | ~5 min read
Voting is the crux of what we refer to as an American Democracy. Since the 2016 elections in the United States, numerous reports have cited concerns of vulnerabilities in the voting ecosystem, detailing attempts of foreign interference by organizations such as the Russian government to exploit election results with pervasive cyber attacks.
Celebrate “National Cybersecurity Awareness Month” Year-Round
October 1 2018 | ~4 min read
National Cybersecurity Awareness Month (NCAM) in October reminds us of the importance of being safer online in both our professional and personal lives. By employing fundamental cybersecurity best practices, ALL professionals from the C-Suite to the Administrator can better safeguard against ongoing threats infiltrating and exploiting systems and data every day.
CISOs, Strengthen Your Cybersecurity Posture with These Resources
September 24 2018 | ~4 min read
There is a hacker attack every 39 seconds. The average cost of a data breach in 2020 is expected to exceed $150 million. And by 2021, there will be more than 3.5 million unfilled cybersecurity jobs worldwide. No enterprise is safe from an attack.
Learn the Three A's for Enhanced Cyber Awareness
September 13 2018 | ~3 min read
We’re constantly learning at Circadence. Learning what’s new and effective in cyber training. Understanding what our customers need and want in a cyber training platform. Discovering the issues that still keep them up at night. Learning how to improve our products to meet demands of a dynamic industry. What continues to emerge in our research are three pieces of advice (below) that direct CISOs to a place where they’re confident in their level of cyber awareness, which allows for better collaboration with their team and business stakeholders, and creates stronger protection for their organization against evolving cyber threats.
Understanding the Dark Web
August 22 2018 | ~5 min read
If you are familiar with recent news reports about security incidents and threats, you’ve probably heard of the ‘dark web’ or the ‘darknet.’ In fact, you don’t even need to pay attention to the news. TV shows, movies and even social networking sites will introduce the terms to you. The problem is, there often isn’t any explanation about what those terms mean. Likely, the people using them have no idea what they mean. Understanding what they mean can help you better protect yourself, as well as having an idea of what is going on in these news reports. To get there, though, we’re going to take a quick journey through history.
Game On: The Benefits of Hands-On, Gamified Learning in Cyber Training
August 21 2018 | ~5 min read
What is gamified learning? Before we dive into that question, let’s discuss some of the ways we currently learn about cyber today. Traditional cyber training has been conducted in the same way for years, comprised of static, classroom-style settings complete with a teacher lecturing and passive listeners. This model causes people to forget:
Game of Titans Cyber Challenge Attracts Top Professionals, Raises Awareness of Gamified Training and Assessment Solutions
August 14 2018 | ~2 min read
We hosted our first-ever “Game of Titans” Cybersecurity Challenge in Las Vegas recently, gathering security professionals together to compete on our Project Ares® cybersecurity platform for a chance to win several prizes.
Recapping Jack Voltaic 2.0 Cyber Research Project: A Q&A with Laura Lee
August 2 2018 | ~4 min read
Late last week, Circadence® participated in the Jack Voltaic 2.0 Cyber Research Project held in Houston, Texas. The event was described as a “bottom-up approach to critical infrastructure resilience,” where the City of Houston, in partnership with AECOM and the Army Cyber Institute (ACI) gathered with critical infrastructure partners to study cybersecurity preparedness gaps.
DevSecOps: The Benefits of Security and DevOps Working Together
July 31 2018 | ~3 min read
For years, security professionals, including myself, have advocated for security to be part of the development process. Recently, development has been undergoing a big shift “to the left” so that security is part of a more integrated process in development. You may be aware of this change as DevOps. DevOps means that development and operations, the team responsible for deployment and management, work closely together rather than having cold hand-offs. One of the ways this works is by automating as much as possible, including building, packaging, testing and deployment. The integration came at an opportune time when shifts in software development started in the late 1990s, now called Agile.
Circadence's Laura Lee Mentors Young Women at Cybersecurity Badge Program Launch Event for Girl Scouts in Partnership with Palo Alto Networks
July 24 2018 | ~3 min read
Our own Laura Lee, executive vice president of rapid prototyping, recently mentored young girls at a Girl Scouts event on Wednesday, June 27, that celebrated the launch of a new cybersecurity badge program.
Play, Watch, Experience: Circadence to Host First-Ever “Game of Titans” Cyber Challenge in Las Vegas
July 20 2018 | ~3 min read
As the New York Times points out, “Video games are beginning their takeover of the real world,” and with the popularity of Fortnite and other events gaining traction, Circadence® is jumping on the voyeuristic video game bandwagon hosting its first “Game of Titans” Cyber Challenge–a unique event that will demonstrate the power of its immersive, online cybersecurity training platform Project Ares®.
GUIs Are Evil
July 18 2018 | ~4 min read
Graphical User Interfaces (GUIs) are evil. Or in the words of a friend of mine – “the work of the devil.” I know people generally like shiny windows and icons and that’s fine for a lot of work. But, when it comes to being an info security professional, GUIs are just wrong in many cases. Stick with me. You will want to rethink your position on “just give me a shiny GUI over white letters in a stark, black window any day.” Here are a few reasons why GUIs aren’t necessary.
Why Continuous Learning is Key to Strengthening Cyber Teams
June 19 2018 | ~4 min read
There is a lot out there about the benefits of continuous learning—or continuous professional development—and what we’re gleaning from research is how POWERFUL the approach can be when applied to cyber team training.
THE ILLUSION OF SECURITY
June 12 2018 | ~4 min read
When you fly, you are subjected to a lot of requirements when passing through a security checkpoint. You have to take off your belt and jacket, remove everything from your pockets, you can’t carry in liquids more than 3 ounces and on and on. When someone, many years ago, devised a way to carry a bomb in their shoes, we were all required to take our shoes off when we passed through security. Of course, there are ways around these things by getting a background check and giving up your fingerprints. However, even after doing all that, you still have to pass through metal detectors and you still can’t bring in liquids. Despite all these restrictions, people still manage to get knives, liquids and other supposedly banned items through security.
Project Ares Featured on Computer America Radio
June 11 2018 | ~2 min read
Recently, our own Keenan Skelly, VP of Global Partnerships and Security Evangelist with Circadence®, was interviewed by Computer America’s Ben Crossman regarding Project Ares®, our flagship training and assessment platform for cybersecurity professionals. Keenan shared how Project Ares works, what it can be used for and the benefits of gamified training.
Why We Can’t Keep Ignoring Cyber Fatigue
June 7 2018 | ~4 min read
The ever-present threat of cyber attacks is taking its toll on info sec newcomers and veterans alike who are struggling to keep pace and can lead to cyber fatigue, which is a growing concern among both cyber professionals and consumers.
Circadence ranks in top 10 cybersecurity training firms by Black Book Market Research
June 5 2018 | ~2 min read
Black Book Market Research, the parent group for Black Book Rankings, recently ranked Circadence® among the top 10 cybersecurity training firms for 2018.
Common Cyber Security Issues and Challenges
May 31 2018 | ~3 min read
We’re taking a 30,000-foot view of cyber security to understand the state of the industry from an enterprise perspective and share some common challenges faced by diverse industries. Doing so provides infosec leaders insight into how challenges emerge in their workplace and potentially a sense of relief knowing their industry (and themselves, as professionals) are not alone in this struggle.
Learning from the Top 5 Financial Cybersecurity Incidents
May 30 2018 | ~4 min read
Banks, credit unions, credit card companies, investment firms, and insurance companies are all under cyberattacks—making financial cyber security a hot topic of discussion. For years, the finance industry has been one of the hardest hit with cybercrime according to Deloitte. And it continues to rank in the top five most vulnerable industries. In 2017, 69 material cyber incidents were reported to the Financial Conduct Authority, an increase from the 38 incidents in 2016, according to Information Age. Financial cyber security regulations are keeping companies in check but the pace at which threats evolve in sophistication requires a persistent approach to stay ahead of hackers.
May 24 2018 | ~4 min read
What do you think of when you hear the term ‘information security’ or even the term ‘cybersecurity’? If you think about how it all works, you may think about vulnerabilities, firewalls, intrusion detection systems, anti-virus or perhaps something else entirely. What probably doesn’t come to mind are terms like metrics and measurement. These are elements of information security that seems to get short shrift a lot, in spite of their importance. No matter what aspect of a company’s security posture, metrics are essential.
The Importance of Cybersecurity Awareness and Education (or, how to easily attack your friends and enemies)
May 7 2018 | ~5 min read
While it hasn’t received as much conventional press as, say, the Equifax data breach, there was recently a significant event that took place on the Internet. A service called Memcached, which allows chunks of data to be shared between websites, is or was vulnerable to being misused to send large amounts of data to unsuspecting targets. One of these targets was Github, though there were others that have not been named. What made these attacks so significant is their sheer volume. According to Arbor Networks–a company that has made denial of service attack protection their life’s work for more than 20 years–one of their customers received roughly 1.7 terabits per second of attack traffic.
SoCal Cyber Cup Challenge Finals Wrap Up 6-Month Long Cyber Program
April 4 2018 | ~2 min read
This past month, the SoCal Cyber Cup Challenge wrapped up a six-month long program and competition intended to educate and prepare the nation’s next generation of cybersecurity professionals. Organized and backed by Securing Our eCity Foundation, National Defense Industrial Association, National University and Circadence, the Challenge provided high school and middle school students the opportunity to learn and practice cyber skills using a gamified, persistent training platform, Project Ares®.
So, You're An InfoSec N00b
March 19 2018 | ~5 min read
You may be an InfoSec n00b but not all is lost. You are far from alone. Now more than ever, security is everyone’s problem but it’s difficult. So much is taken out of our control in the name of making our life easier that in the end, it can be harder to protect ourselves and, by extension, the companies we may be working for.
Circadence Teams up with MD5 to Support T9Hacks Event at CU Boulder
February 8 2018 | ~2 min read
Major League Hacking opens its 2018 Season at the University of Colorado Boulder with T9Hacks, February 10-11, 2018.
Understanding Malware Analysis
January 18 2018 | ~3 min read
The malware industry has come a long way and currently, it’s a very lucrative business. This is one of many reasons that makes studying malware so fascinating. It’s an interesting mix of technology, psychology, and commerce. Psychology is what makes malware effective, and commerce is what ensures more hackers continue to develop new and interesting malware.
Four Reasons Your Security Team Should Be Training on a Cyber Range
December 14 2017 | ~4 min read
It seems that every other week another mega-breach is making headlines. Cyber teams barely have time to bolster their cyber defenses before a new attack vector is revealed. It is nearly impossible for teams to train in such a rapidly evolving threat landscape through traditional lecture-based methods. Today’s threats demand an immediate shift in approach.
Circadence® Project Ares® is Training the Next Generation of Cyber Experts in the SoCal Cyber Cup Challenge
October 31 2017 | ~3 min read
Teaching a new generation to become experienced cyber professionals, trained to deal with the latest cyber threats, is critical to ensure the safety of information. Because there is an ever-present threat of cyber criminals who are intent on hacking into systems and causing chaos worldwide, there will always be a need for skilled cybersecurity professionals. And, we know that active learning is one of the best ways to train them, since the National Training Laboratories Institute reported that active learning results in a 75% retention rate, versus 5% using traditional learning methods like lectures.
Cyber Practitioners & Students Accept the 2017 Cybersecurity Gaming Challenge at UNCC
October 6 2017 | ~2 min read
Each year, the University of North Carolina at Charlotte hosts the Cybersecurity Symposium, bringing world class speakers together to discuss top security challenges, cutting edge technology and best practices for mitigating risk and defending the enterprise.
Circadence Awarded for Cybersecurity Training and Education, Security Software Innovation
September 22 2017 | ~2 min read
Circadence® was recently named the Gold Winner for Training and Education and the Bronze Winner for Security Software Innovation in the 2017 Golden Bridge Awards. These annual industry and peer-selected awards encompass the world’s best in organizational performance, product management, and customer satisfaction.
New Draft of NICE Cybersecurity Workforce Framework Expands on Skills, but Team Approach & Simplicity Are Needed
August 25 2017 | ~4 min read
A new draft of the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (NCWF) (NIST Special Publication 800-181) was just released and among the many revisions, the framework draft includes most of the tasks and knowledge/skills/activities (KSAs) supporting the 52 work roles previously outlined.
Test Your Skills in the Cyber Mission Café during AFCEA TechNet Augusta, Booth #802
August 8 2017 | ~2 min read
Security practitioners of all skill levels are invited to join Circadence® at Booth #802 during the TechNet Augusta Conference August 8-10. Spend some time in our Cyber Mission Café testing your cyber skills or practicing offensive and defensive tactics in the gamified, AI-powered Project Ares® platform.
An Educational Institution Roadmap for Women in Cybersecurity
June 28 2017 | ~4 min read
When I was in school, just five percent (5%) of my engineering class were women. Today, according to the 2017 Global Information Security Workforce Study: Women in Cybersecurity, just 11 percent of information security jobs are held by women. And if you look at many security technology providers, you often won’t see a single woman on the executive team. (I’m proud to say that Circadence® is a rare exception to this).
Circadence® Project Ares® Honored for Innovation in Cyber Training
June 6 2017 | ~1 min read
Network Products Guide, the IT industry’s leading technology research and advisory guide, named Circadence® Project Ares® a Gold winner in both the IT Products and Services for Education, as well as the Training, Awareness and Educational Programs categories in the 2017 IT World Awards®. Additionally, Circadence was named a Bronze winner for Innovative IT Company of the Year.