LinkedIn

How to Use LinkedIn For Professional Growth

Although LinkedIn has been in our lives for several years now, not everyone understands its true value or how to use it. Some of you might even have a profile with just your name on it or those who log in once or twice per year. But, the time has demonstrated that when used the right way, this social network can become a very important asset for your professional growth. It can help you keep in touch with old colleagues, it can help you find that job you have always dreamed of, it can help you make new connections and expand your network.  

In this post, we want to share with you some tips to create a powerful profile, understand why, how, and who you need to engage with and start growing your professional network.  

The Power of LinkedIn 

With over 740 million active users, LinkedIn leads the 2020 ranking for Digital Trust, way over Facebook, Twitter, and even YouTube, meaning that out of the nine major social platforms, it is the one most trusted by its users.   

The most recent statistics of this social network presents some interesting facts that are worth knowing:  

  • Its audience is built mostly by men between the ages of 25 to 49  
  • 49% of its users are people who earn over $75,000 annually.  
  • 51% of its users have at least a college degree 
  • 4 out 5 users are decision makers in their businesses 

In other words, these are the people with who you want to connect. Not only they are the ones who can offer you a better work opportunity, but they can recommend you for other job offers. Having an online presence and engaging with the right people can open the doors to a world filled with career opportunities.  

Using LinkedIn for Your Professional Growth 

To help you make the most out of this social network, we crafted 6 tips that will help you make your profile more robust so it starts appearing in front of the right people.  

1- Create a Powerful Profile 

Consider this as your first impression, you need to make the most out of it. The first thing you should do is upload a professional profile picture, our best advice here is to use one in which you are wearing the appropriate clothing and with a neutral or office-like background. Make sure it is in high resolution and with natural soft light. Be the only one in the picture, and let your face take at least 60% of the frame, you want people to know exactly who you are.  

Once you have the right picture, you need to work on your headline. Think of this as a 120-character elevator pitch. Some people like talking about what makes them different, others about the benefits they add to their customers, others about their role in a determined company. You choose whatever makes you comfortable, just try to avoid buzzwords, typos, and write something that catches the eye of the reader.  

Now you have to start completing all the information related to your education and work experience. Take advantage of the description area to talk about your experience, the projects you worked on, and the results you got. When possible try adding a link or an attachment. Don’t forget to mention the different publications you have done, and the certifications and titles you have earned all along the way, as well as any volunteering experience you might have.  

2- Connect With Others 

Once you have completed filling out all the fields of your profile, you need to start sending connection invites. A good starting point is your friends and family, but as this is a social network for business, we suggest you continue with your co-workers (present and past), your classmates, and people you know from your industry. 

A great idea is to send invites to those people who have shared posts you have found interesting. You can add a note saying how much you appreciated his comment and that you would like to connect so you can read more of his opinions.  

If someone you don’t know sends you an invite, make sure to check his profile before you reject it. He/she might be a connection that is worth accepting.  

Word of advice: when sending invitations to people you don’t know, try to add a short text of why you think you two should connect. You can mention what you do and how you can help each other. Personalize it.   

Once you get 500 contacts you have reached the golden number for LinkedIn. From now on your profile will show a +500 next to your name and only you will be able to see the exact number of connections that you have. 

3- Be Active  

Just like any other social network, it is not enough just to have a profile on it, you need to actively participate by sharing content and engaging with posts from others. Share links with information relevant to your industry, share a comment about some recent study, share an update about your organization. The sky is the limit, just make sure it is relevant to your network.  

Just a piece of advice, the ideal number of posts you should be doing on LinkedIn is 1 every business day. So try to arrange in your daily schedule spending time in this network, you can log in every morning, spend some time reading what your connections have posted and share an update.  

4- Ask For Recommendations 

Try asking for recommendations from different people you have worked with to give recruiters a better view of how you can execute different situations. You can ask your previous co-workers, managers, members of your team, clients, and senior leaders.  

When you send them the request from LinkedIn, try adding some context of what you are looking for from their recommendation. Be as explicit as you can. For example, you can tell them to point out different skills that you have,  how you handled a specific situation, or to talk about a specific project.  

5- Follow Companies 

One of the great benefits of LinkedIn is that you can follow a company and get notified about their updates on business opportunities, new features, announcements, and even job opportunities. Start by following those you think can be helpful for you, perhaps Indeed or Glassdoor are great options. Then, you can add those that share inspiring content such as TedTalks and Forbes. Later,  you can add those that are the most followed like Google, Amazon, Apple, Microsoft. Don’t limit yourself, if you want to apply for jobs in a determined industry then start following companies where you would like to apply.  

6- Join Groups 

One thing you should not miss from LinkedIn is the groups. Groups are the perfect place to connect with people, outside of your network, with similar interests. There are a lot of options out there, so make sure you have a list of topics you want to follow and look for groups related to them. There you will be able to share updates, ask questions, and read anything the other members post.  

With these 6 steps, you will have a better chance of growing your professional network and reaching those people that can help you achieve all of your work-related goals.  

Online Learning

6 Tips to Make Online Learning More Effective

We have said it in the past: online studying has far more benefits than you can think of. Not only does it allows you to enroll in classes from the comfort of your home or office, in any university or academy around the world, but it gives you the flexibility needed to keep your full-time job and balance your personal commitments.  

Yet, you do need to be prepared for the responsibility you are taking. Remember, just because it is online, it does not mean that it is going to be less demanding. You will have to attend class, and you will have to deliver your assignment on time. You will have to spend hours studying and practicing. You have to work to earn your degree or certification.  

At CyberWarrior, we have had a year full of online Bootcamps, and we have seen our students approach online learning in so many different ways that we decided to come up with a list of tips that will help you get the most value out of this experience. 

1- Create an Exclusive Space for Studying 

Just because you are taking this program from home, it does not mean that you can just lay on the couch while listening to the instructor. Having an exclusive space to study will help your brain understand what you should do: pay attention to classes.  

Make sure you have a desk with all the things you need (laptop, good Wi-Fi connection, notebook, and pen, etc.), a comfortable chair that rests your back, natural light, and most importantly, ask your roommates or family to respect it as a “quiet zone.”  

2- Schedule Online Learning Time and Breaks 

One of the best and worst things about an online class is that you have the freedom to do things at the time that best fits you. It will be no problem for those who master time management skills, but things can get messy for those who lack them.  

We suggest that you block time on your weekly calendar to attend classes, study and practice, complete your assignments, and, just as important, take a break. Try to stick to certain hours per week; making it a routine will help.  

Set reminders in your phone and calendar so that you don’t forget that you have something coming up that needs to be done.  

3- Actively Participate in Classes and Discussions 

Don’t let the fear of public speaking keep you from participating in classes. Make sure you ask all the questions you might have while the instructor is online, check with your classmates when doing an assignment, share a comment in the online forum, or post an interesting link. Not only will this help you retain more information, but consider it as the first step towards creating connections that will help you in your professional life.  

4- Set Achievable Goals for Online Learning

When taking online classes, you need to be responsible for completing your assignments on time. You won’t have anyone reminding you to do them. Our word of advice is to set some weekly goals of what you want to accomplish and set some long-term goals. For example, if you should earn a specific certification during this program, make sure you set a deadline for when you want to take the test and pass it.  

This will help you be more organized, understand what you are supposed to be working on, and avoid leaving all the work at the last minute.  

5- Maintain Healthy Habits 

We know you are working full time and studying, but that does not mean that you will forget about your family and friends, about your body and your health. You need to make sure that you spend time every day exercising, putting your mind to rest, and enjoying time away from your desk.  

Consider these moments as energy boosters. Just be mindful about the time you dedicate to work, studying, and relaxing.  

6- Work on Your Network 

At CyberWarrior Academy, we are true believers in the power of good networking. The people who study and work with you are the ones who truly understand what you are capable of doing, and they are the ones who will hire or recommend you for a job. They are the ones who will open the doors for you.  

So don’t let online classes keep you from getting to know the other students, even the instructors. Connect with them in private chats, help them when they need it, approach them when you have questions.  

Online learning is here to stay. You have to find what tips and tricks work best for you and choose a program that fits your needs.  

Ransomware Attack

Are Ransomware Attacks Becoming Uninsurable?

When you read about how many ransomware attacks have happened over the last months, you start to wonder: are cyber insurances making things even worse? The situation appears to be a never-ending cycle in which an organization hires a cyber insurance company. Cyber-criminals perform their attack, the insurance pays the ransom, the organizations renew their service with an increase in the fee, and so on. But what is really happening? What is exactly the role of cyber insurance? Is it really making things worse? 

What is a Ransomware Attack?  

Before we start answering those questions, we believe it is appropriate for us to share an explanation of ransomware attacks. These are types of malware that encrypt your information, databases, and/or applications in exchange for a ransom. It is an illegal procedure that can quickly stop your organization, causing extreme damage to your operations, reputation, and finances.  

Although the perpetrators always ask for a high amount of money so you can gain access back and give a certain amount of time to pay them, almost no one wants to pay them and work with their cybersecurity partners to look for ways to gain back access to their systems and files. There are times when there are no other options. We have seen organizations with no way of recovering the data lost or getting the systems back and running. Also, some have been threatened with making sensitive information public,  so they had to sit down and negotiate with the criminals.  

Just this year, we have seen how many large organizations have fallen victim, putting the people of our country at risk,  giving millions of dollars to the criminals.  

What Is The Role of Cyber Insurance?  

While the attacks are getting more targeted and more serious (just last year, there were over 65,000 attacks in the US), more organizations are looking to upskill their cybersecurity defenses. One way is to hire more talented and specialized personnel and add an extra layer of security by getting a cybersecurity insurance policy.  

Cyber insurance is no other than a contract that you, as an organization, can purchase to help reduce the risks associated with the online world. It usually covers your business’ liability for a data breach, including legal counseling and defense, a digital forensics team, incident response costs, costs to restore operations and recover lost assets, crisis communications, and even ransom amounts.  

In other words, in case your organization suffers a ransomware attack, with a cyber insurance, you will be able to pay the criminals and gain access back to your systems while also getting an amount for the costs associated with this situation.  

This has generated a discussion about the responsibility of cyber insurance. Is it an incentive for more ransomware attacks? Or is it a great way of protecting an organization?  

Cyber Insurance: What Should Happen Now? 

You need to understand that when cyber criminals gain access to your systems, they will know if you have an insurance policy and how much it will cover in terms of ransom. They are not going to ask anything below what you can pay them. That is why these policies are getting that much negative criticism.  

While some people believe that there should be no ransomware insurance at all, we believe that not everything is black or white. Recently, French authorities started questioning the role of cyber insurance in the sudden growth of these attacks, a comment that was followed by the decision of AXA, a global insurer, that they would not continue reimbursing companies for ransomware payments to criminals.  

But is this really the solution? By eliminating this coverage, you are putting at risk every organization, especially the smaller ones. Anyone can fall victim, but not everyone has the means to recover from it. 

We believe that every insurance policy should come with a list of security best practices that organizations need to implement (such as using Multi-Factor Authentication, security controls, identity and access management, employee training) to improve their security posture avoid the risks. Insurance companies should also share the lessons learned from other experiences as a way of helping their clients easily identify risks and better protect themselves.  

It is a matter of working as teams, where clients and insurance firms have the same goal: fighting cyber-crime.

5 Reasons Why You Should Learn Cybersecurity In Your 40s

5 Reasons Why You Should Learn Cybersecurity In Your 40s

More often than not, in our CyberSecurity Bootcamp admissions process, we get candidates unsure of making the step towards cybersecurity because of their age. While they understand all the reasons why this is such an attractive and rewarding field, they keep asking us, “will I get hired once I get trained and certified?”

During our conversations with them, we usually explain all the reasons why they should take this step. Not only will they see major upgrades in their lifestyle as they will start earning better salaries, but there is a higher level of satisfaction than in any other field just by knowing that with your work, you are protecting your organization, its clients, and stakeholders from falling victim to a cyber-attack.  

During the past few months, we have seen how more and more people are struggling with this age barrier, so we want to share with all of you out there the top 5 reasons why you should definitely take the step into cybersecurity. Just remember, you need to get the right training, lots of hands-on experience, and industry certifications so you can start working as a cybersecurity professional. 

5 Reason Why Cybersecurity Is For People In Their 40’s 

1- You Will Get a Job  

As we just said, the most common barrier for making a career switch to cybersecurity is to doubt if they will get hired or not. The truth is that this is a field with a growing talent gap, in fact, the open job count after the first year of the pandemic now stands at $4.1 million worldwide, while in the USA is right over 500,000, and to make things even more interesting the unemployment rate for this field is 0%, meaning there are more available job positions than candidates to fill them.  

In other words, if you commit to getting trained and certified for cybersecurity, you will get a job. Remember that you will need to adapt to this new field where your co-workers and even bosses will be younger than you. Just make sure that every time you meet a recruiter, you demonstrate your commitment, the soft skills you have learned during your past experiences, and the certifications you have earned.  

2- You Have Soft Skills That Many Young Professionals Have Not Developed Yet 

Your experience probably helped you develop different skills that are highly valued in cybersecurity professionals. Attention to detail, problem-solving skills, and the ability to communicate (both verbal and in writing) are part of the skills recruiters are looking for. But if you add your experience in customer service, legal, management, marketing, or whatever field you were in before, you have more to add to the team than someone just starting their professional life.  

It is very important that when you get to an interview and you start negotiating your salary, you keep your expectations down to earth. Recruiters understand that your experience is worth the investment, but they also know this is an entry-level role. So, you need to decide if you can accept an entry-level salary for a certain period or not. Just remember that for cybersecurity, that means something around $70,000 per year, and as you start gaining experience, knowledge, and certifications, it will keep growing.   

3- You Can learn the Technical Pieces Of Cybersecurity in Just 6 Months 

The learning curve for cybersecurity is not that long. In fact, in just six months, you can earn all the knowledge, hands-on experience, and certifications required to work as a cybersecurity analyst. Even recruiters and hiring managers realize that great candidates can be either those who have a degree in cybersecurity or related fields, as well as those who come from bootcamps and shorter education programs.  

What other career allows you to do a switch in months?  

4- This Is a Field That Does Not Require Advanced Degrees 

As we mentioned before, you do not need to invest years and money in degrees to earn the knowledge and experience needed to land your first job. What you do need to demonstrate is that you are a passionate student who will keep learning and earning certifications regularly. This is a field that is in constant evolution, and you need to be able to keep up with the pace.  

5- Employers Want To Hire Committed People  

Millennials and the pandemic have changed the way people see life. For younger generations, what really matters is having time to spend on themselves and their loved ones, while older generations highly value their work and are very committed to their organizations and responsibilities. We are not saying that one is better than the other, but passion and dedication are highly appreciated when it comes to recruiting someone for cybersecurity.  

Getting into cybersecurity will require you to dedicate an enormous amount of time to studying and practicing. Still, when you see the results of your investments, you will be more than happy that you decided to go down this path.  

Professionals in this area have a high level of satisfaction with what they are doing. They have seen an improvement in the quality of their lives and what they have to offer to their families while earning very competitive salaries. So, the only question left to ask is: Are you ready to become a cybersecurity professional?

sdgs

SDG: Businesses For a Better Future

Our planet deserves a better future, and the 17 Sustainable Development Goals (SDG) or “Global Goals” are carefully designed to give all people opportunities to start building that future today.

With hundreds of indicators geared towards 2030, the international community established this new roadmap at the end of September 2015. The United Nations member countries designed these goals to cover social, environmental, and economic aspects with a business mindset.

These goals provide a path for any business to direct its efforts toward specific global objectives.

Businesses’ Role

Companies can contribute to the SDGs from three different perspectives, with different returns.

First, there is the development of philanthropic actions not related to the company’s activities. It seeks to improve the social and environmental conditions of the company’s environments, and it primarily has a reputational benefit.

On the other hand, it is possible to implement initiatives related to the organization’s operations to reduce and eliminate negative impacts and enhance positive ones for stakeholders. In this case, the returns for the company are diverse as they include operational efficiency, cost reduction, customer loyalty, among others.

The third approach is to develop innovative products and services within the company’s activity sector. This contributes to the goals established for the SDGs while generating new business opportunities.

The second and third approaches were proposed around operational impacts and are the subjects of the SDG Compass protocol. What does that mean exactly?

SDG Compass: A Guide for Businesses

To help companies contribute to the SDGs, the Global Reporting Initiative (GRI), The United Nations Global Compact (Global Compact), and the World Business Council for Sustainable Development (WBCSD)  created the SDG Compass. It is an action protocol structured in five stages that seek to facilitate companies’ understanding of how they can contribute to the SDGs, encourage their public commitments, and communicate their progress.

Source: SDG Compass (2015)

The SDG Compass starts from a first stage that suggests promoting knowledge about the SDGs and the benefits that the company gets by supporting these goals.

Once the possibility of contributing to the SDGs is on the table, the next step is to design an strategy. To this end, the second stage begins with identifying the impacts that the company could generate with these iniciatives.

The third stage focuses on the action by establishing objectives, work programs, and activities that allow the company to put the goals into practice within the established time frame.

The fourth stage is how to implement the action plan. It suggests assigning responsibilities throughout the company so that all employees participate. Likewise, it recommends associating the indicators established for the SDGs with the performance metrics of the operations. In addition, to evaluate the progress of the action plan, it proposes to create a monitoring body.

Once the action plan is already for execution, it is possible to approach the fifth stage. At this moment, the company publicly reports its performance and the progress achieved, using a language that the authorities and civil society can understand:

  1. Why SDGs are relevant and the associated impacts generated by the company.
  2. The objectives and actions designed to contribute to their achievement.
  3. The management and monitoring systems established to evaluate the progress that the company has achieved.

Advantages of contributing to the SDGs.

Making sure that our society achieves these 17 Sustainable Development Goals has many benefits, such as:

  • Identify business opportunities and attract capital.
  • Enhance the value of corporate sustainability, including attracting talent and customer preference.
  • Strengthen relationships with stakeholders, be aligned with legislative advances, and strengthen risk prevention.
  • Stabilize societies and markets by contributing to their development and access to products and services.

Ideas for businesses to support SDG

Here are 4 ways businesses can support SDG through empowering and inspiring activities. This could be a part of the businesses’ practices or projects.

1. PROVIDE AND MAINTAIN A HEALTHY WORKPLACE

It is essential to ensure that people collaborate in a secure and healthy workplace. If you think about it, most people spend about one-third of their adult lives in a workplace environment.

Consequently, businesses are key drivers for SDG 3 and SDG 8 – “Good Health and Well-being” and “Decent Work and Economic Growth.” Emphasize safe habits at work through frequent training and refreshers, and implement health and fitness programs for your team.

2. REWARD AND INCENTIVIZE RESPONSIBLE BEHAVIORS

Such as “Employee of the Month,” usually reserved for employees with the best productivity, businesses can also reward workers for incentivizing better environmental practices.

In this case, you’d be supporting SDG 12 – “Responsible Consumption and Production.” Consider offering bonuses or awards for the most environmentally conscious team members – especially those who put your business closer to those responsible practices.

3. PROMOTE DIVERSITY IN THE WORKPLACE

Diversity strengthens human relationships and encourages creativity in the workplace.

Organizations are ecosystems that thrive on variety. Diversity at work includes people from different cultures, genders, races, and opinions that add different perspectives to the work dynamics.

With these actions, businesses would support SDGs 5 and 10 – “Gender equality” and “Reduced inequalities.” In this sense, workspaces are not alien to the changes that are taking place in society. Diversity at work is a way of integrating those sectors of society that do not usually have many job opportunities.

A happier future

The international community is facing an exceptional moment, with a challenging roadmap and objectives established through the collaboration of governments, companies, and civil society. From your company, you can contribute to their achievement and develop new business opportunities that combine social and environmental impact with an economic return.

Businesses, regardless of their size, have the power to forge change and harness innovation, involving their employees, clients, partners, and communities – ensuring that no one is left behind in a safer, happier future.

work in cybersecurity

The 7 Best US Cities to Work in Cybersecurity

In many ways, cybersecurity might be perfect for anyone looking to make a career change. With the right training in just 6 months, you can earn all the knowledge, hands-on experience, and basic industry certifications needed to start working and earn very competitive salaries (for July 2021, the annual average pay for a cybersecurity specialist in the US is $112,974). And, to make things even more interesting, there are over 500,000 job openings to work in cybersecurity in the US.  

Getting into this field will be a life-changing experience.  

To help you understand your chances of actually getting a job, we created a list of the best seven US cities to work in cybersecurity based on the total available positions per location and their average paying salaries.  

Best U.S. Cities to Work in Cybersecurity

1- San Francisco, CA 

With a workforce of over 22,000 employed cybersecurity professionals, San Francisco is the tech capital of the west coast and home to many large corporations, medical services, and large educational centers.  

Although the cost of living in this city is pretty high, salaries in this field are way above the average nationwide, making it even more interesting for those looking for a better income and way of living. Among the most popular jobs are cybersecurity consultants, specialists, and analysts.  

Current job openings: 13,593 

Employed workforce: 22,355  

Average salary: $146,822 

2- Washington DC 

No surprise that Washington DC is the leader of this list. The place that serves as headquarters for most government agencies and large private corporations now has more than 65,000 job openings for cybersecurity professionals. Most vacancies are looking to hire people with the right training and skills to carry out security analysts, systems engineers, software developers, and cybersecurity managers or administrators.  

Current job openings: 65,449 

Employed workforce: 105,382 

Average salary: $142,426 

3- Chicago, IL  

Chicago is among the best cities to work in cybersecurity. It is the place for many business hubs in the country that are constantly looking to hire new and talented people to defend against malicious actors.  

Currently, there are over 13,000 job openings, especially for people who have the skills and training to fill decision-making roles.  

Current job openings: 13,283  

Employed workforce: 28,518 

Average salary: $117,860 

4- New York, NY  

Aside from being the city that never sleeps, New York has many of the largest financial firms, hospitals, educational systems, and many headquarters for the US government, many of which are desirable targets for hackers. No wonder why over 24,000 openings are looking to hire cybersecurity analysts and consultants, as well as network engineers and penetration testers.  

Current job openings: 24,401  

Employed workforce: 62,157 

Average salary: $116,973 

5- Dallas, TX 

What makes Dallas such a great city for someone looking for a job as a cybersecurity specialist is that it hosts more than 20 Fortune 500 companies looking to hire top-performing candidates to take care of their security systems and protect their assets.  

Aside from the obvious profiles such as cybersecurity analysts and consultants, in Dallas, organizations are looking for mid and senior roles that include Chief Information Security Officers (CISO) and Information Security Directors.  

Current job openings: 19,372 

Employed workforce: 31,762 

Average salary: $105,681 

6- Atlanta, GA  

What makes Atlanta such a great place to look for a cybersecurity job is that it is home to many regional headquarters for most Fortune 100 companies that are constantly looking to hire more trained professionals to take care of their cybersecurity systems and protocols.  

Companies in Atlanta are mostly looking for cybersecurity managers, engineers, and business analysts.  

Current job openings: 13,810 

Employed workforce: 24,765 

Average salary: $75,109 

7- Los Angeles, CA 

According to the most recent statistics published by CompTIA, the technology industry contributes about $493 billion or %18,1% to  California’s economy. The state is home to the 7 cities to work in cybersecurity with the highest salaries, higher than the national average.  

As of March 2021, Los Angeles has over 30,000 cybersecurity employed workers, and there are over 17,000 job openings.  

Current job openings: 17,288 

Employed workforce: 30,917 

Average salary: $70,107 

Are you ready to make your career switch? At CyberWarrior, we might have just what you are looking for: training that goes far beyond the theoretical aspect, which grants you the hands-on experience required by hiring managers and will help you get 4 industry-recognized certifications.

sustainable-development-goals

Sustainable development goals: Creating our future today

We live in a world surrounded by technology. Just look around, how many devices do you see? Have you ever stopped to think about that?

Every year new things are invented, or those we already know are tweaked to make them more efficient and accessible to everyone. Fortunately, technology has always been in our lives, but unfortunately, we have also heard about climate change, global warming, pollution, global food and water shortages, endangered animals! AND the end of the world!

How is it possible that if we are so creative in developing technology that makes our lives easier, we have not been able to remedy these situations? Could we change and improve the world? Fortunately, there is already a plan that can only be successful if we all work together: the Sustainable Development Goals (SDG).

What are the Sustainable Development Goals?

In 2015, the UN, representing the population of 193 countries, announced the 17 global goals of sustainable development that focused on people, the planet, peace, and prosperity to eradicate extreme poverty, fight against inequality and injustice, and mitigate the effects of climate change.

The 17 SDGs are a collection of independent but interconnected goals carefully designed to give all of us a better future, with hundreds of targets and indicators geared towards 2030.

We must achieve these goals by 2030 to protect the planet and make this world a safer and more equitable place.

What can I do as an Individual?

Although it may not seem like it, reading about the SDGs, knowing their lines of action at a general level, and raising awareness among your family, friends, and colleagues is extremely important and the first step you must take.

That being said, here are 3 actions to help you contribute to the achievement of the SDGs. These activities can be part of your lifestyle or projects. Feel free to share them!

1. ENCOURAGE THE 3 R’S – ‘REDUCE, REUSE, RECYCLE.’

Recycling is more important than ever. The use of single-use containers, such as plastic bags or bottles puts tremendous pressure on our Earth. To reduce waste in our waters and landfills, people must follow the three Rs. You would be supporting SDGs 13 and 14 – “Life on Land” and “Life below Water” by doing your part to reduce the waste produced by your daily activities.

2. SUPPORT THE EDUCATION OF FUTURE GENERATIONS – WHEREVER THEY ARE.

Education is the basis of a better future and a pathway out of poverty. There is no dispute on that.

Donate to causes that supply books, build schools, and train teachers everywhere in the world – especially in remote areas. By helping to remove barriers to education, you’re enriching many people’s individual lives and adding talent to the workforce, thus creating the opportunity to have a better life.

3. CHOOSE TO GIVE OR ENGAGE IN CAUSES THAT YOU CARE ABOUT THE MOST

Expand the reach of your impact by engaging in projects that support the SDGs. You can choose multiple projects or just one – that’s up to you. Even some projects may support several SDGs at the same time.

When it comes to giving, engage with causes that are close to your heart. It could be related to education, environment, health, or human rights. In any case, start with the SDG that you feel most strongly about and donate towards causes that support it.

Commiting to Change

It is not long until 2030 comes around. We need to support each other, use our imagination and creativity, but above all, commit to change. If we make these goals known massively, other people might take an interest and cooperate. This is linked to CyberWarrior’s purpose, as it is core to our mission to help people grow personally and professionally – and make sure our planet keeps on turning.

succeed in cybersecurity

Succeed in Cybersecurity by Identifying Your Soft Skills

It is well known that to succeed in cybersecurity, you need to master certain hard or technological skills, like understanding different operating systems or knowing how to code using Python. But, to achieve better outcomes, you need to be able to identify and develop different human or soft skills.  

You are not a robot working in a solo environment. You are human, working and engaging with others to achieve a common goal: keeping your organization out of the reach of hackers.  

What Are Soft Skills? 

The first thing we need to know is what exactly are soft skills. They are non-technical abilities that relate to how you work. They are not specific to any job and include everything from how you communicate with others, your attention to detail, your work ethics, how you solve problems, and more.  

Although they are intangible assets, they are desirable in any career. That is why it is essential that you identify which soft skills you excel at, add them to your resume, explain how they have helped you in different circumstances, and be sure to tell the story when you are getting interviewed for a job. Soft skills are one of the assets that will make you stand out in the eyes of a recruiter. 

Think of it this way: would you rather have a co-worker who performed well in his job but would heat every meeting or have one that performed and the first one but can go through complicated meetings with a peaceful approach and try to reach the best possible outcome.  

There is a wide variety of options in soft skills, but not all of them are necessary for certain jobs. Here is a list of the most common ones that recruiters look for. We used bold letters for the ones that will be the most helpful for those of you looking to succeed in cybersecurity.

  • Problem solving skills 
  • Teamwork 
  • Adaptability 
  • Leadership 
  • Creativity 
  • Communication skills 
  • Patience 
  • Work ethic 
  • Integrity 
  • Attention to details 
  • Curiosity
  • Time management 
  • Passion 
  • Research 
  • Self-direction 
  • Active learning  
  • Conflict resolution 

Tips to Help You Identify Your Soft Skills and succeed in cybersecurity

Self-awareness is key in this process. It will allow you to understand what are your strengths and opportunities. But to ease this work, at CyberWarrior, we strongly suggest you ask friends, teammates, and even your employer about the soft skills that first come to mind when they hear your name. 

Going through this process can help you come up with a list of skills. Once you have it, take some time to do the exercise of adding an example of how each skill has helped you in the past. Not only will this help you have a story to tell recruiters, but it will give you a better sense of where you still have some work to do.  

For example, if communications skills are not something that came up in the conversations you had, then you will need to spend some time improving your body language and facial expressions, focusing on learning how to listen and how to express yourself better.  

If attention to detail is something you are lacking, you can start working on creating a work plan, making lists, and maintaining a schedule. You should also limit your distractions.  

And if problem-solving is not your strongest skill, then you should start working in a process that allows you to define, evaluate, and implement the best solution.  

Adding many soft skills to your resume is not the best approach to getting your dream job. You need first to understand what soft skills are needed to perform better in that role or which ones the recruiter is looking for. Then you need to understand which ones you actually have, and then you can add them to your profile. It’s a great idea to include them in the description of your work history and/or in your cover letter.  

To better understand what skills the recruiter is looking for, you must carefully read the job description. There you will find different hints such as “strong written and verbal communication,” or “must have strong work ethics,” and even “ability to solve complex problems.”  

2021 So Far: The Biggest Cyber-Attacks

2021 So Far: The Biggest Cyber-Attacks

For the past few years, we have seen an uptick in cyber-attacks around the world. The pandemic made things even worse, and now we see its consequences. Government agencies, schools, cities, gas pipelines, and major organizations have fallen victim during the first quarter of 2021. Understanding what has happened will allow us to prepare for the coming months.  

In this article, we want to guide you through the worst cyber-attacks we’ve seen this year. What happened, how did the organization reacted and responded, and how they recovered from it.  

1- Florida Water System 

The date was February 5th. A plant operator noticed how the cursor of his computer started moving across the screen and opened software functions that controlled the water treatment for the Florida west coast. The hacker was able to boost the level of sodium hydroxide in the water by 100.  

It is important to note here that poisoning from sodium hydroxide can cause burns, vomiting, severe pain, and bleeding. Fortunately, the operator quickly responded, reverted the levels to normal, and reported the situation to his superiors. Although the sheriff explained that the system has safeguards that prevented the contaminated water from being released to the public, this episode shows the lack of controls and training in the water systems around the country. Cyber-attacks could have put public health at risk. 

2- CNA Financial 

One of the largest insurance companies in the country fell victim to a ransomware attack earlier this year. It all happened when employees got locked out of the company’s systems due to a network disruption caused by a sophisticated cyber-attack on certain CNA systems.  

People familiar with the attack explained that CNA first attempted to resolve the matter without engaging with the hackers’ organization. One week later, they started negotiating and then agreed to pay $40 million to restore access to its systems. This amount is 10 million higher than the biggest ransom reported last year.  

According to a spokesperson, the insurance firm followed all the laws, regulations, published guidance, and worked closely with the FBI and the Office of Foreign Assets Control.  

3- Acer 

In March, the Taiwanese computer and electronics brand reported “abnormal situations” in their IT security controls. It was revealed that they were hit by a REvil ransomware attack that demanded the largest ransom to date, $50 million, and they stipulated that if they did not pay by a certain date, the price would double.  

While Acer tried to keep the situation off from the press, the threat actors revealed documents such as bank balances and spreadsheets that made clear that they had gained access to the company’s financial information, clients’ lists and that a ransom attack was going on. 

Allegedly, this all happened because of a vulnerability in a Microsoft Exchange server that was exploited, giving the hackers access to Acer’s files and sensitive information.  

4- Colonial Pipeline 

One of the cyber-attacks with the most news coverage this year, as it directly impacted the gas supply for the East Coast of the United States while causing panic and chaos.  

The DarkSide, a criminal hacker group, based in Eastern Europe, was responsible for shutting down the pipeline for several days in what appears to be the largest attack on an American energy system. Operations were restored after Colonial paid a ransom of 4,4 million dollars worth of bitcoin.  

All the chaos, gas shortages, and price spikes were a consequence of a leaked password to an old account with access to the VPN used to access the company’s server. This puts in evidence the urge to implement cybersecurity training for all employees, reviewing the organization’s identity, access management policies, and security controls.  

5- NBA 

Earlier in April, the USA National Basketball Association was hit with a cyber-attack that mainly affected the Houston Rockets. The team claims that they could quickly detect the intrusion and respond, reducing the damage to its operation. But, according to Bloomberg, the hacker group Babuk was able to get ahold of at least 500 gigabytes of information, including financial data, non-disclosure agreements, and contracts. 

The criminals posted a message on the dark web claiming for a ransom to return the stolen data, or they would post all the information online. As we write this, there is no proof that a ransom has been paid.  

6- Microsoft Exchange 

A Chinese cyberespionage group uncovered and exploited four newly discovered vulnerabilities in the email software, putting at risk over 30,000 organizations and government agencies in our country.  

Microsoft explained that the hackers were taking advantage of these flaws to conduct targeted cyber-attacks on email systems used by different industries, especially on organizations related to infectious disease researchers, law firms, and higher education institutes. And they stated that the criminals were putting at risk any unpatched Exchange server worldwide.  

Basically, in each unpatched server, the attackers left a “web shell,” a hacking tool that grants them administrative access to the computer and servers. Along with the US Cybersecurity & Infrastructure Security Agency (CISA) and security companies, Microsoft worked quickly to revert the damages caused by releasing an update to the system and providing mitigation guidance.  

7- Accellion 

Accellion, an IT security firm owner of a secure file sharing and collaboration software, was the victim of a cyber-attack related to a security flaw in their software that put at risk over 30,000 organizations, including companies, government agencies, hospitals, and universities.  

A report stated that it all happened in December when a vulnerability in the file transfer software was first exploited and then again in January. Six months have gone by since then, and the attack continues to leave a mess behind. Morgan Stanley, NSW Health, University of Colorado, Grocery Giant Kroger, and many others have released information about stolen or missing data.  

The Cost of Cybercrime Is On The Rise

The cost of cybercrime goes far beyond the actual money invested in detecting, responding, and recovering an organization from an attack. It includes the loss of data, productivity, money, and even reputation. It can even strike so hard that it forces an organization to close its doors. 

The situation has been getting worse year after year. In fact, when you go back in time, you can see that in 2015 the World Economic Forum estimated the cost of cybercrime to be $3 trillion worldwide. Today, Cybersecurity Ventures predicts that it will grow by 15 percent every year for the next five years, reaching 10.5 trillion dollars by 2025. A rise of almost 7 trillion dollars in just 10 years. 

Not only are hackers running one of the most lucrative “businesses,” but they are close to having zero chances of being discovered and prosecuted, according to the World Economic Forum. 

These numbers only mean that organizations (private or public, small or large) are not taking action to prepare themselves for a cyber-attack. During the first six months of 2021, it became more evident than ever before.  We have seen how the Colonial Pipeline suffered a major attack that shut down the gas supply for the East Coast of our country, how the NBA lost over 500GB of confidential data on the Houston Rockets, and how The Steamship Authority of Massachusetts ferry fell victim of a ransomware attack that affected its logistics and services. 

How Can Organizations Mitigate the Risks

The solution here is not to fear cyber-attacks but to make your organization cyber-resilient. Anyone who works in cybersecurity must acknowledge and help their management team understand that the risk of falling victim to hackers is always there. You need to have a plan in place that will enable business continuity while responding and recovering from the attack, lowering the actual impact and cost of cybercrime in your organization.

Also, there are a few industry best practices that every organization should apply to help minimize the risks of attacks: 

The first thing you need to do is provide security training for your workforce regularly. They need to spot a suspicious website or email and even identify a device that might be compromised. They need to know what to do, who to call, and how to react to an attempt against their data security.  

You also need to encrypt as much data as possible, creating an identity and access policy that restricts users who have access to sensitive data, updating and patching software regularly. Most importantly, you have to be proactive and constantly strengthen your security measures. 

These practices can help save your organization.