Cybersecurity Insights

The Letter

Amit Yoran, Chairman & CEO, Tenable

Amit Yoran is the Chairman and Chief Executive Officer (CEO) at Tenable. He was also the Founding Director of the United States Computer Emergency Readiness Team (US-CERT) program in the U.S. Department of Homeland Security.

Disturbed by Congress’ recent decision proposing a 25% budget reduction for CISA, Amit penned the following letter. It was co-signed by several esteemed CISOs, entrepreneurs and business leaders, including Nikesh Arora, Chair and CEO, Palo Alto Networks; George Kurtz, Co-Founder and CEO, CrowdStrike; and Ron Green, CSO, Mastercard.

A flagrant political stunt, 108 politicians voted for the budget cut in an attempt to counter ‘disinformation’ related to election security, which they believe is created by CISA in support of their political opponents.

What they apparently fail to understand is that if we were to do that, CISA would no longer have the resources necessary to monitor federal networks and provide the frontline national security defense they do today. When that happens, our adversaries will make sure that our infrastructure, now at critical risk, upon which they all depend for their stints in Congress, will become useless to us all.

Please contact your representatives in both the House and Senate and tell them you support our effort to eliminate CISA budget cuts now and into the future. It represents our last-mile defense.

Amit previously served as RSA’s president, spearheading its transformation into one of the most successful global security companies, following its acquisition of NetWitness – the network forensics company he founded and led as CEO.

ACCESS THE LETTER

DHS works with critical infrastructures on issues more broadly than cyber...

 

In this episode of Cybersecurity Insights, Amit discussed:    

  • The proposed reduction in CISA funding;
  • The letter he authored, addressed to the U.S. Congress and co-signed by the industry’s most influential practitioners;
  • The increasing and ever-evolving global threat landscape;
  • And much more. 

Schedule a Demo with Us!

Fill in the form and we’ll get back to you as soon as possible.

Closing The Education Gap In The Cybersecurity Industry

Our latest resources and blog posts help you stay in touch with what’s happening in the industry. Want even more updates? Sign up for our newsletter!

Learn more about our Course Catalog

Learn more about Masterclasses

Start Your 7-Day FREE Trial!

No Credit Card Needed!

"The Perfect Storm" A Cyber Readiness Tabletop Exercise

"The Perfect Storm" is an immersive thought exercise designed to test and enhance your financial institution's cybersecurity resilience. This exclusive CyberEd.io course simulates a complex and multi-layered cybersecurity attack, challenging participants to respond, communicate, and recover under extreme conditions. Through a series of escalating scenarios, from phishing attacks to DDoS assaults, ransomware infections, and public data leaks, participants will develop critical skills and strategies necessary to safeguard their organization against relentless cyber threats.

Ransomware Defense

This ransomware course is designed for technical defenders. Explore the methods used by bad actors to install ransomware, analyze the latest ransomware variants, identify key ransomware groups, detect early indicators of possible attacks, apply containment, eradication, and recovery best practices, then get other practical tips to establish and maintain comprehensive disaster recovery plans. This course emphasizes practical, actionable steps to defend against ransomware.

Malware Escape!

This thrilling malware attack simulation escape room, encourages tech-teams to work together to thwart common malware attacks, like the one two punch of a botnets releasing ransomware, for example. We don't want to spoil the plot. It's up to your tech team to figure it out!

FFIEC Cybersecurity Assessment Tool Quick Start

This technical guidance course explores the Federal Financial Institutions Examination Council's Cybersecurity Assessment Tool, also known as the FFIEC CAT (pronounced “cat”). This tool is designed to help financial institutions identify their cybersecurity risks and determine their preparedness. In this course, we’ll provide a high-level overview of the CAT, its components, and how it can benefit your institution. Kick off your FFIEC CAT journey today!

Combatting Social Engineering and Insider Threats

Combatting Social Engineering and Insider Threats provides a technical understanding of how social engineering and insider threats effect organizations. The course emphasizes various social engineering tactics, how to recognize and mitigate social engineering threats, the correlation between social engineering and insider threats, and then also practical, actionable steps to enhance the overall security posture of your organization.

Building Secure Architectures for ICS and OT Environments

This course is designed for industrial and critical infrastructure technical leaders and technical professionals responsible for designing secure architectures for ICS and OT environments. Explore communication protocols, securing the process control network, and the Purdue Network Model. Then learn how to implement firewalls, IDS, IPS, other Appliances and access management techniques. Build more secure cybersecurity architectures today!

AI, Machine Learning,
and Cybersecurity

Explore the intersection of AI and cybersecurity in this comprehensive course designed for learners at all levels. Dive into the fundamentals of artificial intelligence and machine learning to understand their applications in combating cyber threats. Learn about ethical considerations and future trends, equipping yourself with the knowledge to navigate and contribute to the evolving landscape of digital security. This course is your pathway to mastering AI-enhanced cybersecurity strategies.

Learn more about
CPE Credits

The Open Web Application Security Project (OWASP)

This fundamental course explores the Open Web Application Security Project (OWASP) and a publication released by the OWASP foundation, called The OWASP Top 10, which highlights the top ten cybersecurity risks. Dive into each risk category, risk mitigations strategies and pro tips! Start your Open Web Application Security journey today! 

Learn more about SmartHRM™ Software

Learn more about SmartHRM™ Solution

Learn more about
Custom Content

Blockchain and Cybersecurity

This course is designed specifically for leaders and technicians who need to expand their knowledge in blockchain technology. We explore blockchain's impact, specifically highlighting cybersecurity concerns. We cover foundational concepts such as decentralization, transparency, and immutability, as well as practical applications in regulatory compliance, auditing, and security. Explore types of blockchains—public, private, and consortium—and learn how they are used. Blockchain is here! Prepare today!

The NIST Cybersecurity Framework

This fundamental course delves into the National Institute of Standards and Technology Cybersecurity Framework, or the NIST Cybersecurity Framework, also known as CSF for short. The CSF is a set of best practices and recommendations for organizations to help manage cybersecurity risk. Learn all about the CSF structure, purpose, application across various sectors and how utilizing the CSF Framework can enhance an organization’s security posture.

Payment Card Industry
Data Security Standards (PCI DSS) Compliance

In today's world, data is the lifeblood of organizations, so protecting that data, through various forms of cybersecurity compliance, has become paramount. Payment Card Industry Data Security Standards (PCI DSS) Compliance provides IT professionals with a granular understanding of the requirements and best practices needed to ensure payment card data security compliance as well as links to even more detailed related resources. Learn about payment card industry data security standard compliance today!

Federal Deposit Insurance Corporation (FDIC) Laws and Regulations

This course provides a deep dive into the key cybersecurity laws and regulations that FDIC-supervised institutions must adhere to. With a blend of technical insights and practical guidance, participants will learn to navigate the complex regulatory landscape, implement robust cybersecurity measures, and ensure compliance with FDIC requirements. Make sure your institution stays compliant. Brush up on FDIC Laws and Regulations today!

Certified Information Systems Security Professional (CISSP) Prep Path

The CISSP certification is recognized as the gold standard for IT security professionals. This prep path, spanning 39.75 hours, equips security professionals with in-depth knowledge of advanced security management. Achieving CISSP certification validates expertise in designing, implementing, and managing a best-in-class cybersecurity program​​.

CompTIA Security+ Certification Prep Path

This learning path builds on foundational networking skills to prepare learners for the CompTIA Security+ certification exam, one of the most sought-after entry-level cybersecurity certifications. Through a comprehensive 28.75-hour program, participants will cover essential information security principles across six key exam objectives, including threats, vulnerabilities, cryptography, and risk management.

Artificial Intelligence and Public Policy

With rapid advancements in AI technology, there is an urgent need to establish guidelines and guardrails for safe use and adoption. To address this need, the United States government - in collaboration with multiple private sector organizations - passed the bipartisan Senate Bill 5838 to establish the Congressional AI Task Force. In this CyberEd Session, Bob Ferguson, State of Washington Attorney General, will outline the objectives and structure of the task force, designed to assess the implications of AI technologies and propose informed legislative recommendations.

Learn more about SmartHRM™ Training

Intro to the
Gramm-Leach-Bliley Act

Intro to Gramm-Leach-Bliley Act is tailored specifically for financial sector business professionals who must understand the importance of Gramm-Leach-Bliley Act (GLBA) compliance and its impact on financial sector organizations. Learn how the Gramm-Leach-Bliley Act requires financial institutions to explain information-sharing practices and safeguard sensitive data.

Leading Financial Supply Chain Cybersecurity Teams

Third-party vendors play an essential role in all financial sector operations and supply chains, from payment processors to IT service providers. However, these relationships also introduce potential risks that can threaten the security and integrity of our data and systems. This executive-level course for financial sector business leaders highlights high level strategies all finance leaders need to know about managing third-party vendors and cybersecurity initiatives. Expand your third party vendor and supply chain cybersecurity leadership skills and drive better business impact, for your business today!

National Credit Union Administration (NCUA) Cybersecurity Compliance

National Credit Union Administration Cybersecurity Compliance provides an in-depth exploration of the National Credit Union Administration's cybersecurity regulations and best practices. Participants will learn to identify potential cyber threats, implement robust security measures, ensure compliance with NCUA guidelines, and understand the important role leadership support plays in establishing a strong cybersecurity posture.

Combatting Social Engineering and Insider Threats

Combatting Social Engineering and Insider Threats provides a technical understanding of how social engineering and insider threats effect financial service organizations. The course emphasizes various social engineering tactics, how to recognize and mitigate social engineering threats, the correlation between social engineering and insider threats, and then also practical, actionable steps to enhance the overall security posture of your financial service organization.

Learn more about our team-based solutions!

Masterclass with Kelly Hood

Kelly Hood, a cybersecurity engineer with Optic Cyber Solutions, talks about the NIST cybersecurity framework in this Masterclass, diving into implementation tiers, and framework profiles. Learn how to integrate regulatory requirements into your cybersecurity program today!

Masterclass with Andy Jenkinson

In this Masterclass Cybersec Innovation Partners founder Andy Jenkinson delves into a history of some real-life case studies and significant events which led to our current understanding of Domain Name Systems (DNS). Explore how DNS are misunderstood, how they’re vulnerable and how they can be manipulated by bad actors.