The National Treasury Employees Union is suing the Trump administration in an attempt to gain records of career federal employee positions that may be targeted for removal of job protections.

NTEU’s lawsuit, filed last week against the Office of Personnel Management, alleged that OPM violated the Freedom of Information Act by not responding to the union’s FOIA request from August. The union had requested documentation of employees who will be potentially impacted by the Trump administration’s “Schedule Policy/Career” order, which seeks to make tens of thousands of career federal employees at-will workers and easier for agencies to fire.

“The government cannot hide information that is critical to safeguarding workplace rights and protections for frontline federal employees in multiple agencies across the country,” NTEU National President Doreen Greenwald said in a statement. “We expect OPM and the administration to identify as soon as possible which federal jobs are being targeted so we can do everything we can to stop the reclassifications.”

Under federal statute, agencies are required to respond to FOIA requests within 20 days. In “unusual circumstances,” that timeframe can be extended for an additional 10 days.

But NTEU said in its lawsuit that OPM has not responded to the FOIA request at all, and that the time period for responding has lapsed. NTEU submitted its initial FOIA request on Aug. 20.

“There is no legal basis for OPM’s failure to respond to NTEU’s request or for its failure to produce the requested records within the statutory time period,” NTEU wrote.

The federal union is arguing that OPM’s failure to respond to the FOIA request is unlawful, and calling for a release of the requested records.

An OPM spokesperson did not immediately respond to Federal News Network’s request for comment.

NTEU’s push for information comes after President Donald Trump in January signed an executive order to revive the federal employment classification previously known as “Schedule F.” Though it is now called “Schedule Policy/Career,” the effort mirrors a former executive order from Trump’s first term that sought to remove job protections from broad swaths of the career federal workforce.

OPM proposed regulations for implementing the new employment classification in April. Although the regulations are not yet finalized, they have been moved into the “final rule stage,” and are slated for possible publication by the end of November, according to the White House’s regulatory agenda.

The White House website states that the final rule will impact “policy-influencing positions” and that the rule’s implementation will “increase career employee accountability.”

All federal positions that are reclassified as “Schedule Policy/Career” will become at-will, and employees will no longer be able to appeal adverse actions against them.

“This will allow agencies to quickly remove employees from critical positions who engage in misconduct, perform poorly, or obstruct the democratic process by intentionally subverting Presidential directives,” OPM states in the regulatory agenda item.

The Trump administration has generally argued that the reclassifications will hold federal employees more accountable and provide more flexibility to agencies. But federal unions, as well as many lawmakers and workforce experts, have said reclassifying employees in this way will lead to politically motivated firings, and an erosion of the apolitical nature of the career civil service.

Earlier this year, OPM also published guidance to set initial expectations for agencies to implement the Schedule Policy/Career employment classification. The guidance targets a wide range of federal positions that may be subject to reclassification.

OPM has estimated that about 50,000 career federal employees in “confidential, policy-determining, policy-making, and policy-advocating” positions will be reclassified as a result of Trump’s order. But OPM’s latest estimate is on the lower end of the scale: Documents from Trump’s first term showed that around 200,000 career federal positions could have their job protections stripped.

NTEU previously sued the Trump administration in January after the initial Schedule Policy/Career executive order was released. The first lawsuit alleges that Trump’s order violates established federal hiring principles and the due process rights of federal employees.

Combined, Greenwald said the two lawsuits from NTEU “are about making sure that the American people have their government services delivered by federal employees who were hired based on merit and skill, not partisan affiliation.”

The post Federal union sues OPM, seeking release of ‘Schedule Policy/Career’ records first appeared on Federal News Network.

Welcome back, my aspiring cyberwarriors!

So many of you have written me about the difficulties of finding an entry-level job in cybersecurity that I thought I should offer you some of my insights. At this moment in history, artificial intelligence (AI) is making it particularly difficult to find that entry-level job as companies are using AI to fulfill these tasks.

Here are my thoughts on the best approach to landing that first job in cybersecurity!

The best way to get a starting level job in cybersecurity is to combine industry certifications, hands-on skills development, networking, and relevant IT experience or education.

Step #1. Build Foundations and Skills

• Study the basics: Networking, operating systems (especially Linux), system administration, scripting (e.g., Python), and security fundamentals. You can gain this background from my books Linux Basics for Hackers, Network Basics for Hackers and, my upcoming, Python Basics for Hackers.
• Use free online resources, cybersecurity blogs (such as Hackers-Arise.com), YouTube (David Bombal, Yaniv Hoffman, Network Chuck), for practical, hands-on labs.
• Learn basic programming—while not always required, scripting helps with automation and troubleshooting.

Step #2. Get Industry-Recognized Certifications

• Start with CompTIA Security+ — the most respected entry-level cert; many entry-level jobs list it as a requirement.
• Consider Network+ for networking fundamentals, or more specialized options like SSCP, GCIH.
• Certifications signal employers you know security basics and are serious about the field.

Step #3. Pursue Hands-On Experience

• Apply for IT/help desk, junior admin, or tech support roles—these are common stepping stones into security.
• Take on internships, volunteer for IT/security projects, or contribute to open-source security initiatives. There are multiple open-source projects where you can gain hands-on experience without going through the hiring process. This indicates a strong commitment to cybersecurity and can help get past the “no experience” threshold. Hackers-Arise always has multiple open-source projects in our discord server.
• Build a personal “home lab” environment to practice tools and attacks in a legal, safe manner. You can accomplish this inexpensively and without needing an Internet connection using VmWare or VirtualBox.

Step #4. Network and Get Involved

• Attend local security meetups, online communities (Reddit, LinkedIn, Twitter), and conferences to build professional connections. This can also include the Hackers-Arise Discord server and community.
• Connect with cybersecurity practitioners for insight, mentorship, and potential referrals.

Step #5. Tailor Your Resume and Apply Broadly

• Document hands-on skills, home lab work, certifications, and transferable skills from any IT roles.
• Customize your resume for each job and be ready to explain your skills and learning journey in interviews.
• Explore entry-level roles such as SOC analyst, junior pentester, security technician, and IT support with a security focus.

Summary

• Certifications + hands-on learning = fastest path to entry-level roles.
• Network and build connections in the security community—it’s often who you know that helps get a foot in the door.
• Apply even if you don’t meet every listed requirement: employers want passion, constant learning, and initiative in entry-level candidates.

This blended approach maximizes your chances of breaking into cybersecurity quickly, even without prior professional experience.

The post How to Find an Entry-Level Job in Cybersecurity first appeared on Hackers Arise.

By: John N Just, Ed.D. & Ben Syn

It’s that exhilarating time of year again! Summer is winding down, and the back-to-school season is in full swing—a truly fantastic time to focus on the power of education, not just in the traditional sense, but especially in the ever-evolving digital world.

With the cost of data breaches at an all-time high, organizations are working to proactively identify areas of risk on the network. Using pentesters to conduct penetration (pen) testing is becoming more common. To protect themselves, businesses must know their risk areas before hackers find vulnerabilities. Organizations can lower their attack risk by protecting against weaknesses or eliminating them.

The 2022 IBM Cost of a Data Breach found that data breaches cost an average of $4.35 million per breach, an increase of 12.7% from 2020. For many businesses, breaches are becoming a “when”, not an “if” proposition. Of the organizations participating in the study, 83% have experienced more than one data breach — and only 17% said it was their first time.

As a result, many organizations are turning to pen testing to improve their overall security. 

What is Penetration Testing?

During pen testing, pentesters determine how secure an app or network is by trying to break into it. Pentesters often use black box testing, where the tester does not know the underlying infrastructure, apps or code. The process allows pentesters to conduct the tests from the perspective of an outside hacker and uses automated processes to test vulnerabilities.

Other forms of pen testing can be used as well. White box pen testing relies on the tester’s knowledge of the infrastructure to quickly test security using specialized tools. Gray box testing blends white box and black box testing as the tester uses personal knowledge of the infrastructure and both manual and automated tools to exploit weaknesses.

Pen testing provides numerous benefits to companies, including infrastructure knowledge and fewer errors. While some companies balk at the initial price, the approach saves significant costs by reducing risk and the likelihood of a breach. Companies regulated by compliance guidelines often turn to pen testing as part of their compliance process.

While penetration testing is similar to ethical hacking, some differences exist. Mainly, penetration testing focuses on breaching specific systems to take over the environment. Ethical hacking, on the other hand, uses all hacking techniques. Ethical hackers are usually not company employees, although some companies hire ethical hackers as full-time employees. Bug bounty programs are a bit similar, but they’re more focused on all types of bugs instead of just breaching a system. Because bug bounty programs are open to the cybersecurity community, external hackers typically participate as well as the occasional internal employee.

Responsibilities of a Pentester

Pentesters who work as contractors are typically responsible for following testing protocols designed by the hiring agency or organization. Full-time pentesters usually start with a goal and then determine which tools and methods will best help them reach it. After completing their tests, pentesters write documentation detailing the results to help make security changes.

In addition to technical skills, pentesters need good written and verbal communication skills. Pentesters often need to collaborate with the IT department to help create solutions based on the results of the tests. Because of the types of attacks happening in the real world and the technology used by cyber criminals, pentesters need to stay on top of the latest trends in the cybersecurity industry.

Pursuing a Career as a Pentester

Some companies require pentesters to have a computer science degree or cybersecurity certificate. However, many others accept on-the-job experience — especially experience in the cybersecurity industry. While some companies may require a bachelor’s degree, others look for candidates with digital badges or certifications.

Some companies hire internal pentesters, especially for white box pen testing. However, contract pentesters hired for specific projects typically conduct black box pen testing to ensure they don’t have prior knowledge of the infrastructure. If you are looking for a job as a pentester, consider looking for both full-time employment and contract gigs.

Pentesters looking for full-time employment often find jobs at non-technical companies that want to ensure their infrastructure is secure. Other testers work for cybersecurity firms that offer services to other companies. With IT spending on cybersecurity increasing as risks escalate, the demand for pentesters will also likely continue to climb.

Overall, pen testing is a great entry-level career for tech workers or people who want to enter the cybersecurity field. While some technical knowledge is needed, many of the tools and techniques are learned on the job.

The post What is a Pentester, and Can They Prevent Data Breaches? appeared first on Security Intelligence.

As new cybersecurity threats continue to loom, the industry is running short of workers to face them. The 2022 (ISC)2 Cybersecurity Workforce Study identified a 3.4 million worldwide cybersecurity worker gap; the total existing workforce is estimated at 4.7 million. Yet despite adding workers this past year, that gap continued to widen.

Nearly 12,000 participants in that study felt that additional staff would have a hugely positive impact on their ability to perform their duties. More hires would boost proper risk assessment, oversight, patching of critical systems and proper system configuration.

Many factors have contributed to this gap in essential cybersecurity workers. Some of the top reasons the survey identified were a lack of internal promotion opportunities, struggles with turnover and attrition, budget issues and a lack of qualified talent. But what defines “qualified talent” in cybersecurity today?

The industry has two options. The first is to cut the pie by continuing to focus on degree and certification holders. The other is to make a bigger pie by widening the talent pool and offering on-the-job training to applicants with the passion and mindset to succeed.

Looking for Talent in All the Wrong Places?

The term “cybersecurity” has been overly mystified. Does it involve a reclusive hoodie-wearing night owl? A math whiz writing complex code or working with cryptography?

Unfortunately, misconceptions and complexity have built a wall around the industry. This, at least in part, may explain the high percentage of people with university degrees working in cybersecurity fields. In fact, 82% of the workforce have a Bachelor’s or Master’s degree.

That level of formal education may have been necessary in the past, but the industry requires all types of workers right now. The first step to closing that worker gap will be to ensure that the public understanding of “cybersecurity” is demystified. Core skills aren’t coding or highly advanced math; core skills are problem-solving, investigative thinking, dedication and hard work.

The Making of a Cybersecurity Specialist

Recently, the Australian Signals Directorate (ASD) identified that a “cybersecurity specialist” is “just your average person” that can come from varying backgrounds. This is completely true, especially when key cybersecurity tasks today revolve around monitoring, detection and the ability to spot anomalies. Contrary to popular thinking, cybersecurity is not a bunch of blinking lights and super-secret artificial intelligence — though there are elements of that.

The cybersecurity industry could be morphing into a 21st Century version of manufacturing and assembly lines. Yes, there are still skilled labor requirements. But there is still no substitute for “hands-on keyboard” or “taking live fire” during an incident response case. That comes through experience.

Therefore, this begs the question: Who is better suited for a cybersecurity position? Somebody with a high school diploma but has managed computers and IT systems since they were a teenager, making mistakes along the way but solving them with passion and curiosity? Or a person with a cybersecurity degree who read about the field in a book, spending limited time with hands on a keyboard?

Focus on the Person, Not the Paper

Let’s return to the (ISC)2 study. Participants are trending towards practical skills and experience as more important qualifications. Certification, degrees and training are nice, but problem-solving abilities and related work experience are what employers are looking for. Interestingly, certifications are seen to be more valuable for skills growth than a means to jump into a career in cybersecurity.

It almost feels as though there is an elephant in the room: are we considering the right people for cybersecurity jobs, especially for entry-level jobs?

Granted, some positions require a strong mix of experience, paper qualification and/or validation, and years of battle hardening. For instance, a CISO or senior-level SOC analyst will almost certainly have done time in the trenches.

But some positions grant some low-risk, hands-on experience. If an organization finds a candidate with sincere curiosity, problem-solving skills and the appropriate soft skills, their paper qualifications may not matter. Rather, what will determine success is the organization’s ability to train the individual on the necessary tools and the core technical competencies required to complete the job. A curious person with problem-solving skills can figure out the rest. Just do not leave them hanging because they may suffer from burnout.

Training Can Bridge the Gap

Back to the assembly line analogy: Let’s say you are new to the machinery or protocols in a manufacturing shop. If you can be trained, shadow somebody more experienced for a period of time and have the right work ethic you can pick up the skills and excel. It’s the same principle in cybersecurity.

This is how to bridge the gap, especially in the short term. Waiting three to seven years for individuals to complete advanced degrees may no longer be practical, given the high demand. Technologies will change and there is no guarantee of “hands on keyboard” battle scars.

It’s time to start thinking outside the box. Pitch these two scenarios to a hiring manager today:

1. Individual A works on IT systems and remotely manages a SIEM. They have no certifications or paper qualifications but have worked like this for a couple of years, come highly referred as a dedicated worker, are dependable and require little oversight.
2. Individual B completed a Bachelor’s degree in computer science and a Master’s degree in cybersecurity. They also have completed some basic cybersecurity certifications but have no previous work experience or references.

Based on these surface descriptions, who are you inclined to interview first for a cybersecurity job?

The Pathway to Filling Future Needs

The above example is not a knock on those seeking university degrees or certifications; rather, it is a reality check. If 80% of workers in the industry have university degrees and there are not enough people to meet the need, well, you need to start looking elsewhere to fill the gap. Otherwise, expect retention problems.

For hiring managers, that will mean carefully crafting your requisitions and keeping your expectations in check. These new hires will be your apprentices for a while. Know that if you get them early, reward them with the opportunity and treat them right, you may also be filling a long-term need.

The post Bridging the 3.4 Million Workforce Gap in Cybersecurity appeared first on Security Intelligence.

Neil Wyler started his job amid an ongoing cyberattack. As a threat hunter, he helped his client discover that millions of records had been stolen over four months. Even though his client used sophisticated tools, its threat-hunting technology did not detect the attack because the transactions looked normal. But with Wyler’s expertise, he was able to realize that data was leaving the environment as well as entering the system. His efforts saved the company from suffering even more damage and disruption. 

Wyler shows that threat hunters can help prevent a cybersecurity catastrophe. But what is a threat hunter, and how can they improve an organization’s security posture?

What is Threat Hunting?

While enterprise security systems are a key part of cybersecurity, threat hunters provide organizations extra protection. A threat hunter reviews all the security data and systems to look for abnormalities and potential malware issues. Threat hunting complements automated security tools and is best used in conjunction with that technology. By combining the strengths of both human expertise and artificial intelligence (AI) tools, companies can find cyber threats faster and reduce damage.

Responsibilities of a Threat Hunter

Threat hunters search, log, monitor and neutralize threats to find issues before they become serious problems. In some companies, threat hunters design the threat-hunting program, which starts by building the hypothesis the program is looking to answer, such as searching for malware with specific criteria. Threat hunting typically involves looking for malware threats incorporated into commercial technology but not yet known.

Threat hunters use three approaches: structured, unstructured and situational.

During structured tests, the threat hunter leverages indicators of attack (IoAs) and the tactics, techniques and procedures (TTPs) of an attacker. Unstructured hunts occur when a trigger indicates a compromise, and the hunter looks at patterns before and after the detection. Situational hunts commence when a risk assessment is warranted, such as knowing attacks are happening at similar companies.

What makes threat hunting different from other cybersecurity tasks is that they don’t just use security information and event management (SIEM), endpoint detection and response (EDR) and other typical processes. Instead, threat hunters search through security data to look for patterns that indicate malware or attackers. Once they discover a cyber criminal’s potential entry method, they work to patch the issue to prevent future incidents.

Pursuing a Career as a Threat Hunter

Threat hunting is often one of the responsibilities of a cybersecurity analyst. However, some managed service professionals (MSPs) hire threat hunters whose primary responsibility is threat hunting for clients. Cybersecurity firms also hire threat hunters to provide the service to their clients. Additionally, threat hunters can work freelance for companies that need threat-hunting expertise but don’t want to hire an MSP.

Companies often look for certifications or bachelor’s degrees when hiring for analyst and threat-hunting positions. Candidates can also go into threat hunting with digital badges or certifications. However, cybersecurity analysts can learn threat-hunting skills on the job and then move into a threat-hunting role.

Threat hunters need strong technical skills and expertise with cybersecurity tools. However, the most important skills are problem-solving and analysis because the role requires manually reviewing data. Threat hunters must also have a strong interest in cybersecurity and a willingness to continually stay updated on cyber criminals’ latest TTPs. Additionally, threat hunters need good written skills to communicate findings to IT leaders. Because threat hunters often work on a team with other cybersecurity professionals, they also need the ability to collaborate and verbally communicate with others.

As cybersecurity risks and threats continue to increase, threat hunting is apt to become an even more crucial facet of cybersecurity. Organizations need the human touch to catch sophisticated threats, even using sophisticated tools. Cybersecurity professionals specializing in threat hunting or adding it to their skill set will likely have solid employment opportunities.

The post How Do Threat Hunters Keep Organizations Safe? appeared first on Security Intelligence.

Today I’ll share with you my thoughts on a career in IT security and give some hints on how to get started.

People fresh out of IT-related studies, or those who are just going to study IT more or less know what they want to do or will learn from lecturers and colleagues. More difficult is for those who change their careers completely.

The post Humans of Detectify: You don’t need to be an expert to get into security appeared first on Detectify Blog.

The post Meet the team: Andrea Palaia – From particle physics at CERN to Detectify data appeared first on Detectify Blog.

The post Meet the team: Johan Norrman – From building code to building teams to building companies appeared first on Detectify Blog.

The post Meet the team: Martina Janevska – Problem solver who loves a challenge appeared first on Detectify Blog.

The post Team event – Detectify Sailing appeared first on Detectify Blog.

The post Awards to Detectify’s team members appeared first on Detectify Blog.