cybersecurity
Draft cybersecurity ordinance gets approval
The Council of Advisers has granted its preliminary approval for the draft of the Cybersecurity Ordinance, 2024.
The ordinance, which aims to strengthen the nation’s cybersecurity framework, is a significant step towards enhancing digital security and protecting citizens from online threats.
The draft will need to be presented again for final approval before it becomes a law.
Govt starts process to scrap Cyber Security Act
Once enacted, officials said, the ordinance will provide a robust legal structure for addressing cybersecurity issues in Bangladesh, ensuring greater protection for both public and private sector digital assets.
They said the government stresses the importance of this ordinance in safeguarding the nation's online infrastructure from evolving cyber threats.
E-cigarette import, E-Nicotine Delivery Systems Banned
In another important decision, the government has announced a ban on the import of all e-cigarettes and Electronic Nicotine Delivery Systems (ENDS) products.
This move aims to protect public health by curbing the availability of these potentially harmful products in the market.
CGS CFJ Whitepaper: Drop cases still pending under flawed cybersecurity law repealed in 2018
The decision comes amid growing concerns about the rising use of e-cigarettes, especially among the youth, and the potential health risks associated with their use.
The government has taken a firm stance against these products, citing their adverse effects on health and the need for stricter regulation in the interest of public safety, according to the officials.
1 week ago
Empower Your Tech Career in 2024: Master These In-Demand Skills for Success
The rapid evolution of the technology industry has made tech skills increasingly vital in the current job market. As we approach 2024, staying abreast of the most in-demand tech skills is essential for anyone looking to secure a thriving career in this dynamic field. This comprehensive guide delves into the top tech skills that are poised to shape the industry in 2024, offering insights into how you can stay competitive and forward-thinking in your tech career.
Most In-Demand Tech Skills to Advance Your Career in 2024
Cybersecurity
In the realm of technology, cybersecurity remains a critical and rapidly growing field. As of 2023, there is a demand for almost a million cybersecurity professionals globally, but there are about 400,000 professionals across the world. The cybersecurity landscape is vast, presenting numerous opportunities in various sectors.
Aspiring cybersecurity professionals should begin with foundational knowledge in network security and protocols, progressing to more complex topics such as virtual machines, remote access, intrusion detection systems, cybersecurity frameworks, and risk management strategies.
Read more: Cyber Security Career Guide: How to Become a Cybersecurity Expert?
Data Analytics
Data Science and Analytics have become central to tech trends, with a considerable expansion in scope and application. Data analytics involves processing and interpreting large data sets to provide actionable insights for businesses and decision-makers.
The US Bureau of Labor Statistics anticipates a 23% growth in demand for data analysts over the next decade. Key skills in this field include proficiency in tools like Microsoft Excel, Power BI, Python, and Tableau. Additionally, obtaining a degree or certification in data analytics significantly enhances one's career prospects.
Cloud Computing
Cloud computing has transformed the way we access and interact with technology, offering scalable computational resources over the Internet. The field has witnessed widespread integration across various industries such as tech, finance, automotive, and healthcare.
Read more: Best Free Data Science, Machine Learning Courses Online
For beginners, the journey into cloud computing starts with learning the basics of cloud infrastructure, management tools, deployment strategies, directory services, and architecture principles. Combining cloud computing knowledge with cybersecurity skills opens doors to specialized roles in cloud security.
Robotic Process Automation (RPA)
RPA is revolutionizing organizational workflows by automating repetitive and mundane tasks. This not only streamlines processes but also enhances efficiency and accuracy. Breaking into the RPA sector requires a solid technical background complemented by professional certifications and practical training. These qualifications pave the way for internships and permanent positions in the field.
11 months ago
France happy with Bangladesh’s commitment for acquisition of 10 A350 from Airbus
France has thanked Bangladesh for its commitment concerning the acquisition of 10 A350 from Airbus.
The two countries underlined the importance of continued cooperation on improved air traffic management in all airports of Bangladesh.
Both countries welcomed enhanced cooperation in strategic sectors, according to the joint statement on Bangladesh-France partnership for peace, prosperity and people.
Bangladesh and France regard sovereignty and strategic autonomy as key principles for a stable, multi-polar world.
Also read: Bangladesh, France are opening up new areas of cooperation: PM Hasina
Likewise, as a contribution to the 2041 Vision of a Smart Bangladesh, the two countries welcomed the conclusion of a space partnership between Airbus DS and Bangladesh Satellite Company Ltd. (BSCL) that will strengthen Bangladesh’s position as a Space nation after it masters its own sovereign earth observation satellite.
Bangladesh and France have agreed to cooperate in the fields of ICT and digital technology, including artificial intelligence.
In this regard, France invited Bangladesh to consider joining initiatives such as the Global Partnership on Artificial Intelligence.
They also stressed the importance of joining their efforts towards an enhanced management of cybersecurity issues for a global, open and secure cyberspace governed by international law.
Also read: Dhaka, Paris willing to step up defence cooperation, take relations to “strategic” level
France will work towards identification of technical assistance to Bangladesh in dealing with cybersecurity threats and will work together on the Global Digital Compact under the aegis of the UN.
Bangladesh and France share a deep-seated friendship, based on shared democratic values, promotion of human rights, sustaining peace and sustainable development.
This friendship is rooted in multi-layered historical ties that notably saw André Malraux, France’s former Minister of Culture, launch his memorable call for supporting Bangladesh during the Liberation War in 1971 and his subsequent meeting with Father of the Nation Bangabandhu Sheikh Mujibur Rahman in Dhaka in April 1973.
Building on Prime Minister Sheikh Hasina’s visit to France in November 2021, at her invitation, President Emmanuel Macron paid a bilateral visit to Bangladesh from 10-11 September 2023. The President of France and the Prime Minister of Bangladesh met on Monday in Dhaka to give a strong impetus to the bilateral relations, and stated their common conviction to develop a trusted and meaningful partnership fostering strategic autonomy - in support of global peace and security, resilience and prosperity, and people-centric connectivity.
Also read: France respects Bangladesh's sovereign policy independence: PM Hasina says after talks with President Macron
1 year ago
Facebook parent Meta hit with record fine for transferring European user data to US
The European Union slapped Meta with a record $1.3 billion privacy fine Monday (May 22, 2023) and ordered it to stop transferring user data across the Atlantic by October, the latest salvo in a decadelong case sparked by U.S. cybersnooping fears.
The penalty fine of 1.2 billion euros from Ireland's Data Protection Commission is the biggest since the EU's strict data privacy regime took effect five years ago, surpassing Amazon's 746 million euro penalty in 2021 for data protection violations.
The Irish watchdog is Meta's lead privacy regulator in the 27-nation bloc because the Silicon Valley tech giant's European headquarters is based in Dublin.
Meta, which had previously warned that services for its users in Europe could be cut off, vowed to appeal and ask courts to immediately put the decision on hold.
Read more: Facebook user data issue: Facebook parent company Meta will pay $725M
“There is no immediate disruption to Facebook in Europe,” the company said.
“This decision is flawed, unjustified and sets a dangerous precedent for the countless other companies transferring data between the EU and U.S.,” Nick Clegg, Meta's president of global and affairs, and Chief Legal Officer Jennifer Newstead said in a statement.
It's yet another twist in a legal battle that began in 2013 when Austrian lawyer and privacy activist Max Schrems filed a complaint about Facebook’s handling of his data following former National Security Agency contractor Edward Snowden’s revelations about U.S. cybersnooping.
The saga has highlighted the clash between Washington and Brussels over the differences between Europe's strict view on data privacy and the comparatively lax regime in the U.S., which lacks a federal privacy law.
Read more: Meta oversight board urges changes to VIP moderation system
An agreement covering EU-U.S. data transfers known as the Privacy Shield was struck down in 2020 by the EU's top court, which said it didn’t do enough to protect residents from the U.S. government's electronic prying.
That left another tool to govern data transfers — stock legal contracts. Irish regulators initially ruled that Meta didn't need to be fined because it was acting in good faith in using them to move data across the Atlantic. But it was overruled by the EU's top panel of data privacy authorities last month, a decision that the Irish watchdog confirmed Monday.
Meanwhile, Brussels and Washington signed an agreement last year on a reworked Privacy Shield that Meta could use, but the pact is awaiting a decision from European officials on whether it adequately protects data privacy.
EU institutions have been reviewing the agreement, and the bloc's lawmakers this month called for improvements, saying the safeguards aren't strong enough.
Read more: Meta contributes over Tk1.5 crore for Sitrang-hit people's rehabilitation efforts
Meta warned in its latest earnings report that without a legal basis for data transfers, it will be forced to stop offering its products and services in Europe, “which would materially and adversely affect our business, financial condition, and results of operations.”
The social media company might have to carry out a costly and complex revamp of its operations if it's forced to stop shipping user data across the Atlantic. Meta has a fleet of 21 data centers, according to its website, but 17 of them are in the United States. Three others are in the European nations of Denmark, Ireland and Sweden. Another is in Singapore.
Other social media giants are facing pressure over their data practices. TikTok has tried to soothe Western fears about the Chinese-owned short video sharing app's potential cybersecurity risks with a $1.5 billion project to store U.S. user data on Oracle servers.
Read more: Ohio retirement fund sues Facebook over investment loss
1 year ago
Cyber Security Career Guide: How to Become a Cybersecurity Expert?
The future of jobs is automation. As Artificial Intelligence (AI) and Machine Learning (ML) catch on, 47% of the existing jobs will become obsolete in the several coming decades. However, beyond the scopes of automation, there will remain jobs that will require human dexterity. And among those jobs, cybersecurity will be one of the most in-demand and lucrative jobs. Now, what does cybersecurity mean? What specialization does it offer and most importantly, how to become a cybersecurity specialist? Let’s answer these in detail.
What is Cybersecurity? What Does a Cybersecurity Specialist Do?
Growing up, we have all heard about “hacking”. The way hackers write some complex codes and the computer or digital devices becomes compromised. The reality is a bit more intricate than what’s dramatized. But the core idea is the same.
Cybersecurity is the process of protecting computers, mobiles, networks, in short, any kind of digital device against threats and attacks. It is one of those aspects that applies to almost every aspect of human life. That is because modern life implements some form of digitization one way or the other. From tech giants to the simple businesses that keep their data on a digital server, everyone is in constant threat of malicious attacks. Strong cybersecurity helps to ensure that every form of tech, be it a product or service, remains safe from harm’s way.
Read ATS Optimised CV: How to make your resume Robot-friendly
Now, what about cybersecurity specialists? The malicious cyber threats are constantly evolving. As a result, there need to be renewed safety measures to combat these threats. This is where a cybersecurity specialist comes in. As the name suggests, a cybersecurity specialist takes measures to address any security loopholes within any system. These are specially trained individuals who can efficiently identify, address and eliminate any threat and take countermeasures to defend against similar issues.
Scope of Career in Cybersecurity
As one of the slated leading jobs of the future, the demand for cybersecurity specialists is already very high in the market. Even though it’s a technical job highly related to tech and computer engineering, the demand for the position is seen in virtually every sector.
Businesses face multifaceted problems due to cybersecurity. It ranges from the loss of public image to extreme financial consequences. Moreover, threats like ransomware, social engineering, and malware have become rampant with different variations and iterations.
Read Blockchain Developer Career Guideline: How to Learn and Make Money?
A cybersecurity specialist can venture into a career in several security streams. It ranges from data security and identity, network management, mobile management, cloud security, application security as well as disaster recovery. Regardless of the streams, the importance and the payout are more or less the same.
A cybersecurity specialist in the USA can expect to earn up to 84,000 USD on average per year. That roughly translates to about 77,88,000 BDT per year. This staggering sum should be enough to motivate anyone interested in this line of work.
How to Become a Cybersecurity Specialist for a Sustainable Career?
The job of a cybersecurity specialist sounds challenging and exciting with high remuneration. So naturally, the question arises, how to become a cybersecurity specialist? Well, there’s no shortcut and the process can be quite challenging given the sophisticated nature of the job. Regardless, here is a step-by-step guide to becoming a cybersecurity specialist.
Education
This is the first and foremost step to becoming a cybersecurity expert. The idea is to learn the process and methods of cyber-attacks and security measures. There are several undergraduate and graduate streams of studies related to core security management. They also venture into different segments in the later parts.
Read Web 3.0 Career Guideline: How to start working and make money
There is also a cybersecurity associate’s degree which acts as a form of certification for the position. But in the actual job market, having a related degree like CS, or CSE will definitely give you an edge over the rest.
Professional Certification
Professional certifications are the best way to get ahead of the herd for landing a cybersecurity job. Tons of cybersecurity certifications often substitute for career experience while applying for different positions. But among them, some are basic certs that a cybersecurity professional has to have. These include the CISSP, CompTIA Security+, CompTIA Network+, CEH, etc. Some of these certifications are stream-based. But all of these are necessary to build a general portfolio in security management.
Experience
It’s impossible to become specialized in certain something without experience. And in the world of cybersecurity, experience is everything. This is something that will make or break the career stream for an aspiring professional. So, if the experience is so important, how should you acquire it?
Read Basic Software Skills for Freshers to Get Hired Easily
Most of the time, the duration of the associated degrees counts towards experience. There are also different associated specialized internships that count towards experience.
Am applicants can also solve dummy threats and create a portfolio for themselves. The best approach is to start somewhere and start building the experience blocks from there.
Developing Hard/Soft Skills
Just like any other job, cybersecurity expert positions also require hard and soft skills. Some of the intensive hard skills include the learning outcomes of the professional certs. In addition to those, an aspiring professional should have other expertise. Like – as network architecture, OS management, security audits, and different database platforms. These solve the hard and fast issues related to the position.
Read How to Get a Job in Google from Bangladesh?
Cybersecurity expert also needs to have a strong interpersonal skill set. These can be categorized under soft skills. Some necessary soft skills include – leadership, research, and communication.
Networking
The last thing to specialize into land a cybersecurity job is to network. Networking is important for cybersecurity. Mainly because of the sophisticated nature of the position. Everyone wants a reliable expert who will deliver without fail. As a result, the demand is there for verified and proven candidates over the rest. Having proper networking will help to land a job simply because of word of mouth and vouching.
Final Words
Cybersecurity jobs will reign in the coming days of AI and automation. With more and more automation, the threat to the system will become even more magnified. As a result, a certified and skilled cybersecurity specialist will find job security and high demand in the market. Not to mention the high payout.
Read AI & Future of Jobs: Will Artificial Intelligence or Robots Take Your Job?
In this article, we have discussed the basic facts about cybersecurity. We have also provided a guideline to develop a career as a cybersecurity specialist. So, if this line of work interests you, then go ahead, and start the journey today.
2 years ago
Huawei announces partner network expansion
Chinese telecom giant Huawei announced the expansion of its partner network at the virtual APAC Partner Summit 2021 recently.
The company has teamed up with Horangi, ZIONEXT, USEA Global, Advocado, 4Paradigm, YonYou, and Cloudwise.
Huawei Cloud is a leading cloud service provider, which brings the company's 30-plus years of expertise together in ICT infrastructure products and solutions.
Read Huawei to invest $50 million to develop 500,000 digital talents in Asia-Pacific
This entity has also been cultivating industrial digital transformations with its platform and ecosystem, focusing on government institutions, the financial services industry, logistics and energy, and even media organisations.
Speaking at the event, Zeng Xingyun, president of Huawei Cloud's APAC Ecosystem, said the company's two-pronged technology and customer-focused strategy has put the brand in the top five cloud infrastructure as a service provider globally and within the top four in Asia Pacific's emerging markets.
A new partnership with a cybersecurity firm, Horangi enables the delivery of turnkey cloud security solutions on Huawei Cloud powered by Warden, Horangi's flagship Cloud Security Posture Management (CSPM) application.
Read 1035km Laos-China railway launched with Huawei's 5G technology, smart railway solution
ZIONEXT and Huawei Cloud will jointly develop new products and services in the digital learning and teaching space. Based on ZIONEXT's cloud-based learning management platform and applications, the pair will jointly market new products and services globally, particularly in the Indo-Pacific and Central Asia region.
USEA Global, Advocado, 4Paradigm, and YonYou will develop a smart retail initiative to drive digital transformation among brick-and-mortar stores. The initiative is a launchpad for Singapore's retail industry revolution. This new sandbox will allow retailers to participate in multiple proofs of concepts, using the island as a hub for intelligent retail solutions.
Cloudwise Digital Operational Central Platform delivered in the SaaS model on Huawei Cloud. Both companies aim to drive and offer best practices leveraging big data, AI and IoT technology and provide multi-dimensional viewpoints for enterprises.
Read 5G rollout: Teletalk ties up with Huawei
3 years ago
Microsoft fixes cloud platform vulnerability after warning
Microsoft says it has fixed a flaw in its cloud computing platform that cybersecurity researchers warned could have enabled hackers to take over a cloud-based database product used by many big companies.
The company said Friday there’s no evidence the potential opening was exploited by malicious actors or that any customer data was exposed.
The cybersecurity firm Wiz, led by former Microsoft employees, said it discovered what it called an “unprecedented critical vulnerability” in Microsoft’s Azure cloud platform and notified the tech giant earlier in August. Microsoft paid the firm a bounty for the discovery and said it immediately fixed the problem.
If exploited, the flaw could have affected “thousands of organizations, including numerous Fortune 500 companies,” according to a blog post from Wiz, which is based in Israel and California. Microsoft said Friday it affected only a subset of customers using the product.
Microsoft has already been in the hot seat over the hack of its Exchange email servers disclosed in March and blamed on Chinese spies. Its code was also abused to rifle through the emails of U.S. officials in an earlier hack pinned on Russian intelligence agents and more commonly associated with the software company SolarWinds.
READ: Microsoft unveils Windows 11 operating system
The cloud platform vulnerability disclosed this week, while apparently causing no harm, raised concerns about the security of cloud services provided by the tech industry, which businesses and governments increasingly rely on.
After a White House cybersecurity summit Thursday, Microsoft pledged it would invest $20 billion in cybersecurity over the next five years and make available $150 million in technical services to help local governments upgrade their defenses.
READ: Microsoft buying speech recognition firm Nuance in $16B deal
Federal lawmakers earlier in the year insisted that Microsoft swiftly upgrade security to what they say it should have provided in the first place, and without fleecing taxpayers.
3 years ago
Major US pipeline halts operations after ransomware attack
The operator of a major pipeline system that transports fuel across the East Coast said Saturday that it had been victimized by a ransomware attack and that it had halted all pipeline operations to deal with the threat. The attack is unlikely to affect gasoline supply and prices unless it leads to a prolonged shutdown of the pipeline, experts said.
Colonial Pipeline did not say what was demanded or by whom, but ransomware attacks are typically carried out by criminal hackers who seize data and demand a large payment in order to release it.
The attack on a pipeline operator, which says it delivers roughly 45% of all fuel consumed on the East Coast, underscored again the vulnerabilities of critical infrastructure to cyberattacks both by criminal hackers and U.S. adversaries. It presents a new challenge for an administration still grappling with its response to major hacks from months ago, including a massive breach of government agencies and corporations for which the U.S. sanctioned Russia last month.
In this case, Colonial Pipeline said the ransomware attack Friday affected some of its information technology systems and that the company moved “proactively” to take certain systems online, halting pipeline operations.
The Alpharetta, Georgia-based company transports gasoline, diesel, jet fuel and home heating oil from refineries primarily located on the Gulf Coast through pipelines running from Texas to New Jersey.
The company said it hired a cybersecurity firm to investigate the nature and scope of the attack and has also contacted law enforcement and federal agencies.
In a statement late Friday, Colonial Pipeline said it was “taking steps to understand and resolve this issue,” focused primarily on ”the safe and efficient restoration of our service and our efforts to return to normal operation.” It said it was “working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline.”
While there have long been fears about U.S. adversaries disrupting American energy suppliers, ransomware attacks by criminal syndicates are much more common and have been soaring lately.
Oil analyst Andy Lipow said the impact of the attack on fuel supplies and prices depends on how long the pipeline is down. An outage of one or two days would be minimal, he said, but an outage of five or six days could cause shortages and price hikes, particularly in an area stretching from central Alabama to the Washington, D.C., area.
Lipow said a key concern about a lengthy delay would be the supply of jet fuel needed to keep major airports operating, like those in Atlanta and Charlotte, North Carolina.
A leading expert in industrial control systems, Dragos CEO Robert Lee, said systems such as those that directly manage the pipeline’s operation have been increasingly connected to computer networks in the past decade.
But critical infrastructure companies in the energy and electricity industries also tend to have invested more in cybersecurity than other sectors. If Colonial’s shutdown was mostly precautionary — and it detected the ransomware attack early and was well-prepared — the impact may not be great, Lee said.
Ransomware scrambles a victim organization’s data with encryption. The criminals leave instructions on infected computers for how to negotiate ransom payments and, once paid, provide software decryption keys.
Mike Chapple, teaching professor of IT, analytics and operations at the University of Notre Dame’s Mendoza College of Business and a former computer scientist with the National Security Agency, said systems that control pipelines should not be connected to the internet and vulnerable to cyber intrusions.
“The attacks were extremely sophisticated and they were able to defeat some pretty sophisticated security controls, or the right degree of security controls weren’t in place,” Chapple said.
Brian Bethune, a professor of applied economics at Boston College, also said the impact on consumer prices should be short-lived as long as the shutdown does not last for more than a week or two. “But it is an indication of how vulnerable our infrastructure is to these kinds of cyberattacks,” he said.
Bethune noted the shutdown is occurring at a time when energy prices have already been rising as the economy reopens further as pandemic restrictions are lifted. According to the AAA auto club, the national average for a gallon of regular gasoline has increased by four cents since Monday to $2.94.
Colonial Pipeline said it transports more than 100 million gallons of fuel daily, through a pipeline system spanning more than 5,500 miles.
The FBI and the White House’s National Security Council did not immediately return messages seeking comment. The federal Cybersecurity Infrastructure and Security Agency referred questions about the incident to the company.
A hacker’s botched attempt to poison the water supply of a small Florida city raised alarms about how vulnerable the nation’s critical infrastructure may be to attacks by more sophisticated intruders.
Anne Neuberger, the Biden administration’s deputy national security adviser for cybersecurity and emerging technology, said in an interview with The Associated Press in April that the government was undertaking a new effort to help electric utilities, water districts and other critical industries protect against potentially damaging cyberattacks. She said the goal was to ensure that control systems serving 50,000 or more Americans have the core technology to detect and block malicious cyber activity.
Since then, the White House has announced a 100-day initiative aimed at protecting the country’s electricity system from cyberattacks by encouraging owners and operators of power plants and electric utilities to improve their capabilities for identifying cyber threats to their networks. It includes concrete milestones for them to put technologies into use so they can spot and respond to intrusions in real time. The Justice Department has also announced a new task force dedicated to countering ransomware attacks.
3 years ago
Microsoft server hack has victims hustling to stop intruders
Victims of a massive global hack of Microsoft email server software — estimated in the tens of thousands by cybersecurity responders — hustled Monday to shore up infected systems and try to diminish chances that intruders might steal data or hobble their networks.
3 years ago
Hack against US is 'grave' threat, cybersecurity agency says
Federal authorities expressed increased alarm Thursday about a long-undetected intrusion into U.S. and other computer systems around the globe that officials suspect was carried out by Russian hackers. The nation’s cybersecurity agency warned of a “grave” risk to government and private networks.
4 years ago