About Us

Nightdragon Partners With Diversity And Inclusion Companies To Advance Industry Talent

NightDragon, a specialized cybersecurity, security, safety, and privacy investment and consulting company has partnered with leading diversity and talent development organizations, including the Athena Alliance, Cyber Future Foundation (CFF) and Cybersecurity Gatebreakers Foundation (CGF) to expand talent and develop diversity and inclusion initiatives across its portfolio companies and the industry.

NightDragon will partner with the Athena Alliance, CFF, CGF, and other organizations to expand diversity and inclusion activities in its portfolio companies, such as talent acquisition, executive education, career training, and mentorship. It will continue to cooperate with these organizations on industry regulation to boost diversity and inclusion initiatives more widely.

Dave DeWalt, Founder and Managing Director, NightDragon said, “Improving diversity and inclusion is one of the most critical issues facing our industry today. By working together with organizations like the Athena Alliance, the Cyber Future Foundation and the Cybersecurity Gatebreakers Foundation, we hope to help build more diverse companies, leading to stronger cultures, increased company growth and better technology development to combat today’s biggest threats.”

Coco Brown, CEO and Founder, the Athena Alliance said, “Our industry has made progress around improvement of diversity and inclusion, but there is still much more work to be done. We look forward to working closely with NightDragon and its portfolio companies to further these efforts across the industry, as well as help them tap into the full potential that a diverse and vibrant company culture can provide.”

Val Mukherjee, Chairman and Founder of Cyber Future Foundation said “At CFF, we recognize that a global and comprehensive approach is needed to solve the cybersecurity workforce challenges and remove barriers to career entry, while helping leaders find new approaches to staff and up-skill their teams. We are proud to work with venture capital firms like NightDragon, as well as commercial, public and private sector, other nonprofits and academic organizations to build stronger company cultures and businesses with the ultimate goal of reducing cybercrime threats.”

“Closing the cybersecurity skills gap requires our industry to break down the traditional gates in cybersecurity – the years of experience, the computer science degrees, and the litany of security certifications that we for years have thought necessary to begin a career in cybersecurity. We need to teach people how to discover the untapped talent that is everywhere around us; people just need a chance. The Cybersecurity Gatebreakers Foundation looks forward to working closely with NightDragon and its portfolio companies to close the cybersecurity talent gap while helping CISOs and hiring managers find, train and retain great cybersecurity talent,” said Naomi Buckwalter, Founder and Executive Director of Cybersecurity Gatebreakers Foundation.

These partnerships are the newest additions to the NightDragon Network’s ND Talent program, which aims to provide value and advantages to portfolio firms while also addressing high-priority areas including talent hiring, diversity, and retention. These advantages will be available only to portfolio businesses, and NightDragon intends to expand its resources as needed.

Degreed and Cybrary formed partnership to provide integrated cybersecurity learning experiences

Cybrary, a cybersecurity employee development platform, and Degreed, the upskilling platform that connects learning to opportunities, formed a strategic partnership to produce a more comprehensive integrated learning process for cybersecurity experts devoted to cyber skill development.

The partnership will offer a smooth integration across the Cybrary and Degreed platforms, as well as give cybersecurity experts access to the most extensive and comprehensive collection of cybersecurity learning content presently available.

By making Cybrary’s entire library of Learning Paths available through Degreed Plans, learners can build their cybersecurity competencies through a balance of expert-led training and experiential learning. Cybrary will provide Degreed clients with a personalised consultation to assess each company’s unique training requirements as part of the deal.

Degreed clients can collaborate with Cybrary to develop a strategy that matches to organization’s strategic learning goals with precise knowledge, skills and abilities that are required for each job function, as well as identify workforce gaps.

“Partnering with a growing company like Degreed is a fantastic opportunity not only for us at Cybrary, but also our collective global community. The recent major breaches only adds fuel to the fire in meeting the demands for cybersecurity skills growth to combat ongoing threats. This partnership is another step in the right direction in supporting the frontline cybersecurity professional,” said Wesley Samuel III, Senior Vice President of Global Sales at Cybrary.

“The Degreed team is excited to partner with Cybrary to help solve the issues plaguing security training and cyber skill development. As more of our lives are digitized, cyber security skills have become increasingly sought after and this partnership provides Degreed clients and users with the resources they need to meet new demands,” said Rob Wellington, Head of Experience Partnerships at Degreed.

Ransomware – Everything You Need Know

Ransomware is a cryptographic malware that threatens to release or permanently block access to the victim’s data until a ransom is paid. Ransomware encrypts information and documents on any device, including servers, from a single computer to an entire organization’s network. Ransomwares are part of cryptovirology. Cryptovirology is the study of the creation of effective harmful malware using encryption. 

Ransomwares encrypt the victim’s files making them unusable and demand a ransom to unlock them. Recovery of documents without the decryption key is an unsolvable problem in a properly executed cryptoviral extortion attack. The payment of ransoms is demanded in Bitcoin or other cryptocurrencies, making it impossible to track down and prosecute the culprits. 

Recent Ransomware attacks  

The WannaCry ransomware attack swept across the Internet in May 2017, employing the EternalBlue vulnerability vector. The ransomware attack, which was unparalleled in scope, infected over 230,000 devices in over 150 countries and demanded money from customers using the Bitcoin cryptocurrency in 20 different languages. At least 16 hospitals in the United Kingdom’s National Health Service (NHS) had to turn away patients or cancel scheduled surgeries. The US Colonial Pipeline was the target of a cyberattack on May 7, 2021. DarkSide was recognised by the Federal Bureau of Investigation as the culprit of the Colonial Pipeline ransomware assault, which resulted in the voluntary shutdown of the primary pipeline carrying 45 percent of petroleum to the US East Coast. 

How Attackers Attack? 
  • Ransomware comes as an email attachment – Invoice, attached document, etc. It may include a real vendor’s name or even your organization’s name. 
  • Employees’ computers are usually connected to the company’s network, shared cloud services, and so on. Without any human involvement or indication, ransomware begins encrypting all of the files it can as soon as it is launched. 
  • It then notifies the user and gives payment instructions. 
  • Some other ways are – Compromised webpages, infected removable drives, malicious software bundles.
  • Payment is mostly in Bitcoins 
 Key choices: 

– Pay the ransom and get data 

– Restore from backup 

– Lose Data 

Paying the Ransom increases Risk of Future Attacks 

The majority of cybersecurity experts don’t recommend paying a ransom in the event of a ransomware attack. Paying won’t guarantee that a company will get their data and it will encourage hackers behind ransomware attacks to keep doing what they’re doing, maintaining the illegal industry. The targets of a ransomware attacks are mostly given a time limit with the threat of deleting a particular amount of data every hour until the ransom is paid. This can be extremely stressful and unpleasant for the key management people in an organization, leading them to believe that they have no other option except to pay. The best suggestion is to be properly prepared for an attack so that enterprise firms can defend themselves. 

Ransomware and Cryptocurrency  

Bitcoins are a type of cryptocurrency, which means they don’t have a physical form. They are kept in anonymous digital wallets. They can be sent to any location. They can be paid with complete anonymity from anywhere to anywhere. Aside from the advantages, they are an excellent method of payment for illegal operations. One may claim that cryptocurrency is one of the ransomware’s enablers. After all, the software would be worthless if the hackers couldn’t safely take cash. The emergence of Bitcoin has coincided with an increase in ransomware attacks.

Security Awareness Training  

It is advised that effective security awareness training is required. Employees do not come to work with the goal of clicking on phishing emails and infecting their machines. As many IT professionals can confirm, knowing what red flags or threat is, can make all the difference in an employee’s ability to distinguish malicious links/software from legitimate traffic. 

Protection  

Investing in a renowned security solution and putting in a strong firewall is a terrific approach to protect an organization’s network. There are various security solutions like Zero-Trust Security, Web Application Firewall and Cloud Security. Keeping the security system up to date will assist security teams in detecting a ransomware infection in the early phase. 

Backup of Data 

The most important piece of advice given by anti-ransomware experts is to back up all data outside of your organization’s network. Create an isolated network or buy a service to keep the company’s backup safe from infection. It’s necessary for an enterprise firm to restore the whole system. 

Ransomwares have grown into malware that disables entire infrastructure. It won’t be surprising if ransomwares evolve in the next few years. Hence, necessary steps to secure an organization should be taken into consideration.