As OT systems become more interconnected, traditional air gaps disappear, creating new risks, said Joseph Carson, chief security scientist and advisory CISO at Delinea. The convergence of IT and OT environments requires a stronger focus on protecting digital identities and access controls.
Organizations mistakenly believe their operational technology systems are air-gapped and immune to cyberthreats. Dawn Cappelli, director of OT-CERT at Dragos, discusses why these assumptions are dangerous security gaps and why organizations need to rethink their approach to OT security.
A "road map to resilience" approach helps organizations balance immediate, low-cost security improvements with complex, long-term risk reduction initiatives in industrial control systems, said Mex Martinot, vice president and global head of industrial cybersecurity at Siemens Energy.
With 75% of cybersecurity leaders facing the worst threat landscape they've seen and 90% reporting workforce shortages, emotional intelligence has become crucial for effective leadership and team retention, said Tara Wisniewski, EVP of advocacy, global markets and member engagement at ISC2.
Derek Manky, chief security strategist and vice president for global threat intelligence at Fortinet, shares the importance of public-private partnerships in cybersecurity. There's a lot of vetted interest and mutual benefit in such partnerships, and the will to move forward is strong, he said.
Traditional data center security approaches do not translate very well to cloud environments as cloud computing and Layer 7 applications have fundamentally changed the way organizations should implement security controls, said Traceable AI's Richard Bird.
The proliferation of data in today’s hyperconnected world presents both opportunities and risks. Rigo Van den Broeck, executive vice president of cybersecurity at Mastercard, said the sheer scale and accessibility of data require organizations to adopt proactive cybersecurity strategies.
Welcome to Information Security Media Group's Black Hat and DEF CON 2024 Compendium featuring latest insights from the industry's top cybersecurity researchers and ethical hackers, as well as perspectives from CEOs, CISOs and government officials on the latest trends in cybersecurity and AI.
Network detection and response delivers ground truth in cybersecurity, giving organizations crucial visibility into attacker behavior before, during and after ransomware attacks. Corelight CEO Brian Dye explains how NDR helps security teams verify threats and contain incidents effectively.
SquareX founder Vivek Ramachandran discusses the limitations of secure web gateways, focusing on their inability to handle dynamic, script-based attacks. He emphasizes the need for browser-native security products that offer real-time protection against evolving web threats.
Despite their illicit activities, ransomware groups invest in custom infrastructure and maintain stringent security practices, often surpassing Fortune 100 companies. Vangelis Stykas, CTO of Atropos, explains why ransomware infrastructure is harder to exploit than enterprise systems.
Scattered Spider, a notorious cyberthreat group, has continued its operations despite a series of high-profile arrests. The group's decentralized structure, in which members operate independently, contributes to its resilience, said Malachi Walker, security adviser at DomainTools.
SQL vulnerabilities continue to plague modern applications due to their severe impact and frequent occurrence. Databases hold valuable information such as customer data and authentication details and are "high-value targets" for attackers, said Paul Gerste, vulnerability researcher at SonarSource.
AI-assisted coding tools can speed up code production but often replicate existing vulnerabilities when built on poor-quality code bases. Snyk's Randall Degges discusses why developers must prioritize code base quality to maximize the benefits and minimize the risks of using AI tools.
When developers make Amazon Machine Images public, they risk exposing sensitive data and creating vulnerabilities. Security experts Matei Josephs and Eduard Agavriloae explain how attackers can exploit these exposures, leading to unauthorized access and potential data breaches.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.