The mass migration to cloud has only added to the global cybersecurity gap, and John Yeoh, global vice president of research at the Cloud Security Alliance is among those calling for greater "diversity by design" as enterprises look to fill these roles.
From identity and access management to cloud migration and connected devices, retired RSA CEO Art Coviello looks beyond the pandemic and says, "It's going to be a Roaring '20s for technology." But he also foresees a potentially calamitous decade for security.
FBI agent Elvis Chan dedicated four years to election security, and he doesn’t hesitate to say: The 2020 presidential election was "the most secure election of my career." He explains why, and what lessons learned we can apply to future elections.
As former U.S. cybersecurity coordinator in the Obama administration, Michael Daniel is well-versed in critical infrastructure vulnerabilities. Now, as president and CEO of Cyber Threat Alliance, he's working to bring the public and private sectors together to improve cybersecurity defenses.
As CISO of Johnson & Johnson, Marene Allison was used to gauging her security posture by the top threat activity: nation-state, cybercrime, insider or hacktivist. But in 2020, they all struck at once. Here is one CISO's take on the state of the industry.
With cyber incidents involving vendors - including cloud services providers - surging, healthcare entities must step up scrutiny of their business associates as well as those companies' subcontractors, says Thad Phillips, CISO at Baptist Health Care in Pensacola, Florida.
As former CISO of Pacific Gas & Electric, Bernie Cowens knows plenty about cyber securing the nation's critical infrastructure. He shares his informed opinion on the Colonial Pipeline ransomware attack and what public and private sector entities must do to shore up key defenses.
President Joe Biden signed an extensive executive order Wednesday that describes the government's plan to increase cybersecurity protection across the public and private sectors as well as secure the nation's infrastructure against the type of attack that targeted SolarWinds and its customers.
The NSA is offering operational technology security guidance for the Defense Department as well as third-party military contractors and others in the wake of the SolarWinds supply chain attack. The agency notes that attackers could use IT exploits to pivot to OT systems.
The U.S. Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology have released a report providing insights on how to enhance supply chain security in the wake of the SolarWinds attack.
A series of cyber incidents targeting a Swedish vendor of oncology radiation systems earlier this month is still affecting some of the company's clients - including cancer treatment facilities in the U.S. - because the company has taken its cloud-based systems offline during its recovery effort.
Does the West want to have its digital existence defined by adversaries, or is it ready to devote the time, resources, expertise and planning required to more fully take control of its evolving destiny? That's the techno-Darwinian call to arms issued by Jeremy Fleming, the director of Britain's GCHQ intelligence...
The U.S. Cybersecurity and Infrastructure Security Agency, Ivanti and FireEye report that federal agencies and other entities have been compromised by two attack groups, with one possibly acting on behalf of the Chinese government. The groups are exploiting vulnerabilities in Ivanti's Pulse Connect Secure.