The traditional information network is undergoing radical change, and so is the approach to network security. Jesse Rothstein of ExtraHop discusses the present and future of enterprise network security.
What's the difference between an elite and a less mature DevSecOps program? Sonatype's Derek Weeks unveils the results of the 2019 DevSecOps Community Survey.
Although organizations need to worry about phishing, malware and other inbound threats, they also must be aware that social media accounts pose an increasing risk - and they need to be monitored and locked down, says Otavio Freire of SafeGuard Cyber.
Malicious and accidental insiders alike have drawn renewed attention to the insider threat. Patrick Knight of Veriato offers new insight on the scale of the problem and how to tackle it.
A former patient coordinator at UPMC, a medical center in Pittsburgh, has pleaded guilty to wrongfully disclosing health information in a rare case involving criminal prosecution for violating HIPAA.
How are we doing on hiring more women in the technology sector? Ann Sung Ruckstuhl of Unisys says that from a demographic representation standpoint, we should be doing far better because of the demonstrable benefits to the business that women bring.
By 2025, the volume of data is projected to grow by a factor of 10. How can enterprises hope to identify and secure sensitive data at the speed of business? Stephen Cavey of Ground Labs shares insights.
Five years ago, rating the cybersecurity posture of organizations to help reduce risk and improve their security posture was a new idea. Since then, the concept has been expanded to include everything from threat management to cyber insurance premiums, says Sam Kassoumeh, COO of SecurityScorecard.
The healthcare sector has unique cybersecurity infrastructure threats as well as vulnerabilities. Dr. Abdul Rahman of Fidelis Cybersecurity describes it as a "terrain problem," and he recommends new strategies.
Successful CISOs distinguish themselves by the length of their tenure in the job, which in many cases depends on their ability to communicate with the board of directors and senior managers, says Mat Newfield, CISO of Unisys. And that involves much more than demanding additional money and people.
Small and midsize organizations are no less vulnerable to cyberattacks than large enterprises. Dan Smith of Zeguro outlines an approach for these organizations that fuses cybersecurity with insurance.
For a managed security service provider to deliver maximum value for customers, it needs to provide a hybrid approach that delivers not only actionable security information but also context, says Matt Peters of Expel.
Information security programs continue to rely not just on security policies, but also the controls that ensure they get enforced. Unfortunately, such controls begin degrading the moment they're put in place, sometimes rapidly, says Josh Mayfield, director of security strategy at Absolute Software.
To help ensure that their sensitive data cannot be exfiltrated, some organizations have adopted data diodes, which are hardware devices designed to provide a one-way link to stop exfiltration or block remote attackers, says Mike Timan of Owl Cyber Defense.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.