Securing the public cloud is not as challenging as it used to be, but too many organizations are still taking the wrong approach, says Microsoft's Jonathan Trull. Understanding the shared responsibility model for security is critical, he says.
Even though many organizations believe that supply chain cyber risk is a serious problem, very few organizations are vetting their suppliers, says CrowdStrike's Michael Sentonas.
Security silos persist because stakeholders within the enterprise security ecosystem are focused on their own key performance indicators, says Abdallah Zabian of DXC Technology, who suggests a more holistic approach is needed.
The EU's General Data Protection Regulation has significantly raised privacy awareness worldwide in the brief time that it's been in force, says Rob Hinson of OneTrust. Organizations are revamping both internal and external privacy programs to meet the minimum global standard, he says.
Are cyberattackers working on ways to counter artificial intelligence-augmented security? And will the bad guys ever use AI-driven attacks? Adi Ashkenazy of XM Cyber offers an analysis.
Social media platforms have emerged as the world's most popular forms of communication. They also have become popular platforms for committing fraud. David Pollino of Bank of the West outlines what institutions should do to secure their social media presence.
Recognizing that social media create fertile grounds for fraud, the American Bankers Association now shares advice for how institutions can use these channels in ways that are compliant, smart and risk-savvy. The ABA's Denyette DePierro offers some tips.
Developing a mature threat hunting capability requires experienced incident response leadership as well as good relationships with law enforcement, says attorney Michael Zweiback.
The fundamentals of governance, risk and compliance are sorely lacking in too many organizations that are striving to improve cybersecurity, says Malcolm Palmore, an assistant special agent at the FBI.
When it comes to the internet of things, balancing the need to protect privacy against the need for technological innovation, such as to improve healthcare, is proving challenging, says attorney Jean Marie Pechette.
A recent global survey found that two-thirds of companies are seeing sales delays because of data privacy questions coming from their customers, says Robert Waitman of Cisco.
Banks need to improve customer identity verification by bolting on new tools, such as device reputation assessment and behavioral analytics, says Al Pascual of Javelin Strategy & Research.
Randy Trzeciak, director of the CERT Insider Threat Center at CMU, says he's frequently asked: "Haven't we solved the insider threat problem?" Far from it, he responds. In fact, he's helping many organizations start insider threat defense programs. He'll be a speaker at ISMG's New York Security Summit.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
