As information technology and operational technology converge, security leaders face the challenge of protecting the enterprise against advanced threats, says Richard Peters of Fortinet, who discusses how IT and OT teams can find a common language.
A fresh round of phishing attacks is relying on using trusted services and a well-designed social engineering scheme to trick users into enabling malware to bypass an end point's security protocols, says Aaron Higbee of the security firm Cofense.
As organizations that shifted to a remote workforce consider allowing some workers to return to the office environment, CISOs must reassess their security infrastructures, says Chris Kubic of Fidelis Cybersecurity, who formerly was CISO at the National Security Agency.
Companies can use data analytics and artificial intelligence to help mitigate the risk of collusion between their employees and vendors, says Amine Antari, managing director at the consultancy Kroll.
The COVID-19 pandemic has highlighted the need for organizations to quickly embrace change and adapt to the "new normal" to maintain business continuity. Greg Foss of VMWare Carbon Black offers insights on how to adapt and survive.
To deal with today's dynamic workforce, becoming a cloud-first business is imperative. Anupam Sahai of Unisys and John Bunn of Microsoft discuss how to meet the challenges of securing the hybrid cloud.
Which entities will be custodians of our identities? David Birch of Consult Hyperion discusses why banks could be likely candidates for this emerging role.
Dallas County, one of the 10 largest counties in the U.S., was accustomed to an entirely on-premises workforce. Then came the pandemic. The Texas county's CISO, Michael Anderson, tells how he planned for business resiliency - and why he owes it all to frameworks.
Cybercriminals are exploiting and using weak IoT devices in new ways, including as proxies for e-commerce fraud, says Allison Nixon of Unit 221b, who predicts that the next mass attack on the scale of Mirai will likely be way worse.
Digital transformation, IoT deployments and government regulations are creating new security challenges, especially for financial institutions. Steven Mond of Forescout explains how a mature network segmentation strategy can help address those challenges.
Security awareness and compliance training is an essential component of mitigating risks for the remote workforce in the financial services sector, says Theo Zafirakos of Terranova Security, who outlines key steps.
Because so many organizations have shifted to a remote workforce, cloud services have become essential, creating new risks. Homayun Yaqub of Forcepoint explains why greater visibility is the key to better security in the new environment.
How have the COVID-19 pandemic, lockdown and job losses affected the character and composition of the internet? Rapid7's Tod Beardsley rounds up the latest research into the prevalence of outdated and unsecured internet protocols and internet-connected devices - and there's both good and bad news.
It's illegal in the U.S. to circumvent technological measures on software, either for security research or to install a fix. But Kyle Wiens of iFixit says the growing "right to repair" movement is seeking to put the power back into the hands of device owners.
Asset management, which is sometimes overlooked, can help improve security plans and reduce risk, says Lenny Zeltser of Axonius, who offers strategic insights.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.