An ongoing security operations center challenge is trying to get the right data to the right person at the right time. The problem is compounded by there being "too much data and not finding the right people to deal with the data," says Mischa Peters of IntSights. What can help?
To stop fraudsters, iovation's John Marsden wants organizations not just to ask customers to verify their personal details. He also wants organizations to take a good, hard look at the devices that alleged customers are using.
To better counter threats carried by content - email, attachments, files - Deep Secure's Simon Wiseman says organizations should investigate content threat removal, which involves extracting required data from content and discarding the rest.
Snowden proved you can't trust on the inside. OPM proved you can't trust the outside. Who should you trust when it comes to your data? No one! In this provocative and informative presentation, retired Brigadier General Greg Touhill, the first Chief Information Security Officer of the U.S. government and current...
Security hygiene can be poor, and criminals know it. Fraudulent activity costs are in the billions worldwide across industries, and over 16 million consumers in the US were victims of identity theft or fraud in the past year. Learning to onboard new data at the speed of the business will ensure your fraud team can...
The terms artificial intelligence and machine learning are in abundant supply at this year's RSA Conference. Sam Curry of Cybereason cuts through the hype to explain how he sees these technologies augmenting cybersecurity.
In this session, Curry discusses:
What's real and what's snake oil in AI and ML;
Public and hybrid cloud adoption is exploding, but so are cloud hacks and breaches. Cloud assets are at risk from the same types of threats targeting physical networks, but traditional security protecting premises-based networks doesn't work in dynamic and elastic cloud environments.
What's more, cybercriminals are...
Patch management problem: Organizations must identify and fix all new vulnerabilities in their software and hardware as quickly as possible. Unfortunately, on average, attackers keep exploiting flaws faster than they're being patched, says Tenable's Gavin Millard.
In the age of GDPR, more organizations are looking to data classification - including more automated techniques for doing so - as a way to not only help them protect their crown jewels, but in the case of a breach quickly identify what went missing, says Digital Guardian's Tony Themelis.
Police recently arrested the suspected administrators and top users of the stresser/booter service Webstresser.org. Unfortunately, the plethora of such services means the world is unlikely to see a reduction in DDoS attack volumes, says Darren Anstee of Arbor Networks.
To have any hope of keeping up "with the exponential rise in variants in malware," organizations must reduce their attack surface, in part by using technology designed to learn what attacks look like and respond as quickly as possible, says Cylance's Anton Grashion.
Businesses undertaking digital transformation - typically involving a push to the cloud, amongst other initiatives - must put security first if they want their project to achieve optimum success, says Fortinet's Patrick Grillo.
Open source software components may be free, but that doesn't automatically make them safe to use. "There can be risks involved," says Steve Giguere, of Synopsys, who says these risks are often compounded by the pressure to deliver goods to market quickly and with new features.
The difficulty in hiring new information security personnel and need to combat the ever-rising number of threats is driving many organizations to seek increased incident response automation, and in many cases to get it by working with managed security service providers, says AlienVault's Mike LaPeters.
As organizations move more data into the cloud, too many are treating security as an afterthought, says Outpost24's Bob Egner. Instead, as part of an agile development program, he recommends making penetration testing a constant, and using solid DevSecOps to maintain optimal cloud data security.