Over the years, most organizations acquire multiple tools for protecting data, but a variety of personnel and policies make it difficult to manage enterprisewide. Skyhigh Security's Nate Brady says it's time to look into the latest security service edge and secure access service edge solutions.
The ever-expanding threat landscape and the continued talent shortage mean defenders increasingly need to be ready with the skilled talent to face the onslaught of cybercriminals who are gaining momentum by employing new tactics, according to Pamela Nigro, ISACA board chair.
Even as an increasing number of companies begin to migrate their systems to the cloud for better performance optimization and cybersecurity, each company's journey is unique. Otis Elevator, a "100-year-old startup," shares its cloud migration journey challenges, workarounds and key takeaways.
Digital transformation has accelerated the pace of innovation but also created a broader attack surface and new vulnerabilities. Even worse, adversaries are more efficient, automated and effective than ever before, warned Art Coviello, managing partner of SYN Ventures.
While AI is presenting intriguing opportunities for productivity and innovation, the tech world must grapple with serious regulatory, legal and related policy considerations, said privacy, security and legal experts Benham Dayanim, Patricia Titus and Heather West in this CyberEdBoard talk.
Many of the cyber-related questionnaires that organizations ask their third parties to complete "are too broad" and not properly focused on questions related to the services or products being offered by that vendor, said Cassie Crossley, vice president of supply chain at Schneider Electric.
Cybercrime has grown considerably in the last several years. The scope, velocity and variability of attacks have increased, as has the attack surface - and it's impossible for humans alone to understand, correlate, find the cause, analyze and fix it, said Bipul Sinha, co-founder and CEO of Rubrik.
A key problem in organizations is that security and development are treated as two disparate processes instead of part of the same system. Executives deal with security issues after the fact and don't make it part of the development pipeline, said Nick Durkin, field CTO at Harness.
Some of the most sophisticated cyberattacks are being targeted at third-party suppliers in an effort to affect their critical clients, said Ashan Willy, CEO of Proofpoint. But often client organizations affected by these attacks do not even realize a key supplier has been hit, he said.
Public sector organizations often lack the resources needed to protect against nation-state attacks and espionage, while private sector entities often struggle in defending against ransomware and similar threats, said Yaniv Vardi, CEO of Claroty, who explained why more collaboration is needed.
The emergence and convergence of technologies - ranging from OT to AI and the shift to the cloud - are creating new threat vectors and security risks as well as opportunities, says Dave DeWalt, founder and CEO of NightDragon, who describes what keeps him up at night and why.
Companies that grow quickly through mergers and acquisitions often face an array of unique security risk challenges - as well as opportunities - said Ash Hunt, global CISO of Apex Group Ltd., who is helping to shepherd his organization through such a transformation.
Many small and medium-sized businesses are facing "generational trauma" in trying to comply with a variety of regulatory and other compliance issues as these requirements are being demanded by their larger business partners, insurers and others, says Tarah M. Wheeler, CEO of Red Queen Dynamics Inc.
When security teams buy dozens of security products, they also get dozens of dashboards and sometimes conflicting ways to approach security, which can create its own risk, said Saket Modi, CEO of Safe Security. Risk needs to be more visible and quantifiable, he said.
A cyberwar is afoot, but not every country can prepare and protect itself. Christopher Painter discusses how he built the Global Forum on Cyber Expertise Foundation to promote cybersecurity capacity-building around the world, cut redundancy in cyber training and prepare for anticipated threats.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.