The definition of insider threat seems to have evolved since the hybrid workforce became the norm. More organizations are now talking about the "compromised insider." Randall Trzeciak of Software Engineering Institute said that in the last three years, insider threats have changed to insider risks.
A woman suing Lehigh Valley Health Network dropped her push for a court order requiring the medical center to pay ransomware hackers in exchange for their pledge to remove from the dark web partially naked exam room photos stolen during a hacking incident.
Generative AI has revolutionized the way people interact with chatbots. Ruby Zefo, chief privacy officer and ACG for privacy and cybersecurity at Uber Technologies, cited ChatGPT as an example of the need to conduct an "environmental scan" of both external and internal risks associated with it.
Divakar Prayaga, A.P. Moller - Maersk's director for security engineering, discusses the evolution of a CISO's role from a tech to a business partner, how it affects a firm's cybersecurity posture and how to get the best return on security technology investments amid challenging economic conditions.
As COVID-19 made remote work more prevalent, managing identity through both network and remote capabilities became a challenge for organizations. Zero trust is a big initiative for the Center for Internet Security, but applying zero trust principles to its infrastructure has not been easy.
Pre-RSA social media gaming predicted it. Many predicted they would loath it. And it happened: Discussions at this year's RSA conference again and again came back to generative artificial intelligence - but with a twist. Even some of the skeptics professed their conversion to the temple of AI.
Organizations often face challenges when they aim to build sustainable security programs at scale. Anna Westelius, director of security engineering with Netflix, discussed the company's big infrastructure projects that give it more leverage over time than investing in manual processes.
With new legal, contractual and cybersecurity requirements, the regulatory landscape is constantly changing on both local and national fronts. As a result, compliance can become increasingly difficult, leaving organizations with a certain amount of risk, said James Shreve, partner, Thompson Coburn.
The pandemic brought about notable shifts in technology and cybersecurity. It also widened the attack surface, making it bigger than ever before. This change is driven by factors such as hybrid workplaces, cloud migration and SaaS dependencies, according to SANS Institute's Ed Skoudis.
The number of ransoms paid by organizations is on the decline, which is positive news. But we know that the criminals are always innovating. Valerie Abend, global cyber strategy lead at Accenture, said cybercriminals are constantly learning to accomplish their objectives.
There is a growing need for "citizen data scientists," such as engineers and programmers, to better understand the inner workings of AI and ML as those technologies become more ubiquitous, said Tom Scanlon, technical manager of the CERT data science team at Carnegie Mellon University.
A renaissance around data protection has taken advantage of artificial intelligence and machine learning to boost data classification and governance, said Forcepoint CEO Manny Rivelo. Advances in areas like generative AI allow hackers to form sophisticated attacks that evade defenses like sandboxes.
Identity and access management technology has been around for decades, but identity-related breaches happen every day. The problem is not the underlying system. It’s whether organizations can take advantage of the wealth of data within their systems, says Radiant Logic's Wade Ellery.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.