It's common to say, "The human element is our weakest cybersecurity link." But author and educator James Bone has a different perspective. He weighs in on the human factor and the criticality of modifying enterprise risk management strategies.
Wendy Nather, head of advisory CISOs at Cisco, recently teamed up with researcher Wade Baker to investigate cybersecurity metrics and determine how to make a cybersecurity program measurably more successful. She shares some of her more surprising findings.
The COVID-19 pandemic created unique conditions for technology and surveillance practices to erode global privacy. In this discussion of their RSA Conference keynote, Niloo Howe and David Cole share their research, case studies and analysis.
How has the shift to remote working and multi-cloud environments affected the Security Operations Center, or SOC? Gene Yoo, CEO of Resecurity, and Bob Schlotfelt, CISO of the Los Angeles County Employees Retirement Association, discuss the state of the SOC today and essential steps to consider when outsourcing...
Securing the perimeter has given way to securing the application environment. And with this shift comes a new urgency to inject real-time security solutions in these dynamic new environments. Sameer Malhotra, CEO and co-founder of TrueFort, shares insights.
The "zero trust" security model, in the context of mainframe security, might be different than you'd think. Stuart McIrvine of Broadcom separates myths from realities and discusses the life cycle of zero trust on the mainframe.
Troels Oerting, a veteran CISO who most recently served the World Economic Forum, has a storied career. He's been there, done that and mitigated the risk. In this exclusive conversation, he shares his opinions on today's threats, emerging technologies and challenges for the next generation of security leaders.
The cybersecurity sector has made strides in growing its workforce and improving diversity. But significant hurdles remain, and Clar Rosso, CEO of (ISC)², says the keys to clearing them include training and refining current hiring practices.
Tool sprawl is a symptom, and complexity is cybersecurity’s chronic illness. Ashok Sankar of ReliaQuest shares ways to manage this complexity and help organizations rethink how they deploy and measure their cybersecurity defenses.
The cybersecurity adversaries embrace the concept of "shift left," so shouldn't the defenders? Shivajee Samdarshi of Venafi discusses the implications and mindset change for software development and engineering teams.
What do the world's leading encryption and security experts think about non-fungible tokens, supply chain attacks, coordinated vulnerability disclosure and the state of quantum computing? The cryptographers' panel at RSA Conference 2021 addressed all these issues.
Telehealth, a remote workforce, cloud migration - these were dreams, but not reality for many healthcare CISOs pre-pandemic. Today's a new world, and ChristianaCare CISO Anahi Santiago is happy to be helping to secure it. She discusses security's role in this new innovation.
A recent study showed that even though 82% of cybersecurity professionals are familiar with the MITRE ATT&CK framework, only 8% said they used it regularly. This led to development of the new MITRE ATT&CK Defender training and certification. Rick Gordon of MITRE Engenuity explains.
When it comes to faster payments, the only way to control fraud is to build in fraud and risk mitigation plans before a transaction is made, says Peter Tapling, board member, U.S. Faster Payments Council.
Manish Dave of LafargeHolcim has been part of the manufacturing industry all his professional life. He heads the IT security and internal controls for the APAC region and aims to have a false positive rate of zero.