Businesses need to find more ways of incentivizing good researchers to find flaws in technology before bad actors discover them, says Rafael Narezzi, CIO of financial services firm TS Lombard. For every bug hunter with good intentions, how many more are developing weaponized exploits for sale on darknet markets?
How can you battle scammers and fraudsters as well as foster trust and protect the brand? For Gumtree - Britain's largest online classifieds platform, owned by eBay - the answer is simple: trial and error, says fraud communications manager Fergus Campbell.
In the wake of recent massive data breaches, such as the Equifax hack, a flood of stolen data is leading to a whole new wave of account takeover crimes, says Emma Mohan-Satta of Kaspersky Lab. How can organizations refine their defenses?
Thom Langford, CISO of Publicis Groupe, says all companies should consider two essential elements when crafting an incident response plan: strong legal representation and a communications plan that considers both internal and external messaging.
"Are we vulnerable to the attacks that are being reported in the media?" All CEOs and boards of directors should be asking that question of their information security team to ensure they don't suffer the same fate - especially when it comes to ransomware outbreaks, says David Stubley of 7 Elements.
As a digital forensics investigator, Vesta Matveeva of Russia's Group-IB has great insight into the latest cyberattack trends - and the attackers. What conclusions can we draw about how to bolster defenses in 2018?
Organizations need to develop "a friendly business relationship" with law enforcement so they can share information about a data breach to help with the investigation, says Luis Cerritos of the Royal Canadian Mounted Police.
Organizations that must comply with Europe's GDPR need to identify gaps in their ability to meet various requirements, including making prompt breach notifications and gaining consumers' consent to store their data, says Sunil Chand of Grant Thornton.
All the key players of a company's management group, including the CISO, need to be involved in the decision about whether to invest in cyber insurance, says Greg Markell of Ridge Canada Cyber Solutions, a cyber insurer.