For Nicki Doble, group CIO and CISO at Cover-More Group - an Australian travel insurance company and part of the Zurich Insurance Group - the top priority is global security and privacy standardization across the organization.
Security automation is going to be the key for organizations to proactively protect themselves and also investigate incidents. Ty Miller of Threat Intelligence says security automation is driving everything from penetration testing to incident response.
There are fundamental challenges in how enterprises secure SOC data, and they start with: How do you grant access to the right people and deny it to the wrong people? Carolyn Duby of Cloudera opens up on how to address data governance, privacy and security concerns.
A lot of CISOs talk about having security "baked into" their products and solutions. But for Stephenie Southard, vice president and and CISO at BCU, security leadership is all about ensuring that cybersecurity is part of the enterprise's very fabric.
Ransomware attacks have evolved over the years as attackers have come out with new strategies for digital extortion, says Chris Novak, global director of the Threat Research Advisory Center at Verizon Business Group. He shares insight from the Verizon 2021 Data Breach Investigations Report.
The Identity Theft Resource Center, a nationally recognized nonprofit organization established to support victims of identity crime, has published new research that shows nearly 30% of people who contact the ITRC are victims of more than one identity crime.
The U.K. Cyber Security Council is a new self-regulatory body for the profession. It is tasked by the U.K. government to execute its vision for the U.K. to be one of the safest places to work and do business online, says the chair of the council’s board of trustees, Dr. Claudia Natanson.
It is particularly challenging for financial institutions to catch authorized push payment fraud. But behavioral metrics can play a big role in detecting these incidents, says Steve Ledford of The Clearing House.
Election security improvements, the push for all software to ship with a "bill of materials" and the results of a long-running investigation into a lucrative digital advertising scam are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.
XDR - cross-layered detection and response - should be implemented exclusively in the cloud or on premises, says Jason Cavallaro, national IT manager at CJD Equipment, a distributor of construction equipment in Australia.
The most significant component of President Biden's recently released executive order on cybersecurity is its call for the creation of software life cycle security standards, says Adam Isles, former deputy chief of staff at the U.S. Department of Homeland Security, who offers a complete assessment.
The key to reducing "alert fatigue" is to make sure alerts are repeatedly validated before they're distributed, says Chris Kubic, CISO at Fidelis Cybersecurity, who formerly served as CISO at the U.S. National Security Agency.
There's growing momentum around the use of software bills of materials, which allow for automated supply chain risk analysis. Patrick Dwyer of OWASP says that SBOMs and automation mean organizations can make better risk-based decisions on emerging security threats.