Organizations need to move away from spending money on perimeter security and instead focus on "protecting critical assets using encryption and key management," says Brad Beutlich, of Entrust. "At this point in time, the hackers cannot break encryption technologies," he adds.
Italy joined France and Austria in warning domestic companies to shy away from Google Analytics. The decision by the Italian data protection authority highlights ongoing legal uncertainty trans-Atlantic transfers of commercial data.
Unlocking the data generated by ransomware attacks is helping organizations better understand the risks, adopt defensive technologies and prepare for future attacks, says Wade Baker, partner at Cyentia Institute. He discusses new data on how quickly organizations are remediating vulnerabilities.
The move to remote working has created two sets of tools, policies and personnel that are making it harder for security teams to protect the enterprise, says Airgap Networks CEO and co-founder Ritesh Agrawal. He discusses how Airgap is addressing the challenges of hybrid work.
Four ISMG editors discuss important cybersecurity issues, including how Canada's Desjardins Group settled a data breach lawsuit for $155 million, how Facebook is being sued after allegedly violating patient privacy, and highlights from ISMG's Northeast Summit held in New York this week.
Emerging cybersecurity guidance from the U.S. Securities and Exchange Commission is helping to make boards of directors more informed and more eager to discuss cyber risks and how to mitigate them, says John McClure, CISO of Sinclair Broadcast Group.
Humana Business Information Security Officer Ankit Patel says the doctors, physician assistants and leaders that he deals with on a daily basis are laser-focused on providing care to patients and consider technology and security only as it relates to providing patient care.
It was the ultimate challenge: Build a cybersecurity program from scratch. Three years later, Jeff Farinich, CISO of New American Funding, talks about the transformation, aligning security with business needs and helping raise the bar on the enterprise's security maturity.
Tired of keeping track of passwords? Recent announcements by major platform vendors Google, Apple and Microsoft could have passwords down for the count in the next six years, says Andrew Shikiar, executive director of the FIDO Alliance, which has been on a 10-year mission to eliminate passwords.
Hacking group Gonjeshke Darande, or Predatory Sparrow in Persian, is claiming responsibility for hacking Iranian manufacturer Khouzestan Steel Company. The company shut down operations, but semiofficial Mehr News Agency reports that the factory is expected to return to normal by the end of today.
Rich Lindberg, CISO of JAMS, didn't set out to have a career in cybersecurity. Instead, he sought to make a living at what he enjoyed - programming. "I embraced fun," he says. Now he wants to help others do the same by growing the diversity of the industry workforce.
Watch out for APT and state-sponsored hackers using the Log4Shell vulnerability to gain unauthorized entry into unpatched VMware Horizon Systems and Unified Access Gateway servers, says a joint advisory from CISA and the U.S. Coast Guard Cyber Command.
To excel at cybersecurity incident response, start with planning, preparation and, ideally, regular tabletop exercises, say Kevin Li, CISO for MUFG Securities Americas, and Rocco Grillo, managing director of Alvarez & Marsal's Disputes and Investigations Global Cyber Risk Services practice.
Ping Identity is making a $50 million bet it can integrate cutting-edge technology into its own stack through a new in-house corporate venture fund to support identity and access management technology startups. "We want to have a nice overall corporate strategy portfolio," says Ping's Anton Papp.
Modern applications and architectures are permeating more deeply into organizations to transform back-office functions as well as those that directly affect the customer experience, according to Kara Sprague, F5's executive vice president and general manager of application delivery.