OT security programs continue to be underfunded and understaffed, although rapid growth in this sector and new focus from government and organizations show hope, said Alexander Antukh, CISO of AboitizPower, and Mex Martinot, vice preisdent and global head of industrial cybersecurity, Siemens Energy.
Organizations need to look at privacy at a strategic and "almost cellular level" that is in constant motion, said Michelle Dennedy, CEO of PrivacyCode. "It's generative privacy." Dennedy said that nearly 75% of the world is governed by a GDPR-like scheme, and it's time for the U.S. to follow suit.
Threat intelligence is an important component of OT security because it maps the techniques and tactics of threat actors to what they are likely to attack, and it collaborates across teams to cover potential vulnerabilities, according to CISOs Susan Koski and Sapan Talwar.
APIs are delivering huge business value, but people don’t know how many APIs they have in their organization, what they do or who controls them. And that causes massive security vulnerabilities, according to CyberEdBoard panelists Chase Cunningham and Richard Bird.
In the online world, knowing and trusting who you are interacting with has been a problem for decades. When it comes to assessing the state of identity verification, "we certainly have a lot of problems to address," according to identity expert Jeremy Grant of Venable.
While multifactor authentication helps solve some of the problems with passwords, we still need to get to being truly passwordless, said Susan Koski, PNC Financial Services. She said adopting the FIDO standards, using zero trust and relying on authentication analysis can all help speed the journey.
In light of former Uber CSO Joe Sullivan's sentencing, five cybersecurity executives from distinct walks of cybersecurity discuss how professionals can protect themselves from personal liability for making business decisions while doing what's best for their organization.
With MFA becoming ubiquitous, hackers are finding it increasingly difficult to use technical skills to penetrate protected systems, leading to an increase in attacks focusing on the human element, said Scott Hellman, supervisory special agent, FBI San Francisco.
The ransomware threat is becoming increasingly pervasive. At least 10,000 different variants are victimizing organizations that thought they were well-prepared to tackle this growing menace, said Vishak Raman of Fortinet, which recently released a report on ransomware trends.
A startup cybersecurity strategy should be akin to a Russian doll: It should be built to preserve core elements of business. In most cases, this is a product offering, which needs to be secure, said Venkat Ranga, vice president of business information systems and head of IT at Aryaka Networks.
With the growing dominance of AI and concerns over its responsible use, is it time to move toward AI ethics by design? Sameer Ahirrao, founder of Ardent Privacy, shared how privacy and regulatory verticals should - and will - shape the future of AI.
Ron Gula practices what he preaches. The cybersecurity industry veteran who formerly led a market-leading vendor now works as an investor and philanthropist and focuses on expanding inclusivity - most recently via a $1 million grant to nonprofits that promote neurodivergent opportunities in cyber.
As organizations increasingly look to use artificial intelligence to boost cybersecurity, Kroll's Alan Brill discusses how sound legal counsel and compliance officers can ensure caution and assist with due diligence for the effective implementation of the technology.
Privacy protections must be important considerations throughout the life cycle and in all touchpoints involving customer data collected and used by financial institutions such as Equitas Small Finance Bank, says Venugopal Parameswara, the institution's CISO.
Artificial intelligence can solve really old problems around data wrangling and data protection that are essential to many security investigations, said Norwest Ventures' Rama Sekhar. The VC firm is looking at emerging companies that use large language models to automatically clean up data.