CISOs need to work with partners in other departments to help ensure the success of major security projects, says John Pescatore, the director of the SANS Institute, who spoke at RSA Conference 2019.
The Global Cyber Alliance has unveiled a "cybersecurity toolkit" for small to midsize enterprises. Phil Reitinger of the GCA and Jon Brickey of Mastercard discuss this new program.
Malicious and accidental insiders alike have drawn renewed attention to the insider threat. Patrick Knight of Veriato offers new insight on the scale of the problem and how to tackle it.
A former patient coordinator at UPMC, a medical center in Pittsburgh, has pleaded guilty to wrongfully disclosing health information in a rare case involving criminal prosecution for violating HIPAA.
By 2025, the volume of data is projected to grow by a factor of 10. How can enterprises hope to identify and secure sensitive data at the speed of business? Stephen Cavey of Ground Labs shares insights.
Five years ago, rating the cybersecurity posture of organizations to help reduce risk and improve their security posture was a new idea. Since then, the concept has been expanded to include everything from threat management to cyber insurance premiums, says Sam Kassoumeh, COO of SecurityScorecard.
Successful CISOs distinguish themselves by the length of their tenure in the job, which in many cases depends on their ability to communicate with the board of directors and senior managers, says Mat Newfield, CISO of Unisys. And that involves much more than demanding additional money and people.
Small and midsize organizations are no less vulnerable to cyberattacks than large enterprises. Dan Smith of Zeguro outlines an approach for these organizations that fuses cybersecurity with insurance.
For a managed security service provider to deliver maximum value for customers, it needs to provide a hybrid approach that delivers not only actionable security information but also context, says Matt Peters of Expel.
Information security programs continue to rely not just on security policies, but also the controls that ensure they get enforced. Unfortunately, such controls begin degrading the moment they're put in place, sometimes rapidly, says Josh Mayfield, director of security strategy at Absolute Software.
Forget inside/outside the perimeter when mitigating risks. That's the notion behind "zero trust," which means applying risk-based controls to safeguard access, says Stephen Cox of SecureAuth.
Nearly 10 months after the beginning of enforcement of the EU's GDPR privacy regulation, organizations around the world are still learning plenty of compliance lessons - including how to locate all personal data so it can be protected, according to regulatory experts on a panel at RSA Conference 2019.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
