The U.S. Department of Defense is seeking attorneys who are cybersecurity subject matter experts and can embed inside each agency and work closely with each other, says Lt. Col. Kurt Sanger, an attorney and deputy staff judge advocate of U.S. Cyber Command.
Threat watch: The ongoing Russia-Ukraine war continues to pose both direct and indirect risks to enterprise networks, says Michael Baker, vice president and IT CISO of IT services and consulting firm DXC Technology. He also discusses recruiting and retaining new talent.
As Russia's invasion of Ukraine continues, it's notable that Ukraine's government - and much of the country - has remained connected to the internet. That's happening despite fierce Russian cyberattacks, says cybersecurity expert Mikko Hypponen, who highlights Ukraine's defensive mojo.
There's a lot of confusion in the market around what constitutes zero trust architecture, and Zscaler founder, Chairman and CEO Jay Chaudhry believes firewalls and VPNs shouldn't be part of a system that's supposed to not trust anybody or anything by default.
Jeremy Grant says many areas in cybersecurity are fragmented, but Grant Schneider adds, "We don't want everyone developing collaboratively because the competition drives a lot of innovation in this space." The two discuss striking the right balance between industry fragmentation and collaboration.
Former Rockwell Automation CISO Dawn Cappelli discusses the mission of the new Dragos OT-CERT - a cybersecurity resource designed to help industrial asset owners and operators build their OT cybersecurity programs, improve their security postures and reduce OT risk - and her role as its director.
Security leaders shouldn't ignore current geopolitical tensions, which are going to infiltrate into private sectors, says Troy Leach of the Cloud Security Alliance. And John Kindervag of ON2IT Cybersecurity says - for that reason - organizations need to stop being cheap on cybersecurity.
With the ongoing pandemic driving digital transformation and hybrid work, it's no surprise that the theme of this year's RSA Conference was "transform." Carrying forward that theme, RSA CEO Rohit Ghai says that channeling "disruptive forces at play" can be a powerful tool for driving needed changes.
Cyber adversaries are embracing defense evasion, triple extortion, wiper malware and the accelerated exploit chain, and that is significantly reshaping the threat landscape that CISOs have to deal with, according to Derek Manky, head of Fortinet's FortiGuard Labs.
One of the most important recent developments by CISA has been the creation of the Joint Cyber Defense Collaborative, which is focused on operational private-public collaboration, says Kiersten Todt, CISA chief of staff.
Software bills of material, or SBOMs, are still "years away" from being ubiquitous, says Grant Schneider, senior director for cybersecurity services at Venable. He says it will take time for them to catch on, and a set of standards and other critical components for industry need to be defined.
With rising threats facing critical infrastructure sectors, such as healthcare and financial services, "society as a whole, and the safety of society, is completely dependent on cyber risk" - and being security resilient, says Jeetu Patel of Cisco.
The world is a much different place since the previous in-person RSA Conference - and so is the cybersecurity marketplace. Alberto Yépez of Forgepoint Capital shares his view of the state of the industry and the market forces that may cause further change in 2022.
Art Coviello, former CEO of RSA and current partner with Rally Ventures, describes the cybersecurity industry trends he's watching closely as we hit the midway point of 2022, as well as which emerging technologies have not quite evolved in the way he might have anticipated.
The U.S. is on "borrowed time" for a major cyberattack that could potentially seriously disrupt critical infrastructure, but the nation can secure its systems and resources to avoid such cybersecurity disasters, says Rep. Eric Swalwell, D-California.