In the wake of so many mega-breaches, new account fraud is easier to perpetrate than account takeovers. This puts new pressure on enterprises to know their digital customers, as well as to authenticate their identities and activities, says Shaked Vax of IBM Security.
Breach defense is a strategic business issue for most enterprises, but too many cybersecurity solutions rely more on flash than substance, says Lastline CEO Chris Kruegel. It's time to start talking about true breach defense.
An ongoing security operations center challenge is trying to get the right data to the right person at the right time. The problem is compounded by there being "too much data and not finding the right people to deal with the data," says Mischa Peters of IntSights. What can help?
Getting employees involved in data security requires explaining the benefits, such as avoiding service interruptions, says Paul Bowen of Arbor Networks, who offers insights on making security part of the daily routine.
To mitigate the insider threat, organizations should apply user behavior analytics powered by artificial intelligence, says Mark Bower of Egress Software Technologies.
To stop fraudsters, iovation's John Marsden wants organizations not just to ask customers to verify their personal details. He also wants organizations to take a good, hard look at the devices that alleged customers are using.
To better counter threats carried by content - email, attachments, files - Deep Secure's Simon Wiseman says organizations should investigate content threat removal, which involves extracting required data from content and discarding the rest.
Aaron Sherman, who recently made the transition from serving as an FBI agent investigating cybercrime and nation-state threats to working at Braintrace on ways to improve detection and response efforts, shares insights on the career change.
Every application should be protected the same way no matter where it resides, rather than focusing on a "perimeter" approach, says Doug Copley of Duo Security, who describes a "zero trust" approach.
A new kind of cyberattack that targeted financial institutions in Europe and Russia to steal nearly $100 million illustrates how threats are evolving, says Brian Hussey of Trustwave, who discusses mitigation steps.
The key to lowering the risk of employees becoming victims of phishing is to adopt an "adult learning" approach to training, says Brent Maher, CISO at Johnson Financial Group.
The growth of IoT means traditional methods of security are inadequate, says Steve Rog of ForeScout Technologies, who calls for improvements in security hygiene.
As businesses change their key strategies, they must ensure they mitigate new risks that emerge, says Chris Testa of Cybereason. This must go beyond a defense-in-depth approach to include a plan for what to do when an inevitable intrusion occurs, he says.
Stolen data is one thing - the consequences are obvious. But what if data is not stolen or leaked, but rather altered? What could be the damage? Diana Kelley of Microsoft discusses the emerging topic of data integrity and how to preserve it.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
