Security automation is going to be the key for organizations to proactively protect themselves and also investigate incidents. Ty Miller of Threat Intelligence says security automation is driving everything from penetration testing to incident response.
There are fundamental challenges in how enterprises secure SOC data, and they start with: How do you grant access to the right people and deny it to the wrong people? Carolyn Duby of Cloudera opens up on how to address data governance, privacy and security concerns.
A lot of CISOs talk about having security "baked into" their products and solutions. But for Stephenie Southard, vice president and and CISO at BCU, security leadership is all about ensuring that cybersecurity is part of the enterprise's very fabric.
Ransomware attacks have evolved over the years as attackers have come out with new strategies for digital extortion, says Chris Novak, global director of the Threat Research Advisory Center at Verizon Business Group. He shares insight from the Verizon 2021 Data Breach Investigations Report.
The Identity Theft Resource Center, a nationally recognized nonprofit organization established to support victims of identity crime, has published new research that shows nearly 30% of people who contact the ITRC are victims of more than one identity crime.
The U.K. Cyber Security Council is a new self-regulatory body for the profession. It is tasked by the U.K. government to execute its vision for the U.K. to be one of the safest places to work and do business online, says the chair of the council’s board of trustees, Dr. Claudia Natanson.
It is particularly challenging for financial institutions to catch authorized push payment fraud. But behavioral metrics can play a big role in detecting these incidents, says Steve Ledford of The Clearing House.
Election security improvements, the push for all software to ship with a "bill of materials" and the results of a long-running investigation into a lucrative digital advertising scam are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.
XDR - cross-layered detection and response - should be implemented exclusively in the cloud or on premises, says Jason Cavallaro, national IT manager at CJD Equipment, a distributor of construction equipment in Australia.
The most significant component of President Biden's recently released executive order on cybersecurity is its call for the creation of software life cycle security standards, says Adam Isles, former deputy chief of staff at the U.S. Department of Homeland Security, who offers a complete assessment.
In this week's panel discussion, four editors at Information Security Media Group discuss cyber insurance, persistent ransomware attacks and whether ransom payments should be banned.
The key to reducing "alert fatigue" is to make sure alerts are repeatedly validated before they're distributed, says Chris Kubic, CISO at Fidelis Cybersecurity, who formerly served as CISO at the U.S. National Security Agency.
There's growing momentum around the use of software bills of materials, which allow for automated supply chain risk analysis. Patrick Dwyer of OWASP says that SBOMs and automation mean organizations can make better risk-based decisions on emerging security threats.
Customer data, PII, web apps – your strategic assets are digital, and they require a new degree of digital risk protection. In this exclusive panel, CISOs Todd Carroll of CybelAngel and TJ Hart of PlanSource discuss the needs, scope and practical use cases.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
