Companies need better visibility into their ever-changing distributed environments "like never before," says Mike Kiser, director of strategy and standards at SailPoint. He discusses cloud governance, digital transformation and identities, and the importance of transparency in automation.
One of the most important recent developments by CISA has been the creation of the Joint Cyber Defense Collaborative, which is focused on operational private-public collaboration, says Kiersten Todt, CISA chief of staff.
Software bills of material, or SBOMs, are still "years away" from being ubiquitous, says Grant Schneider, senior director for cybersecurity services at Venable. He says it will take time for them to catch on, and a set of standards and other critical components for industry need to be defined.
With rising threats facing critical infrastructure sectors, such as healthcare and financial services, "society as a whole, and the safety of society, is completely dependent on cyber risk" - and being security resilient, says Jeetu Patel of Cisco.
The role was vastly different 10 years ago, and it will morph yet again 10 years from now. This makes the CISO's job the most challenging in the cybersecurity sector, says John Horn, cybersecurity practice director at Aite-Novarica Group. He shares highlights of recent research.
In the ever-shifting cybersecurity threat landscape, IT risks have never been more prominent. But what about operational technology? Lesley Carhart of Dragos discusses OT vulnerabilities, how adversaries are taking advantage and why Dragos has launched a new OT CERT.
Effective cyber risk management of vendors is critical to the success of organizations that are increasingly relying on these third parties, says Dave Stapleton, CISO of CyberGRX, who describes the importance of using a "true" third-party risk exchange.
Greg Murphy, CEO of Ordr, says there are three topics healthcare senior leaders and board members keep asking about: ransomware, ransomware … and ransomware. He discusses how healthcare entities are addressing their biggest threats, IoT devices, and the implications of the PATCH Act.
CISA says Chinese state-sponsored threat actors are exploiting known vulnerabilities to target public and private companies in the United States, and a related joint advisory from CISA, the FBI and the NSA describes how major telcos and network service providers have been exploited since 2020.
For CISOs, it's critical to not implement security without first carefully considering the user's experience, says Bernardo Vasquez, advisory CISO in the strategic client practice of Palo Alto Networks. He explains why and discusses other topics, including ZTNA 2.0.
As enterprise IT infrastructures become more complex, the faster vulnerabilities can be identified - and especially remediated - the better, says Michael Assraf, CEO and co-founder of Vicarius. He discusses why speed is critical to the vulnerability remediation process.
Most publicly traded security vendors specialize in one technology category, but Palo Alto Networks has built out industry-leading practices around network security, cloud security and security operations. CEO Nikesh Arora discusses this unique path.
SSNDOB, a darknet marketplace selling stolen Social Security numbers and birthdates, has been shut down, says the U.S. Department of Justice. The takedown was the result of a multiagency effort involving the IRS-CI, the FBI, the DOJ, and law enforcement agencies of Cyprus and Latvia.
Individuals who work on developing software - even if not employed by a technology firm - are under more stress than ever before, says Sonahi Shah, chief product officer at Invicti Security, who explains the ever-increasing pressure to develop secure code.
In the digitally transformed world, APIs suddenly are among the hottest attack vectors. Yet too many organizations fail to even have visibility into their API inventory, much less security. Oz Golan, CEO of Noname Security, discusses API security trends.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.