The public-private Ransomware Task Force last year issued numerous recommendations for battling ransomware, and task force member Marc Rogers of Okta says that while the problem persists, better mechanisms are helping to blunt such criminal activity.
How can companies make their cybersecurity posture more transparent to stakeholders? That's a question being asked by both boards of directors and potential investors, says Stephen Boyer, founder and CTO of BitSight. He discusses the impact of new regulations and guidance from agencies.
Organizations have created significant security challenges by rapidly migrating applications, data and workloads to multiple public clouds over the course of the COVID-19 pandemic, according to Abbas Kudrati of Microsoft and Upendra Singh of HCL.
Ransomware groups such as Conti are beginning to move away from encrypting systems. Instead, they are stealing data, especially from public companies, and threatening to leak it publicly to extort ransom payments, says cybercrime expert Vitali Kremez, CEO of AdvIntel.
As Russia's invasion of Ukraine continues, it's notable that Ukraine's government - and much of the country - has remained connected to the internet. That's happening despite fierce Russian cyberattacks, says cybersecurity expert Mikko Hypponen, who highlights Ukraine's defensive mojo.
Threats facing industrial control systems are well-documented, and as the Russia-Ukraine war continues, concerns are rising about reprisals aimed at poorly protected Western critical infrastructure, says Lionel Jacobs Jr., security architect for ICS and SCADA systems at Palo Alto Networks.
Implementing modern architectures such as zero trust and secure access service edge remains an issue for many organizations. This challenge is further amplified by the shortage of skilled cybersecurity personnel, says Kate Adam, senior director of enterprise product marketing at Juniper Networks.
Business-critical applications, the crown jewels of the modern enterprise, are increasingly targeted due to their significant value, and many organizations are struggling to secure them. These systems must be properly deployed, monitored and maintained, says Onapsis CEO Mariano Nunez.
Two business associates are at the center of recently reported health data breaches affecting a total of more than 3 million individuals and counting, spotlighting again the security and privacy risks posed by vendors to healthcare entities and their patients' information.
Critical infrastructure providers face a unique set of challenges when it comes to securing their environment from the cruciality of uptime to complying with new federal directives, according to Mark Cristiano, commercial director for Rockwell Automation's global services business.
Organizations face major challenges gaining visibility into networks that grow more complex by the day, and Corelight CEO Brian Dye says the open-source community can help with gathering evidence and insights from networks so that the perimeter is better secured.
There's a lot of confusion in the market around what constitutes zero trust architecture, and Zscaler founder, Chairman and CEO Jay Chaudhry believes firewalls and VPNs shouldn't be part of a system that's supposed to not trust anybody or anything by default.
CISO Eric Sanchez of Kyowa Kirin North America discusses the nuances and challenges of building a security program at an international company. He shares strategies for managing the people, operations and technology and explains why strong interpersonal and crisis management skills are a must.
Jeremy Grant of Venable says we are getting closer to eradicating the password. He says that in the next 12 to 18 months, "There will be a lot of uptake from big, consumer-facing brands to finally kill the password and let people instead create a passkey when they sign up for an account."
As information technology - aka IT - and operational technology - aka OT - continue to converge, organizations must stay ahead of new security challenges and threats, says Mex Martinot, vice president and global head of industrial cybersecurity at Siemens Energy.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.