Identity is now the first line of attack, so how can enterprises minimize their attack surface? Identity threat detection and response is a newly recognized cybersecurity solutions category. Sean Deuby of Semperis discusses ITDR and how enterprises can best take advantage of it.
As the Information Security Media Group editors wrapped up their coverage of RSA Conference 2023, everyone agreed that it was good to have the cybersecurity community back together in one place, working to solve the serious issues it faces, including AI, adversaries and "regulatory tension."
The intelligence community long refrained from adopting open-source technology, but its value has become evident with the rise of cloud computing and machine learning. Practitioners also are shifting toward open-source intelligence to augment the information obtained through human intelligence.
Now in its 10th year, the Thales Data Threat Report outlines and quantifies the key threats faced by the global cybersecurity industry. Ransomware continues to be a growing threat but, surprisingly, more than half of respondents have no defense plan in place, said Thales' Todd Moore.
Cybercriminals are becoming increasingly innovative and shifting toward more targeted and destructive attacks, using wiper malware, which was previously only used by APT-focused, nation-state actors. Also, ransom payment demands are reaching seven to eight figures.
It's getting harder to distinguish between normal and unusual threat activity, with more sophisticated attacks exacerbated by hybrid work and, soon, AI attacks. Defenders need correlated rather than isolated telemetry to get more signal and less noise, say Jeetu Patel and Tom Gillis of Cisco.
The threat posed by cybercriminals and fraudsters creates shared risks across the financial services industry including fintech companies. But fintech firms can balance rapid innovation with security and work with each other and governments to repel attackers, said Razorpay CISO Hilal Lone.
Policy buzz around RSA Conference 2023 is centering on the new National Cybersecurity Strategy that seeks to hold software makers liable for security flaws. While federal officials say the industry will embrace the new rules, some are talking about the lobbying and legal challenges ahead.
Automated XDR platforms are increasingly sought after as organizations grapple with tool sprawl and the complexity of their security stack. But is there a risk of XDR platforms becoming a single point of failure? Microsoft Senior Director Scott Woodgate emphasized building "resiliency" for XDR.
Between April 21 and 27, hackers stole $1.8 million from Merlin, $22,638 from Kucoin and $170,000 from Trust Wallet and attacked UniSat Wallet. The U.S. indicted two men for DPRK-linked money laundering, and a U.K. parliamentary panel heard plans to curb cybercrime with better crypto seizure skills.
Two experts from HackerOne - Marten Mickos, CEO, and Alex Rice, CTO and co-founder - provide insights on the similarities and differences between ethical hackers and in-house red teams, as well as the misconceptions around engaging with ethical hackers.
Organizations have long been using software from open-source ecosystems without fully realizing how much software they actually pull from these libraries, but the potential downstream effects of security flaws could have a major impact, said Pete Morgan, co-founder and CSO at Phylum.
A key challenge for intelligence analysts is not just finding the right data intelligence but determining how much to trust it and how to make it relevant to their organization. Flashpoint is aiding this by streamlining workflow, said Chief Product and Engineering Officer Patrick Gardner.
Developers want to move quickly and they want security to be "a natural part" in every step of the software development life cycle. Generative AI can play a pervasive role in helping cybersecurity keep up the pace, according to Brian Roche, chief product officer at Veracode.
Venture capitalist Alberto Yépez says there are opportunities to innovate in this economy. The market is self-correcting, but the demand for cyber protection has increased with the rise in cyberattacks and increased regulations, making it a top priority in terms of technology budgets, he said.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.