Applying a "zero trust" model is fast becoming essential for organizations as the mobile workforce uses a variety of devices to access applications and services running in-house and with external providers, says Duo Security's Jaret Osborne.
Security leadership requires far more than knowing about the latest technology, says Joyce Brocaglia, founder of the Executive Women's Forum, who offers insights on how CISOs can enhance their reputations.
Network detection and response, endpoint detection and response, and SIEM are the "visibility triad" of critical data sources for effective threat hunting and incident response, says Matt Cauthorn of Extrahop, who explains why.
With new threats targeting the nation's critical infrastructure, partnerships among government and private-sector security professionals are more critical than ever, says Brian Harrell of the new U.S. Cybersecurity and Infrastructure Security Agency.
Healthcare organizations must actively manage their in-house medical internet of things to ensure that they can provide high levels of patient care while minimizing the inevitable risks posed by internet-connected medical devices, says Fortified Health Security's Dan Dodson.
The payment card industry needs to do more to tackle the rising problem of fraud, says information security expert William H. Murray, pointing to the new Apple Card - which lacks the card number printed on it - as an example of how the industry must evolve. But numerous cultural challenges remain, he says.
When crafting an identity and access management strategy, organizations need to balance the need for improved security with giving employees the freedom they need to do their jobs, says John Bennett of LastPass by LogMeIn.