GDPR is in effect, and in one year, regulators will start to assess penalties against enterprises not in conformance with the regulation. How prepared are entities? Will it take a high-profile penalty to get the world's attention? Michael Hack of Ipswitch weighs in.
Cybercriminals and nation-state threat actors are beginning to act alike - and that's bad news for cybersecurity leaders and their enterprises, says Eward Driehuis of SecureLink. Here are the trends to track.
It's easy to draw a direct link between high-profile breaches and the compromise of user credentials. But it requires a phased approach to actually improve privileged access management, says Barak Feldman of CyberArk.
Today's cybersecurity industry is far too focused on keeping bad guys out, says Chris Pierson of Viewpost. Organizations need to pay more attention to keeping data inside the enterprise, he says, describing how to make the shift to a focus on limiting exfiltration.
A new open payments standard aims to not only enhance card security but also improve and expand the functions available through EMV. Payments expert Roger Applewhite says the standard will open new doors for cryptology and transaction routing.
Businesses are suffering from an influx of too much security technology packaged into too many solutions offered by too many vendors, says former RSA Chairman Art Coviello, who claims the proliferation of products isn't helping improve cybersecurity.
Cyber-intelligence expert Tom Kellermann sees a growing hostility in cyberspace, and he fears a new wave of advanced threats aimed not just at committing crimes, but at breaching critical infrastructure. Who are the top threat actors, and what are their key targets?
Cybersecurity incidents have evolved considerably since the TJX and Heartland breaches of 2007-08. And so has the discipline of incident response, says former prosecutor Kim Peretti, now a partner at the law firm Alston & Bird. She defines incident response 2.0.
CISOs are increasingly being asked by management and boards to predict what the cost of a breach or cyber incident might be. But most still need to develop good predictive metrics, says Benjamin Dean, president of Iconoclast Tech.
In his world travels, Steve Durbin of the Information Security Forum sees the global cybersecurity industry coming of age. But he also sees the steady maturation of cybercriminals and their schemes. How can organizations best counter the changing threat landscape?
As fraudsters continue to improve their email spoofing with better socially engineered schemes, business email compromise attacks will become more successful, says Denyette DePierro of the American Bankers Association, who discusses how banks can help customers avoid becoming victimized.
Organizations have more endpoints today than ever, and securing those endpoints is challenging, because it's rare that any one organization is responsible for all the endpoints that touch its network and servers, says Mike Spanbauer, vice president of research and strategy at NSS Labs.
More than15 years ago, the nation of Estonia rolled out a digital identity program for all citizens, allowing access to government services, banking, shopping - even voting. What lessons can global businesses learn from Estonia's example? Joseph Carson of Thycotic offers insight.