Deception technologies can play a critical role in mitigating cyber risks, says Devender Kumar, CISO at TMF Group, who also other sizes up other key technology investments and reviews challenges CISOs are facing. He'll be a featured speaker at ISMG's Cybersecurity Summit in Mumbai on Nov. 21.
Agile environments benefit from development platforms and open-source software, but that also raises the risks of attacks seeded in those supply chains, says Chet Wisniewski of Sophos, who describes steps that organizations can take to mitigate the risks.
Robotic process automation aims to use machine learning to create bots that automate high-volume, repeatable tasks. But as organizations tap RPA, they must ensure they take steps to maintain data security, says Deloitte's Ashish Sharma.
Large or small, enterprises from all sectors are dealing with the same vulnerabilities in open source code. The difference: the scale of the problem. DJ Schleen of Sonatype discusses insights from the latest ISMG roundtable dinner.
What's the purpose of ISO 27701, the new privacy extension to the ISO 27001 information security management standard? Matthieu Grall, CISO and DPO at SodiFrance, a French IT services company, who participated in development of 27701, explains the standard and discusses "privacy by design" compliance issues.
The latest edition of the ISMG Security Report analyzes Twitter's repurposing of user phone numbers for targeted advertising. Plus: A discussion of 5G security issues and findings of the Internet Organized Crime Threat Assessment.
ISMG and Rapid7 kicked off a roundtable dinner series in San Francisco, where Rapid7's Scott King says the conversation showcased the challenges security leaders face in engaging business leaders to discuss risk.
The latest edition of the ISMG Security Report analyzes concerns about the use of Huawei equipment by U.S. telecommunications firms. Also featured: A Huawei executive discusses 5G security, plus an update on an Australian ransomware attack.
Financial institutions' boards as well as senior management should set clear expectations for cyber risk management and then carefully monitor the efforts, according to the Monetary Authority of Singapore's Cybersecurity Advisory Panel, which also stresses the need to manage supply chain risks.
Microsoft's Remote Desktop Protocol is one of the most widely used utilities for connecting to remote machines. But it poses risks if organizations don't actively monitor how it's used, says Chris Morales of the security firm Vectra.
With record breaches, regulatory action and GDPR fines in the news almost weekly now, security needs to be at the forefront of all digital business projects. However, a recent IDG study found that only 42% of CISOs are involved in those projects from the very beginning.
Watch this OnDemand webinar and learn...
What are some of the most important aspects in managing vendor security risk when taking on third parties to handle sensitive data? Mitch Parker, CISO of Indiana University Health, explains the critical steps his organization is taking in its approach to vendor risk.