Culture is everything when it comes to building a security mindset within an engineering organization. Without the right values in place, development and security teams often lack alignment, which can become a blocker for shipping projects and moving the business forward.
To help mitigate the risks of state-sponsored cyberattacks against India's critical infrastructure - and improve detection and response - requires industry collaboration and information sharing, root cause analysis with specialized forensics, and better testing of code, a panel of experts says.
CIO. Consulting CISO. Mentor. Activist on behalf of recruiting more women for cybersecurity and leadership. Jo Stewart-Rattray has filled many roles, and she has great insights to share with those who are starting or changing careers.
President Joe Biden has nominated two U.S. National Security Agency veterans for top cybersecurity positions as the White House continues to confront the fallout from the SolarWinds supply chain attack as well as attacks against on-premises Microsoft Exchange email servers.
Organizations are using DevOps and Agile practices, coding in containers
and microservices, and adopting Kubernetes at a record pace to help
manage all these components. Even five years ago, the level of agility,
speed, and flexibility the cloud-native stack enables was but a dream.
Since Google first introduced...
CISA is warning that local K-12 school districts are increasingly under assault by cyberthreats targeting vulnerable networks that are disrupting physical and virtual education throughout the U.S. The top security problems include ransomware, Trojans and other malware as well as DDoS attacks.
Enterprises should have an incident response plan with a continuous monitoring threat intelligence sharing mechanism to help protect critical infrastructure from nation-state attacks, says Jayesh Ranjan, principal secretary-IT, government of Telangana
An enterprise's cross-functional groups responsible for the business growth and brand reputation should be held equally accountable for cybersecurity. That's the view of a CISO and a CTO who participated in a fireside chat at ISMG's recent Virtual Cybersecurity Summit.
India's urban cooperative banks need to take a holistic approach to build a security governance structure, opt for an ASP services model and map their business-critical risks to comply with the RBI's security posture guidelines, according to a panel of experts.
Adopting a "security by design" approach and weaving it into the digital transformation road map helps organizations defend against cyberthreats, says Reem AlShammari, CISO at Kuwait Oil Co., who also advocates threat information sharing.
Information Security Media Group's members-only CyberEdBoard CISO community has opened its doors, giving senior cybersecurity practitioners a private ecosystem to exchange intelligence, gain access to critical resources and enhance personal career capabilities in collaboration with peers around the world.
The year 2021 will see an increase in third-party risks, the evolution of MSSPs, and maturity in identity governance as enterprises in the Middle East region take a fast track approach to the 'cloud-first' strategy, according to a panel of experts.
An organization has successfully implemented a "zero trust" framework when it can achieve context-aware resolution of a risk, says Dr. Siva Sivasubramanian, CISO of SingTel Optus, an Australian telecommunications firm.
The number of cybersecurity incidents reported to the U.K.'s data privacy watchdog has continued to decline, recently plummeting by nearly 40%. But is the quantity of data breaches going down, or might organizations be failing to spot them or potentially even covering them up?
While nearly three-quarters of cybersecurity professionals would grade their organization's
ability to identify and mitigate a cyberattack, as above average or superior, nearly half have
been subject to a spear-phishing attack and a third have suffered a malware incident in the
last year. Further, over half of...