Ransomware tactics have shifted. Martin Zugec, technical solutions director at Bitdefender, discusses the evolution of ransomware threats. Zugec points out that attackers have moved to opportunistic targeting and details the rise of automation in initial compromises.
Christiaan Beek of Rapid7 reveals alarming trends in zero-day exploits, especially against network appliances. The financial rewards of ransomware are enabling threat actors to buy zero-days. He urges firms to enhance detection and patching strategies.
Security leadership has evolved significantly in recent years, moving beyond technical expertise to strategic partnerships within organizations. Security professionals now articulate business value and align with organizational objectives, said Paul Watts of Information Security Forum.
Implementing governance, risk and compliance in a global organization comes with challenges. The complexity increases with sophisticated cyberthreats and an evolving geopolitical landscape. Organizations must stay one step ahead, said Purvi Kay, head of cybersecurity GRC at BAE Systems.
Cybercriminal campaigns aided by generative AI and political misinformation campaigns by nation states are just two of the latest risks organizations are facing. That's why cyber risk management has become a focal point for CISOs, said Jon Clay, vice president of threat intelligence, Trend Micro.
The increasingly regulated landscape of cybersecurity is changing across Europe, America and Asia. Rohan Massey, partner at Ropes & Gray, speaks about the complexities organizations face and the importance of strategic prioritization to comply with regulatory challenges effectively.
The latest ransomware attack that led to pathology service outages at multiple London hospitals underscores the need for more robust healthcare sector security and resilience measures, including threat hunting, said Andrew Cooke, director of information security services at Acacium Group.
Third-party vendors should be supervised rigorously to prevent data breaches and ensure transparency across all organizational levels, according to Jonathan Armstrong, partner, Punter Southall Law. CISOs have to educate their boards on systemic risks, he said.
AI offers significant business benefits but also introduces data privacy risks. According to Harmonic Security's CEO Alastair Paterson, CISOs worry about sensitive data shared with third-party applications. "Our approach is certainly security for AI," he said.
Two key concepts are shaping how organizations protect their digital assets: cybersecurity by default and cybersecurity by design. Professor John Goodacre, director, Digital Security by Design, UKRI, discusses the need to design technology that inherently protects against vulnerabilities.
Ray Ellis, head of AI security at Philip Morris International, emphasized the necessity of capturing requirements for securing AI capabilities, protecting privacy, understanding legal implications and ensuring enterprise architecture that prevents shadow AI.
Live from Infosecurity Europe Conference 2024 in London, ISMG editors and special guest CISO Ian Thornton-Trump close the event by discussing key topics including progress on AI-based cybersecurity solutions, efforts to help organizations boost resilience, and the looming specter of new regulations.
Organizations often grapple with the question of whether relying solely on Microsoft for cybersecurity is enough. Kevin Robertson, chief operating officer and co-founder of Acumen, makes the case for including best in breed security technology and services from specialized vendors.
Ian Thornton-Trump, CISO of Cyjax, shared the importance of flexibility and continuous learning - key qualities that have shaped his career. These skills are crucial in adapting to the rapidly changing cybersecurity landscape and preparing for emerging threats, he said.
Information Security Media Group editors are live at Infosecurity Europe Conference 2024 in London with an overview of opening-day activities and hot topics including the latest ransomware trends, software security, election security and artificial intelligence risks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.