Tenable wants to help the cybersecurity industry move away from traditional vulnerability management focused on giving customers a list of vulnerabilities. Instead, CEO Amit Yoran wants to help customers understand their exposure and how they can effectively manage and reduce risk.
When security practitioners lose their initial enthusiam for hunting cyberthreats, their companies begin to fail at cybersecurity, says CISO Marco Túlio Moraes. He discusses how collaborating with the business lines and moving from awareness to education all around can help fix this problem.
A well-managed multi-cloud strategy "is a sensible approach" because it allows organizations to move different workloads between providers, but it gets a "bit more complicated when you start thinking about workload portability," says Lee Newcombe, security director, Capgemini U.K.
Hybrid war includes cyberattacks, critical infrastructure attacks and efforts to get information. Victoria Beckman, director of Microsoft's Digital Crimes Unit in the Americas, says Ukraine used a national cybersecurity strategy to withstand such attacks from Russia and so can other countries.
OneTrust has put nearly $1 billion in investment to good use, helping companies address data governance, security assurance, third-party risk and more, Chief Strategy Officer Blake Brannon says. OneTrust has taken on challenges such as monitoring the ethical use of data and verifying compliance.
To build defense capabilities, CISOs need to take a risk-based approach in presenting the highest risk contextually, and they also need to build visibility of tools and controls and a mechanism to prioritize them through a structured program that is communicated in financial terms to the board, says Urooj Burney.
Cyber GRX senior director and CyberEdBoard executive member Peter Gregory discusses data everyone has that is an asset, but also a liability - your contact list - and how to decrease your chances of it turning toxic.
Of all the areas under his direction - business continuity, GRC, data governance - third-party risk is the most challenging, says Peter Gregory, senior director of cyber GRC at GCI General Communications Inc. "Their breach is my breach," he says, offering mitigation advice.
The world is now focused on ransomware, perhaps more so than any previous cybersecurity threat in history. But if the viability of ransomware as a criminal business model should decline, expect those attackers to quickly embrace something else, such as illicitly mining for cryptocurrency.
Several data breaches stemming from unpatched vulnerabilities in Accellion's File Transfer Appliance have been revealed. What went wrong? Where does the fault lie? And what can organizations do about it?
In light of the widespread apparent impact of the hack of SolarWinds' network management tools, it's time for a frank assessment of the lack of cybersecurity progress in recent years. Consider a "60 Minutes" report from 2015 - and where we're at today.
The key components of an effective "zero trust" architecture include multifactor authentication, network segmentation and a defense-in-depth approach, says Dr. Erdal Ozkaya, regional CISO and managing director at Standard Chartered Bank in the United Arab Emirates.
Even before the pandemic set us on the road to a global recession, many banks were struggling to balance the polarising pressures of a changing world and keeping to business as usual.
The "zero trust" model can play a critical role in mitigating emerging threats. That's why Information Security Media Group will host on Aug. 4 a virtual cybersecurity summit for Southeast Asia on applying the model.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.