In this episode of "Cybersecurity Unplugged," Patricia Muoio, a partner at SineWave Ventures, discusses the need for cyber resilience as security leaders face the inevitable stream of cybercrimes, how to achieve it through a zero trust approach, and how CISOs and the government can help.
Security ratings provide a strong indication of potential risk, but boards increasingly want to drill into the underlying risk factors, says CEO Steve Harvey. BitSight has invested in both workflows around third-party risk and research and identification of CVEs on behalf of government agencies.
Unifying decision-making about privacy, security, ethics and governance poses a huge challenge from a regulatory and operational perspective, says OneTrust CEO Kabir Barday. OneTrust has created a network of 900 lawyers across 300 jurisdictions that feed intelligence into the company's platform.
In the next three years, CISOs face daunting challenges, including rapidly changing threat vectors, new APT attacks and the implementation of new defensive solutions, says Anuprita Daga, chief information security officer and chief data protection officer at Yes Bank.
Cyber resilience extends beyond cyberattacks and encompasses the convergence of security and disaster recovery and takes into account other factors such as supply chain disruption, attacks on critical infrastructure, epidemics, market fluctuations, power outages, and natural disasters.
The shift to remote work introduced new security risks for Piedmont Healthcare since workers could no longer rely on the firm to protect their information. Employees need to understand the security issues associated with connecting to the network using personal devices, says CISO Monique Hart.
CISOs must focus on the business value they're providing, not the technical details of their work, when interacting with the C-suite and board. Don’t focus too narrowly on security risks and technical requirements and miss what the business wants to achieve, says David Nolan, CISO, The Aaron’s Co.
In 2021, U.S. mergers and acquisitions shot up 55%. In 2022, that percentage is set to climb even higher. The wave of post-COVID M&A demands that cybersecurity leaders improve their efficacy. Ben Murphy of Truist shares insight on where, when and how cybersecurity needs to influence the M&A agenda.
It has never been more vital to secure your supply chain, with governments also recognizing the urgency by increasingly calling for Software Bills of Materials (SBOMs) and the implementation of effective third-party security risk management (TPRSM) to stem the surge in ransomware and other cyberattacks.
InfoSec, IT risk and digital supply chain management professionals know the key to minimizing the risk of third-party breaches is to implement a comprehensive and efficient third-party security risk management (TPRSM) process.
Join this webinar where Dov Goldman discusses the increasing challenges surrounding...
In this episode of "Cybersecurity Unplugged," Mark Cristiano of Rockwell Automation discusses Rockwell's cybersecurity journey, the particular challenges of deploying cybersecurity in an OT environment, and the minimum and proper industrial protections that organizations need to have in place.
CISO Marcin Szczepanik recalls when his team's budget was cut dramatically after the onset of the pandemic. He wanted to invest in the latest state-of-the-art tools but prioritized his costs and focused on email security - a move that improved the company's level of cyber maturity.
In the latest "Proof of Concept," VP and CISO Nicole Darden Ford shares findings from Rockwell Automation's new survey report on cybersecurity preparedness in critical infrastructure, OT security gaps, the state of critical infrastructure, and insights into preparedness and best practices.
A recent survey sponsored by Rockwell Automation finds that critical infrastructure organizations miss basic protections for operational technology, with 80% failing to conduct frequent asset inventory audits, 63% lacking real-time threat monitoring and 42% needing effective patch management.