RSA Conference

The State of API Security

Varun Haran •  August 19, 2019

The lifecycle of security needs to match the lifecycle of APIs, which get replaced very frequently, says Jacques Declas of 42Crunch.

Effectively Addressing Policy Change Management

Varun Haran •  August 19, 2019

Organizations need to move away from manual processes and take an automated approach to policy change management, says Baruch Thee of Tufin.

Understanding the Mindset of Attackers

Varun Haran •  August 12, 2019

An important component of building an effective cybersecurity strategy is to understand the mindset of attackers, says IBM Security's Etay Maor, who offers insights.

Big Data Analytics' Role in Security

Varun Haran •  August 12, 2019

Big data analytics can help security professionals stay ahead of emerging challenges in a rapidly changing threat landscape, says Splunk's Haiyan Song.

The Role of the Cloud in Updating Security

Varun Haran •  August 12, 2019

The velocity of change at large corporations has made traditional IT security methods inadequate, but cloud-based solutions can play an important role, says Aaron Mog of RiskIQ.

Analyzing the APAC Cybersecurity Landscape

Varun Haran •  August 9, 2019

Security practitioners must go beyond buzzwords, such as threat hunting, "and translate it into implementation effectiveness - controls that really sustain over a period of time," says Ashish Thapar of Verizon Enterprise Solutions, who offers an assessment of the cybersecurity threat landscape in the APAC region.

Minimizing Automation Bias in Machine Learning

Varun Haran •  August 9, 2019

Developing robust and resilient machine learning models requires diversity in the teams working on the models as well as in the datasets used to train the models, says Microsoft's Diana Kelley.

Digital Transformation: Security Best Practices

Varun Haran •  August 9, 2019

Organizations going through a digital transformation need to make sure they develop a sound third-party risk management strategy, says RSA's Holly Rollo, who discusses best practices.

Kellermann: Hackers Emboldened by Lack of Prosecutions

Varun Haran •  August 6, 2019

The hacking subculture has been emboldened by a lack of prosecutions for cybercrime worldwide, says Tom Kellermann of Carbon Black, who addresses the evolving threat landscape.

How to Effectively Use AI and ML in Security

Varun Haran •  August 6, 2019

It's difficult to build a reliable security system based on artificial intelligence and machine learning, says Aleksandr Lazarenko of Group-IB, who offers insights on how to make the most of these technologies.

Assessing Privacy Protections in Asia

Varun Haran •  August 6, 2019

Some Asian nations have a lot of catching up to do when it comes to protecting consumers' privacy, says Rob Hinson of OneTrust, who offers a regional assessment.

ARTICLE

10 Highlights: Cryptographers' Panel at RSA Conference 2019

Mathew J. Schwartz •  April 17, 2019

From blockchains and surveillance to backdoors and GDPR, a group of leading cryptographers rounded up the top cybersecurity and privacy matters of the day at the cryptographers' panel held at the recent RSA Conference 2019 in San Francisco.

ARTICLE

The Best of RSA Conference 2019

Information Security Media Group •  April 8, 2019

At RSA Conference 2019 in San Francisco, Information Security Media Group's editorial team conducted more than 150 video interviews with industry thought leaders. Here are the highlights.

Measuring Security Effectiveness in a Dynamic Threat Landscape

Varun Haran •  April 8, 2019

Strong business resilience metrics for measuring effectiveness, simpler networks and smaller tool sets are all needed to cope with the evolving threat landscape, says retired Major General Earl Matthews, senior vice president at Verodin.

Developing a Comprehensive Mobile Security Strategy

Varun Haran •  April 8, 2019

Organizations need to go far beyond putting security software on mobile devices and develop a much broader mobile security strategy, says Michael Covington of Wandera.

Coping With Burnout in the CISO Role

Varun Haran •  April 8, 2019

Faced with the increasing sophistication and maturity of cyber threats, CISOs and security teams need to devise ways to better cope with the high-stress environment, says Webroot's Gary Hayslip,

Behavioral Biometrics-Based Authentication: A Status Report

Varun Haran •  April 8, 2019

The quality of authentication provided by behavioral biometrics is improving, says James Stickland, CEO of Veridium. Nevertheless, he says, "we haven't reached a maturity level where it is used as an explicit form of authentication, but it's certainly now deemed as an implicit form of authentication."

DDoS Mitigation in the Age of Multicloud

Varun Haran •  April 8, 2019

DDoS attacks are getting larger in size and shorter in duration at a time when multicloud environments, which lack a single point of monitoring, are becoming more common, says Ashley Stephenson, CEO of Corero Network Security, who offers risk management insights.

Mobile Banking: How Secure Are Those Apps?

Tom Field •  April 4, 2019

Ex-black hat Alissa Knight recently joined Aite Group's new cybersecurity practice, and among her first tasks: a hard look at the security of major financial institutions' mobile banking apps. The results may surprise you.

ARTICLE

15 Highlights: RSA Conference 2019

Mathew J. Schwartz •  April 4, 2019

Keynotes and briefings at the recent 28th annual RSA Conference 2019 covered a wide range of topics, including privacy, hackers, cyber extortion, machine learning, artificial intelligence, human psychology, legal matters, career advice and internet-connected device concerns. Here are 15 highlights.

What Organizations Need to Know About Container Security

Varun Haran •  April 4, 2019

Traditional security processes and controls don't translate cleanly to containers, says Sabree Blackmon of Docker, who does not recommend treating containers as virtual machines to help maximize the benefits.

The Threat Landscape for Small and Midsize Enterprises

Varun Haran •  April 3, 2019

In addition to relying to heavily on anti-virus and anti-malware tools, small and midsize enterprises lack the resources or expertise to catch new and sophisticated forms of attacks, says Dell's Brett Hansen, who offers strategic insights.

The Pitfalls of Using AI and ML in Security

Varun Haran •  April 3, 2019

Using artificial intelligence and machine learning in cybersecurity has pitfalls, says McAfee's Steve Grobman, who describes appropriate steps to take.

Vendor Risk Management: More Than a Security Issue

Varun Haran •  April 3, 2019

Vendor risk management must be a higher priority in all business sectors and must extend beyond security to include privacy, says Kabir Barday of OneTrust.

Making a Case for Orchestration and Automation

Varun Haran •  April 3, 2019

Alert fatigue is a major challenge, and the ability of SOC teams to be proactive is hamstrung by the fact that they spend a lot of their time in doing repetitive work, says Cody Cornell of Swimlane, who advocates broader use of orchestration and automation.