Enterprise cybersecurity is no longer just about a siloed team of professionals securing the firm's systems and servers. Security has evolved into a key business consideration with people at its core, according to Suraj Jayaraman, Microsoft's director of cloud security architecture.
Flipkart Group companies achieved a uniform SOC implementation by adopting a single data ingestion point. This simplifies integration, log parsing and normalization challenges with two SaaS-based SIEM tools, minimizing device and data source modifications.
In the latest weekly update, ISMG editors discuss why communication is vital to be an effective CISO in 2023, how the hack of Florida-based dental insurer MCNA affects nearly 9 million people, and how CyberArk is securing privileged users with a new browser.
Change management is a critical part of a robust API management program, said Shaam Farooq, vice president of technology at Atlas Energy Solutions and a CyberEdBoard member. Team members must review and approve changes as they happen and communicates those changes across IT and OT security teams.
Many hospitals are still more reactive than proactive in terms of embracing recommended best practices that can advance their cybersecurity maturity level, said Steve Low, president of KLAS Research, and Ed Gaudet, CEO of consulting firm Censinet, who discuss findings of a recent benchmarking study.
Supply chain is critical for application security because most firms rely on third-party software components. The ease of injecting vulnerabilities into open-source components makes software bill of materials a critical need, said Minatee Mishra, director of product security at Philips.
Securing distributed and hybrid workforces is challenging traditional cybersecurity paradigms. Integrating zero trust with secure access service edge, SASE, in a unified platform addresses the threats associated with the need for flexibility and a data-anywhere environment.
In the latest weekly update, ISMG editors discuss top takeaways from Ukraine's cyber defense success, how a European regulator suspended Facebook data transfers to the United States, and the state of the EU General Data Protection Regulation on its five-year anniversary.
Healthcare providers are struggling with protecting legacy medical devices against a rising tide of cyberthreats. New Health Sector Coordinating Council guidance can help, said Jessica Wilkerson of the Food and Drug Administration and Mike Powers of Intermountain Health.
Five years after the effective date of the General Data Protection Regulation, the European Union privacy law - hailed as a way to protect the privacy of citizens in an increasingly digital world - continues to be marred by criticism over its lack of effectiveness and uneven implementation.
Seed funding for Israeli cybersecurity startups has blossomed despite the economic downturn, and both deal volume and size have strengthened in 2022 as compared to 2021. The indefinite closing of the initial public offering market in spring 2022 caused late-stage investment to fall off a cliff.
Organizations lack visibility into their network and assets to fully understand their threat and risk exposure, said Liberty Strategic Capital's Michael D'Ambrosio. The trend of accessing corporate networks from remote locations has made it tough for businesses to know what's on their network.
Cyber programs must go beyond the digital realm and address physical security challenges around buildings and data centers even though there isn't a tool to implement. Firms often adopt physical security measures such as a secure data center with cameras and locked doors only when it's required.
The U.K. government earlier this month introduced a strategy to reduce fraud and scams called Fraud Strategy: Stopping Scams and Protecting the Public. Ken Palla, retired director of MUFG Bank, said this as an important step to combat authorized scams, which have now eclipsed unauthorized fraud.
Security organizations in the APAC region need to adopt widely recognized frameworks consistently ensure digital trust and protect privacy, according to a panel of experts from the APAC region. Industry certifications are a good investment for improving security programs and business resilience.