Over his 23-year career in cybersecurity, Tom Kellermann has focused on policy, endpoints and even strategic investments. Now, in his new role as senior vice president of cyber strategy at Contrast Security, his mission is to protect code security - particularly in the public and financial sectors.
Earlier this year, the PCI Security Standards Council issued version 4.0 of PCI DSS. Two experts from Verizon, Ferdinand Delos Santos and Roko Zaman, discuss the new requirements of the regulations and strategies for implementing them to reduce risk and improve an organization’s overall security.
Too often when software developers change jobs, they take source code they've written with them, feeling the code belongs to them even if it belongs to an employer. Code42's Joe Payne shares the challenges of detecting source code theft and ways to protect intellectual property wherever it resides.
Financial services firms in Africa are becoming bigger cyber targets as they expand into new mobile payment and financial inclusion products. Rob Dartnall of Security Alliance explains why these firms need to invest in information sharing, training and new cybersecurity practices to avoid breaches.
In the latest weekly update, ISMG editors discuss the industrywide implications of a teenager hacking into Uber's internal systems, key trends in the new Gartner SD-WAN Magic Quadrant report, and how ethics and security culture are center stage due to recent CISO revelations at Uber and Twitter.
Darktrace's Cybersprint acquisition allowed the cybersecurity AI vendor to move from focusing solely on internal threats to also defending the external attack surface, Nicole Eagan says. The company says AI will give an outside-in view of the victim and simulate how the attacker will behave.
Errol Weiss, chief security officer of Health-ISAC for the past three years, watched the healthcare sector undergo a historic revolution in the digital delivery of services to patients. Also in that time, the attack surface grew exponentially. How can entities best defend it?
From SolarWinds to Kaseya, Accellion, Log4j and Okta, third-party security breaches are among the most devastating for organizations affected. Tony Morbin of ISMG dives into the story behind the results of a global survey with Demi Ben-Ari, the co-founder, CTO and head of security at Panorays.
Decentralized identifiers and verifiable credentials, in which consumers can use their digital identity credentials for a variety of tasks, have significant evolving potential within the realm of identity and access management, says Merritt Maxim, vice president and research director at Forrester.
In the latest "Proof of Concept," David Pollino, former CISO of PNC Bank, and Ari Redbord, head of legal and government affairs at TRM Labs, join ISMG editors to discuss ethical concerns for CISOs, cryptocurrency regulations, and potential foreign interference in the U.S. midterm elections.
How are money launderers exploiting the various gaps in the telecom and banking industry? Hesham Sayed Shoeb, fraud supervisor with Saudi Telecom Co., shares his experience on fighting money launderers and how to improve systems and tools to catch more fraudulent transactions.
Sumo Logic has sharpened its ability to help customers improve their security posture since going public two years ago, says President and CEO Ramin Sayar. Enterprises want to drive more SOC automation, while smaller firms seek more visibility into the infrastructure, he says.
As the Federal Trade Commission focuses on data brokers that collect and share consumers' sensitive information, any company that participates in those activities needs to carefully review its practices, says attorney Daniel Kaufman, former acting director of the FTC's Consumer Protection Bureau.
Existing security operations tools focus too much on detecting threats and creating alerts rather than stopping attacks before they happen, says Check Point CEO Gil Shwed, who claims the firm's new MPR and XPR tools will reduce the number of events security analysts handle by at least 90%.