Organizations often face challenges when they aim to build sustainable security programs at scale. Anna Westelius, director of security engineering with Netflix, discussed the company's big infrastructure projects that give it more leverage over time than investing in manual processes.
With new legal, contractual and cybersecurity requirements, the regulatory landscape is constantly changing on both local and national fronts. As a result, compliance can become increasingly difficult, leaving organizations with a certain amount of risk, said James Shreve, partner, Thompson Coburn.
The pandemic brought about notable shifts in technology and cybersecurity. It also widened the attack surface, making it bigger than ever before. This change is driven by factors such as hybrid workplaces, cloud migration and SaaS dependencies, according to SANS Institute's Ed Skoudis.
The number of ransoms paid by organizations is on the decline, which is positive news. But we know that the criminals are always innovating. Valerie Abend, global cyber strategy lead at Accenture, said cybercriminals are constantly learning to accomplish their objectives.
There is a growing need for "citizen data scientists," such as engineers and programmers, to better understand the inner workings of AI and ML as those technologies become more ubiquitous, said Tom Scanlon, technical manager of the CERT data science team at Carnegie Mellon University.
A renaissance around data protection has taken advantage of artificial intelligence and machine learning to boost data classification and governance, said Forcepoint CEO Manny Rivelo. Advances in areas like generative AI allow hackers to form sophisticated attacks that evade defenses like sandboxes.
Check Point's product sales have taken their biggest nosedive since 2018 as customers extend sales cycles and postpone projects while prospects decline to buy new products. The company said businesses have increasingly delayed product refresh projects since November in an effort to tighten budgets.
There is no one way to detect human trafficking, and its eradication requires collective efforts and expertise. To help solve the problem, Recorded Future threat intelligence analysts Kirill Boychenko and Hande Guven adopted the UN's 4P paradigm - prevention, protection, prosecution and partnership.
The guilty verdict against Joe Sullivan, former chief security officer of Uber, has generated much discussion about CISO accountability for disclosures of breaches. How should CISOs be preparing to deal with this responsibility? Kirsten Davies, CISO at Unilever, said communication is crucial.
RTM Locker ransomware-as-a-service operators have now turned their attention to Linux, network-attached storage devices and ESXi hosts. The highly structured group appears to be using a new ransomware strain that shows traces of Babuk ransomware's leaked source code.
Prosecutors are urging a U.S. federal judge to sentence former Uber CSO Joe Sullivan to 15 months in prison for his role in impeding an investigation into the ride-hailing company's security practices. Sullivan exploited "his position to cover up a deeply embarrassing event," prosecutors wrote.
Supply chain attacks once were the exclusive provenance of nation-state hackers, says Eric Foster, strategic advisor to Stairwell. But not anymore. "More and more of those are moving downmarket," he said. "These days every threat would qualify as an advanced and persistent threat."
Identity is now the first line of attack, so how can enterprises minimize their attack surface? Identity threat detection and response is a newly recognized cybersecurity solutions category. Sean Deuby of Semperis discusses ITDR and how enterprises can best take advantage of it.
One Brooklyn Health is facing a proposed class action lawsuit in the wake of a data breach affecting more than 235,000 individuals, which the organization reported to regulators following a cyberattack late last year that disrupted its IT systems and patient services for several weeks.
Offense is what paces innovation in cybersecurity since threat actors constantly look for new ways to compromise systems, said AllegisCyber Capital's Bob Ackerman. Many offensive cyber capabilities developed by the national intelligence community make their way into the wild and become exploitable.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.