It is said that "Data is the new oil." If that's the case, then organizations need to do a far better job inventorying and securing their wells.
Download this eBook interview transcript with Laurence Pitt of Juniper Networks and learn about:
Data's true value in today's economy;
How organizations are exposing...
A look at President Donald Trump's pick for the Department of Homeland Security secretary, Kirstjen Nielsen, leads the latest edition of the ISMG Security Report. Also featured: Equifax's and TransUnion's problem with dubious code.
Developing safe and effective information sharing practices to foster greater interoperability presents big challenges. As information sharing becomes increasingly vital in building resilient cybersecurity, the need to put a strong, collaborative structure in place is critical.
Although there are many options for...
The RSA Conference returns to Abu Dhabi in November, and event organizers Linda Gray Martin and Britta Glade say this year's agenda is packed with new speakers and topics unique to this growing annual event.
It is said that "Data is the new oil." If that's the case, then organizations need to do a far better job inventorying and securing their wells, says Laurence Pitt of Juniper Networks. He offers insights on leveraging and securing data.
With the General Data Protection Regulation (GDPR) coming into effect on May 25, 2018, any organization handling EU residents' personal data should be prepared to comply with stricter privacy regulations or be ready to pay fines up to four percent of their global annual revenue. This is a substantial penalty for...
Leading the latest edition of the ISMG Security Report: A deep dive into how continuously monitoring user behavior could replace passwords as a means of authentication. Also, U.S. federal agencies continue to fall short on IT security.
CISOs need to anticipate the important questions their CEO is likely to ask as mega-breaches make headlines and data security is in the spotlight. Here, security leaders offer insights on how to answer eight tough questions.
Equifax ex-CEO Richard Smith asserts that a single employee's failure to heed a security alert led to the company failing to install a patch on a critical system, which was subsequently exploited by hackers. But his claim calls into question whether poor patch practices and management failures were the norm.
Security programs fail because of too much emphasis on protection and not enough on detection and response, says Ira Winkler, president of Secure Mentem, who calls on CISOs to help change their organization's security priorities.
The recent Equifax mega-breach demonstrates how essential it is to have a robust, well-tested incident response plan in place that includes a strong public relations component, says Heath Renfrow, CISO at U.S. Army Medicine
Organizations need to develop "a friendly business relationship" with law enforcement so they can share information about a data breach to help with the investigation, says Luis Cerritos of the Royal Canadian Mounted Police.
When creating a security action plan, not enough organizations include provisions for communicating with the police, says Kenrick Bagnall, a detective constable in the cybercrime unit of the Toronto Police Service.
Are organizations making the same security mistake with APIs today that they made with their websites 10 and 20 years ago? Jeffrey Costa of Akamai Technologies says yes and offers insight on securing and caching APIs.