To help ensure that their sensitive data cannot be exfiltrated, some organizations have adopted data diodes, which are hardware devices designed to provide a one-way link to stop exfiltration or block remote attackers, says Mike Timan of Owl Cyber Defense.
The network is much more than just the sum of its endpoints, and the imperative to secure everything has led to detection and response emerging as a top priority for many organizations, says Chris Morales of Vectra Networks.
The explosion in the quantity and diversity of internet-connected devices - from industrial control systems and cars to farming equipment and refrigerators - makes applying privileged access management more important than ever, says Wallix Group's Chad Carter.
Making data security as people-centric as possible by applying strong risk-based controls is the only way organizations can best secure data while also enabling employees to do their jobs, says Tony Pepper of Egress Software Technologies.
As companies push more data to the cloud, large enterprises such as MGM Resorts International are balancing what it takes to complete their digital transformation journey and securing data that is rapidly moving off premises.
Four business sectors - hospitals, banks, securities firms and market infrastructure providers - potentially face the most significant financial impact from cyberattacks that could lead to a weakened credit profile, according to a new report from Moody's Investors Service.
Identity and access management is more complicated when organizations rely on a cloud infrastructure, says Brandon Swafford, CISO at Waterbury, Connecticut-based Webster Bank, who describes the challenges in an interview.
The latest edition of the ISMG Security Report features Greg Touhill, the United States' first federal CISO, discussing how "reskilling" can help fill cybersecurity job vacancies. Plus, California considers tougher breach notification requirements; curtailing the use of vulnerable mobile networks.
Ireland's privacy watchdog has its eye on Facebook. Ten of the 15 major investigations that the Data Protection Commission launched since the EU's tough new privacy law, GDPR, went into full effect in May 2018 are focused on Facebook.
An "authorized third party" exposed a Dow Jones database with more than 2.4 million records of risky businesses and individuals on a public server without password protection. The incident points to the importance of proper vendor risk management, security experts say.
Facebook's effort to stem the flow of fake news globally has been ineffective, allege some fact checkers who have collaborated with the social media giant to identify and debunk false stories. Is the social media giant merely conducting a public relations exercise?