What's the purpose of ISO 27701, the new privacy extension to the ISO 27001 information security management standard? Matthieu Grall, CISO and DPO at SodiFrance, a French IT services company, who participated in development of 27701, explains the standard and discusses "privacy by design" compliance issues.
When it comes to identifying and stopping malicious and even accidental insider threats, organizations are often overlooking a significant gap. Nathan Hunstad of Code42 discusses how to plug this costly leak.
Deception technology has emerged as a hot practice - but not one that is necessarily on every enterprise's budgeting radar. Don Gray, CTO of PacketViper, talks about the emergence of deception technology and how security leaders can make the case - and find the budget - for its usage.
What's the best way to define a "zero trust" approach to security? And what are the potential benefits? M.K. Palmore of Palo Alto Networks, a former FBI agent, offers insights on making the most of the approach.
F. Ward Holloway of Forescout Technologies sorts through what he sees as common misconceptions about the "zero trust" approach to security, including the assumption that it can prove to be too costly and complex to implement.
In 2018, the Cybereason Research team identified a series of attacks targeting telecommunications companies. These attacks shared the same TTPs and consisted of a webshell execution followed by the deployment of Poison Ivy, a well-known RAT attributed to Chinese APT groups.
FireEye and AWS hosted a Cloud Security Breakfast Briefing summer of 2019. During this briefing Stephen Alexander, AWS National Security Senior Solutions Architect and FireEye's Martin Holste, Cloud Security CTO, and Tim Appleby, Director of Federal Programs, addressed how organizations can achieve the security needed...
The promise of cloud and mobility is to provide access to key services quickly and from anywhere at any time from any device. Zscaler's Lisa Lorenzin opens up on zero trust network access technologies, which provide a secure alternative to legacy methods.