It's called the cybersecurity poverty line, and it distinguishes organizations as haves or have-nots - not just financially, but in terms of cybersecurity defenses. Cisco's Mike Storm discusses how to develop and leverage embedded security to rise above the line.
From SolarWinds to Kaseya, Accellion, Log4j and Okta, third-party security breaches are among the most devastating for organizations affected. Tony Morbin of ISMG dives into the story behind the results of a global survey with Demi Ben-Ari, the co-founder, CTO and head of security at Panorays.
Exploring new ways to offer security as a service from his organization to external customers is an exciting challenge and opportunity, says Sean Mack, CIO and CISO of publishing company Wiley. He also discusses aligning security investments with the company's biggest business risks and goals.
It's not the emerging technology or the increasingly complex threat landscape. Instead, people and process are what prove to be consistently the most challenging parts of the job for Caleb Sima, chief security officer at Robinhood.
For the seventh year in a row, business email compromise produced the largest losses of any type of cybercrime, according to Steve Dougherty of the U.S. Secret Service. He says organizations need to build and maintain relationships with law enforcement agencies before an attack happens.
Beyond advising the seniormost levels of the business in the strategic use of technology, the need to recruit new cybersecurity professionals often also tops the list of tasks facing today's security leaders, says Rob Hornbuckle, CISO of Allegiant Air.
Building out a threat intelligence program is no easy feat for even the largest and most resource-rich organizations, and the challenges are only amplified for smaller companies that have limited budget or personnel, according to AJ Nash, ZeroFox's vice president of threat intelligence.
The emergence of remote working, the cloud, and digital transformation initiatives are prompting companies to look toward replacing traditional on-premises firewalls, say Perimeter 81 co-founder and CEO Amit Bareket and CMO Gily Netzer. They discuss the future of securing hybrid work environments.
"I'm concerned that at some point the Russians are going to launch cyber retaliatory attacks against the United States at election infrastructure and the transportation, financial and energy sectors," says Elvis Chan, supervisory special agent at the San Francisco Division of the FBI.
Cybersecurity demands and risks have increased at a very high rate due to the recent transformations faced around the world. As a result, the development of cybersecurity professionals in the area has not kept up with these needs, says EDP Brazil CISO Milton Almeida.
A majority of financial institutions have reported a rise in account opening fraud and payment scams, which is expected to continue and cause losses for banks, says Trace Fooshee, strategic adviser at Aite-Novarica Group. He discusses new technologies to put in place to mitigate scam attacks.
One of the effective ways to tackle AML fraud is to leverage technologies such as behavioral biometrics and device biometrics, says Charles Subrt, director of the fraud and AML practice at Aite-Novarica Group.
The network detection and response market is "relatively unchallenged at this point by other markets," and detection is the most important use case, says Nat Smith of Gartner, who shares key findings from the company's report titled Emerging Trends: Top Use Cases for Network Detection and Response.
Attackers are innovating constantly to try to increase their success rates as they work to evade detection and mitigation technologies in the kill chain. But the future isn’t just more and more attacks.