Retired General Keith Alexander (left) in conversation with ISMG's Tom Field at RSA 2020.

The Need for a 'Collective Defense'

Ishita Chigilli Palli • February 27, 2020

Among the top issues being discussed at the RSA 2020 conference this week is the need for more cybersecurity collaboration between government agencies and the private sector. Here are some interview highlights.

Biometrics

SMS Phishing Campaign Used to Spread Emotet: Report

Latest

Governance

Israeli Marketing Company Exposes Contacts Database

Jeremy Kirk • February 27, 2020

An Israeli marketing company left the authentication credentials for a database online, exposing more than 140 GB worth of names, email addresses and phone numbers. The exposure was found by a U.S.-based security specialist who became frustrated after receiving unwanted marketing messages over SMS.

Cloud Security

Why The Cloud Is The New Network

Nick Holland • February 27, 2020

Barracuda Networks has released the findings of its latest survey on public cloud security. Fleming Shi, the company's chief technology officer, describes what is holding organizations back from fully embracing the public cloud.

Business Continuity Management / Disaster Recovery

Experts Warn: Targeted Ransomware Attacks to Surge

Akshaya Asokan • February 26, 2020

Targeted ransomware attacks against enterprises and government agencies are likely to surge in the coming months as "ransomware as a service" continues to evolve into a lucrative model for cybercriminals, security experts interviewed at RSA 2020 warn.

Analytics

The Ongoing Search for Indicators of Behavior

Tom Field • February 26, 2020

Indicators of compromise are important. But what if you could also detect patterns of behavior that tip you off before a crime? This is where Cybereason's Sam Curry is trying to shift the focus.

Security Operations

Mitigating Threats to Operational Technology

Tom Field • February 26, 2020

Digital convergence is driving a shift in the security landscape for operational technology. Fortinet's Jonathan Nguyen-Duy discusses the manifestations of this shift and how to address them.

Governance

Security and Privacy: Often Aligned, But Sometimes Not

Mathew J. Schwartz • February 26, 2020

Not so long ago, many were confused about how security and privacy differ, but that has been rapidly changing, thanks to regulations such as the European Union's General Data Protection Regulation and California's Consumer Privacy Act, says attorney James Shreve, a partner at Thompson Coburn LLP.

Training & Security Leadership

Reducing Security Complexity a Top Challenge for CISOs

Mathew J. Schwartz • February 26, 2020

Reducing security complexity remains one of the toughest challenges facing CISOs, driven by the non-stop increase in threats, says Jeff Reed of Cisco. Creating a sustainable solution will require advances in vendor interoperability, as well as automation and visibility, he says.

Business Continuity Management / Disaster Recovery

The Role of 'Zero Trust' in Pandemic Threat Management

Nick Holland • February 26, 2020

The threat of the coronavirus outbreak emphasizes how remote access to workplaces is critical in business continuity. Stan Lowe of Zscaler discusses "zero trust" in the context of pandemics.

Cybercrime as-a-service

Ransomware Attacks Growing More Targeted and Professional

Mathew J. Schwartz • February 26, 2020

Ransomware-wielding attackers - aided by a service economy that gives them access to more advanced attack tools - are increasingly targeting organizations rather than individuals to shake them down for bigger ransom payoffs, says McAfee's John Fokker.

Cloud Security

Cloud Protection: How to Secure Server Environments

Mathew J. Schwartz • February 26, 2020

Development teams are increasingly building and deploying for the cloud, but DevOps practices too often fail to account for what happens after applications go from development into production and maintenance - and the ongoing security challenges they will face, says Jake King, CEO, of Cmd.

Business Continuity Management / Disaster Recovery

Australia Warns Finance Sector of DDoS Threats

Jeremy Kirk • February 26, 2020

Australia's financial sector should brace for the potential of distributed denial-of-service attacks, the nation's top cyber agency has warned, pointing to threats from a group called the "Silence Hacking Crew."

Governance

Modified Draft CCPA Regulations: How They Impact Businesses

Suparna Goswami • February 26, 2020

In an in-depth interview, privacy expert Caitlin Fennessy sorts through modified draft regulations to carry out the California Consumer Privacy Act that are designed to help businesses take a more pragmatic approach to privacy.