Visibility, or a lack thereof, continues to challenge organizations as they attempt to protect their businesses by knowing which systems, applications and data they have, says AlgoSec's Jeffrey Starr. He discusses how centralized visibility, control and automation can help.
The annual Infosecurity Europe conference this year returned to London. Here are visual highlights from the event, which featured over 240 sessions and more than 400 exhibitors, 19,500 attendees and keynotes covering data breaches, darknets, new regulations and more.
Typically, organizations see automated or manual attacks - one type or the other. But increasingly, cyberattackers are striking with blended attacks, and the growth and impact of these strikes is concerning.
Download this ebook to learn more about:
How ordinary cybercriminals now have the same tools as nation-state...
Read the Q1 2019 Quarterly Threat Report tto learn what targeted businesses in January, February and March 2019 and to find out what strategies you can implement to protect your organization.
Key report findings include:
8% of externally-facing IT assets are susceptible of being exploited by a high or critical...
Carelessness, a lack of security awareness, unclear data ownership and poor toolsets are root causes of insider breaches, says Tony Pepper, CEO of Egress, which recently surveyed CISOs and employees to trace the cause of insider breaches resulting from both intentional and unintentional loss.
Crowdsourced bug bounty programs help organizations identify severe vulnerabilities in their apps and infrastructure. But that gamification model has been evolving to supply not only penetration testing but also deep dives by single researchers, says Bugcrowd CSO David Baker.
A top cybersecurity imperative for organizations is to "take proactive mitigation before an event even occurs" by tracking attack trends and mitigating against emerging types of attacks, says Akamai's Jay Coley.
Not long ago, organizations could control their perimeter with relative ease. However, with companies looking toward digital transformation of business processes, myriad communication and collaboration apps are being adopted, even if they aren't given the official stamp of approval from security departments. How do...
The threat landscape continues to evolve, says Chester Wisniewski of Sophos. "The more professional, the more skilled criminals out there are moving, seemingly, away from this 'spray and pray' mass exploitation approach and getting more targeted. It's what I call a blended threat."
In response to large data breaches, the retail and hospitality industry formed the RH-ISAC to serve as a central hub for sharing sector-specific cybersecurity information and intelligence, says Tommy McDowell, vice president, who explains how ISACs' roles are changing.
Given today's increasing IT complexity and scale, it's become imperative to break down the barriers between Security and IT groups and align them including their tools, processes, and skills around a common goal: delivering a fast and secure user experience while enabling business agility.
For CIOs and CISOs who...