CrowdStrike is out with its 2019 Global Threat Report, which includes a ranking of the most dangerous nation-state adversaries. The company's CTO, Dmitri Alperovitch, discusses the report's key findings about threats and threat actors.
Reviewing 2018 attacks, Jon Clay of Trend Micro, says social engineering persists, including phishing attacks, while criminals also continue to steal credentials, lob ransomware at targets and push cryptomining malware.
What's hot on the cybersecurity legal front? For starters, in 2018, the U.S. Department of Justice indicted twice as many alleged state-sponsored attackers than it had ever indicted, says Kimberly Peretti of Alston & Bird.
Simpler is better. While that might be a frequent truism in life, it's especially applicable to the technology landscape facing organizations, as CISOs attempt to manage cloud services, 5G and other emerging technologies, says Steve Neville, director of corporate marketing at Trend Micro.
Criminals continue to target organizations and individuals with extortion schemes, such as by infecting targets with Ryuk and GandCrab ransomware, say Raj Samani, chief scientist of McAfee, and John Fokker, McAfee's head of cyber investigations.
As CEO of Terranova Security, an awareness training provider, Lise Lapointe sees an evolution of education programs that used to be merely phishing simulation tests. What are the most effective forms of training?
The network is much more than just the sum of its endpoints, and the imperative to secure everything has led to detection and response emerging as a top priority for many organizations, says Chris Morales of Vectra Networks.
Art Coviello, ex-CEO of RSA, is concerned about fraud trends and social media vulnerabilities. But he also is bullish on the opportunity for artificial intelligence and DevOps security to stop attacks before they cause harm.
With Verizon's data breach investigations team finding that 90 percent of breaches trace to a phishing or other social engineering attack, lead investigator Chris Novak says that using multifactor authentication should be a no-brainer for all organizations.
To meet the increasing customer demands for effective solutions, security vendors must ensure their products work together well, says Dr. Mike Lloyd of RedSeal. This is particularly essential to achieving "digital resilience," the ability to promptly detect and respond to network intrusions, he says.
Déjà vu "smart toy" information security fail: Spiral Toys, maker of internet-connected CloudPets, is under fire for exposing 821,000 user records online - now being ransomed - as well as links to 2.2 million parents' and children's voice recordings.
Our objective, as the industry's largest global media organization, is to bring you the most important bits from the conference, whether you attended the event or are experiencing the content now for the first time. Call this the Best of RSA Conference 2017.