The "shift left" movement puts "unrealistic" expectations on developers, said Gayatri Prakash, vice president and general manager of compliance at CloudBees. She said installing new tools to manage various parts of the SDLC is not necessarily "going to solve our problem for security."
Attacks like Kaseya and SolarWinds have highlighted the supply chain risks and demonstrated how securing the supply chain can no longer just be considered a compliance function. It has evolved into a risk management function, said Fred Kneip, chief executive officer at CyberGRX.
The International Rescue Committee has identified new processes and ways to safeguard information in the midst of rapid digital transformation, according to CISO JT Jacoby. The IRC went from having multi-factor authentication deployed on just 1,500 devices in November to more than 10,000 today.
OTC Markets Group in recent years has gone from having almost sector-specific cybersecurity regulations to highly robust ones, said CISO Vlad Brodsky. Since 2016, the New York-based financial market has been subject to stringent policies and procedures to ensure OTC's cybersecurity and resiliency.
The cybersecurity industry is undergoing profound and rapid change, said John Chambers, the visionary former CEO of Cisco Systems who has turned venture capitalist and predicts the market will soon demand an outcome-focused architecture - not products - to underpin next-generation tech.
As many countries in APAC are coming out with their own privacy laws, the region is fast becoming the epicenter of data protection developments around the globe, said Raymund Liboro, former commissioner and chairman of the National Privacy Commission, Philippines.
How much regulation is too much, and how much is too little? Increased cyber regulation, especially in areas of critical infrastructure, is necessary, as outages in the space have the potential to affect many Americans, said Ilona Cohen, chief legal and policy officer at HackerOne.
Historically, U.S. regulators have been slow to set controls on critical infrastructure because of the technical complexity of systems in that sector, but that is changing thanks to the U.S. national cybersecurity strategy, said Glenn Gerstell of the Center for Strategic and International Studies.
What are the challenges facing the U.S. financial sector as it continues its enthusiastic embrace of cloud-based technology? Department of the Treasury Deputy Assistant Secretary Todd Conklin said the agency has been "doing the best we can to secure cloud" as firms increasingly adopt it.
As Bugcrowd helps OpenAI keep pace with the inevitable cybersecurity risks amid the massive popularity of its applications, the bug bounty firm's CEO discusses the unique elements of finding vulnerabilities in OpenAI, its impact and the journey so far.
The use of cloud by financial services firms has risen from 91% to 98%, and multi-cloud for critical operations has risen dramatically, triggering greater risk and regulatory scrutiny, said Troy Leach, chief strategy officer at the Cloud Security Alliance, citing a new survey.
Gamification in cybersecurity can bring great potential business value to many organizations, but security teams need to dispel some misconceptions. In the first place, it’s not a game that takes employees away from their jobs, said Joe Carson, chief security scientist and advisory CISO at Delinea.
With an ever-expanding threat landscape, organizations need to possess the right tools and knowledge to deal with cyberattacks. Dawn Cappelli, head of OT-CERT at Dragos, recommends training small and medium-sized businesses that are just starting their operation technology journey.
Most people would assume ransomware tops the list of cyber insurance claims. Not so these days. Most claims are originating from third-party attacks, said Peter Hedberg of Corvus Insurance and Christopher J. Seusing of law firm Wood Smith Henning & Berman.
Humans continue to reuse simple passwords that criminals can access, and passwordless continues to be the way forward. Jeff Shiner, CEO of 1Password, said we're making progress toward the future of authentication - passkeys - and discussed when, why and how to adopt them.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.
