IT-OT convergence has created interconnection between components that were historically separate and have different maturity levels. But attacks on OT can have a kinetic impact that can lead to very grim scenarios, said Ashish Thapar, vice president and head of cybersecurity consulting at NTT.
This is the time and place in which geopolitical interests, hacktivism, espionage and all of the crime syndicates are coming together, and we're amateurs showing up at that gunfight with a knife, said Jeff Multz, senior vice president of sales in North America at Radware.
Data breaches are often the result of hackers exploiting bugs in third-party service providers to make their way to larger organizations. Rishi Rajpal, vice president of global security at Concentrix, discussed how to pick the right partners and mutually benefit from each other's services.
The adoption of APIs in terms of daily transactions in the post-COVID-19 digital world has skyrocketed, but that proliferation of APIs has created exposures and risks that need to be addressed proactively before an organization faces a devastating data breach, warned Pam Murphy, CEO at Imperva.
The fundamentals of protecting against application-based malware attacks are no different from infrastructure-based attacks, and it is all about having threat intelligence, context and the capability to really understand these applications, said Mariano Nunez, co-founder and CEO at Onapsis.
Organizations are faced with the security challenges presented by the combination of custom and open-source code. Sandeep Johri, CEO of Checkmarx, suggests treating all open-source code as an unknown source and conducting security checks using software composition analysis to identify vulnerabilities.
The U.S. national cybersecurity strategy released by the Biden Administration is part of a larger effort to draw attention to the pervasive issue of cybersecurity liability on the part of vendors. The strategy also calls for ramping up the adoption of software bill of materials, or SBOMs.
Organizations face three major challenges in safeguarding data, said Gee Rittenhouse, CEO of Skyhigh Security. The first is determining where data is located. The second is knowing who had access to the data and what they are doing with it. The third is determining the level of risk exposure.
Cybercrime has evolved over the decades, and criminals are running entities that function exactly like legitimate organizations. The high-revenue industry is growing, and those running it continue to improve at doing their jobs, said Jon Clay, vice president of threat intelligence at Trend Micro.
As the cyberthreat and regulatory landscapes are evolving, so too are the data security and privacy priorities of healthcare sector entities, said Taylor Lehmann, director, Office of the CISO, Google Cloud, who explains how organizations can respond to the challenges.
The challenges in building a privacy program to comply with laws and regulations across multiple jurisdictions and verticals are numerous, especially since much has changed in the past decade, said Nishant Bhajaria, director of privacy engineering, architecture and analytics at Uber One.
Many organizations are finally improving basic cyber hygiene, but the major problem facing defenders and governments is how to achieve scale across all sizes of businesses including nonprofits around the world, said Phil Reitinger, CEO and president of Global Cyber Alliance.
Organizations need to look at privacy at a strategic and "almost cellular level" that is in constant motion, said Michelle Dennedy, CEO of PrivacyCode. "It's generative privacy." Dennedy said that nearly 75% of the world is governed by a GDPR-like scheme, and it's time for the U.S. to follow suit.
Threat intelligence is an important component of OT security because it maps the techniques and tactics of threat actors to what they are likely to attack, and it collaborates across teams to cover potential vulnerabilities, according to CISOs Susan Koski and Sapan Talwar.
APIs are delivering huge business value, but people don’t know how many APIs they have in their organization, what they do or who controls them. And that causes massive security vulnerabilities, according to CyberEdBoard panelists Chase Cunningham and Richard Bird.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.
