Former Department of Homeland Security Secretary Michael Chertoff

5G Security: Former DHS Director and Huawei CSO Offer Views

Ishita Chigilli Palli • February 28, 2020

In interviews at RSA 2020, former Department of Homeland Security Secretary Michael Chertoff and Andy Purdy, CSO for Huawei USA, offer different points of view on 5G security.

Endpoint Security

New Mexico Sues Google Over Children's Privacy

Latest

Next-Generation Technologies & Secure Development

The Role of Visualization in Vulnerability Management

Tom Field • February 28, 2020

Threat intelligence and visualization technology can play huge roles in improving vulnerability management. Mieng Lim of Digital Defense outlines the potential benefits.

Governance & Risk Management

Zero Trust: Definitions, Practicalities, Challenges

Mathew J. Schwartz • February 28, 2020

Zero trust is not a product or a destination, but rather a journey requiring organizations to practice good security hygiene, continuous monitoring and detection, as well as rapid incident response backed by high levels of automation, says Shehzad Merchant, chief technology officer of Gigamon.

Incident & Breach Response

'Have We Been Compromised?'

Tom Field • February 28, 2020

At the core of cybersecurity, every leader has just one ultimate question: 'Have we been compromised?" And yet that remains the most difficult question to answer with certainty, says Ricardo Villadiego, CEO of Lumu Technologies.

Endpoint Security

Medical Device Cybersecurity: EU vs. U.S. Approaches

Marianne Kolbasuk McGee • February 28, 2020

In May, new medical device regulations, including cybersecurity requirements, will take effect in the European Union. How do they compare with requirements in the U.S.? Attorneys Kim Roberts and Adam Solander offer an analysis.

Fraud Management & Cybercrime

RSA 2020: Roundup of Key Themes

Nick Holland • February 28, 2020

This special edition of the ISMG Security Report focuses exclusively on the RSA 2020 conference. Featured are comments from former NSA Director Keith Alexander on "collective defense," plus a discussion on fighting payment fraud and a roundup of other important themes.

Identity & Access Management

Addressing IAM Pain Points and Security Gaps

Nick Holland • February 27, 2020

With countless devices and services all connected to each other without clear perimeters, verifying user identities and controlling their access to sensitive resources becomes more important than ever, but also far more difficult to achieve, says Hed Kovetz of Silverfort.

Governance & Risk Management

Israeli Marketing Company Exposes Contacts Database

Jeremy Kirk • February 27, 2020

An Israeli marketing company left the authentication credentials for a database online, exposing more than 140 GB worth of names, email addresses and phone numbers. The exposure was found by a U.S.-based security specialist who became frustrated after receiving unwanted marketing messages over SMS.

Cloud Security

Why The Cloud Is The New Network

Nick Holland • February 27, 2020

Barracuda Networks has released the findings of its latest survey on public cloud security. Fleming Shi, the company's chief technology officer, describes what is holding organizations back from fully embracing the public cloud.

Business Continuity Management / Disaster Recovery

Experts Warn: Targeted Ransomware Attacks to Surge

Akshaya Asokan • February 26, 2020

Targeted ransomware attacks against enterprises and government agencies are likely to surge in the coming months as "ransomware as a service" continues to evolve into a lucrative model for cybercriminals, security experts interviewed at RSA 2020 warn.

Analytics

The Ongoing Search for Indicators of Behavior

Tom Field • February 26, 2020

Indicators of compromise are important. But what if you could also detect patterns of behavior that tip you off before a crime? This is where Cybereason's Sam Curry is trying to shift the focus.

Security Operations

Mitigating Threats to Operational Technology

Tom Field • February 26, 2020

Digital convergence is driving a shift in the security landscape for operational technology. Fortinet's Jonathan Nguyen-Duy discusses the manifestations of this shift and how to address them.

Governance & Risk Management

Security and Privacy: Often Aligned, But Sometimes Not

Mathew J. Schwartz • February 26, 2020

Not so long ago, many were confused about how security and privacy differ, but that has been rapidly changing, thanks to regulations such as the European Union's General Data Protection Regulation and California's Consumer Privacy Act, says attorney James Shreve, a partner at Thompson Coburn LLP.