As the head of DevSecOps at Intuit, Shannon Lietz tracks the real-world tactics, techniques and procedures hackers use against her organization. She's cataloged the top 10 application security attack techniques being used against Intuit, which differ markedly from the OWASP top 10.
Technology, regulations and customer expectations all have evolved, but what does this mean for how organizations secure identities?
This evolution has proven to be a two-sided coin, particularly for financial institutions. It's not only allowing financial institutions to offer new, innovative products where...
What can be done to address the shortage of personnel to fill the ever-expanding roster of cybersecurity jobs - from entry-level positions through the CISO role? (ISC)2's John McCumber describes organizational and governmental efforts to lower barriers to entry and build tomorrow's workforce.
For years, Dawn Cappelli studied and wrote about the insider threat. Then she went to Rockwell Automation and built an insider program. She discusses the program's success and her expanded role as vice president and CISO.
The average tenure of a CISO can be brief - especially in the wake of a breach. What should security leaders do from day one to get a good handle on the job? Joel de la Garza, CISO of Box, offers career advice.
Incident response is a critical pillar of an effective endpoint security program, one that will gain importance as GDPR enforcement comes into play on May 25. Organizations must be ready to react if and when an incident occurs in order to meet the stringent requirements that apply during an incident.
The U.S. Federal Government wants its agencies to modernize their IT systems, primarily by maximizing the use of cloud platforms. But IT teams are finding this transformation challenging. Investing in IT modernization can lead to more agility, improved resilience and security and, in the long term, better citizen...
"Digital transformation" is the theme of the year, but it comes with specific cybersecurity challenges - and they put a new burden squarely on the shoulders of the CISO, says Fortinet's Jonathan Nguyen-Duy.
We have been talking about the cybersecurity skills gap for a decade, but the pain is truly being felt now as businesses churn out new apps with insufficient security, says WhiteHat Security's Craig Hinkley. What is machine learning's role?
The high-profile breaches of Fortune 100 companies are the ones that get the headlines, but small and midsized businesses should not breathe any sighs of relief. They are very much still targets, says Austin Murphy of CrowdStrike. He offers cybersecurity advice to SMBs.
Download this thought-leadership whitepaper...
When it comes to building an effective cybersecurity team, it isn't just about acquiring the right technology and business skills, says LinkedIn CISO Cory Scott. It's also about obtaining the right people who have defined their own personal narrative.
One of the most important priorities for a CISO is having a place at the table with the board of executives, says John Petrie of NTT Security. "It's very helpful to have interaction with the board so when things like budgeting or things like how you're going to change your programming come up, they are attuned to what...