Visibility, or a lack thereof, continues to challenge organizations as they attempt to protect their businesses by knowing which systems, applications and data they have, says AlgoSec's Jeffrey Starr. He discusses how centralized visibility, control and automation can help.
As organizations pursue digital transformation initiatives backed by new application deployment techniques, they must ensure that security, operations and development teams fully coordinate, says Marco Rottigni of Qualys.
The annual Infosecurity Europe conference this year returned to London. Here are visual highlights from the event, which featured over 240 sessions and more than 400 exhibitors, 19,500 attendees and keynotes covering data breaches, darknets, new regulations and more.
Given today's increasing IT complexity and scale, it's become imperative to break down the barriers between Security and IT groups and align them including their tools, processes, and skills around a common goal: delivering a fast and secure user experience while enabling business agility.
For CIOs and CISOs who...
Migrating from on-premises data security to the cloud and then embedding security in the application development process are common challenges for enterprises. Dan Fitzgerald, a CISO at the consultancy McKinsey & Co., shares insights on how to make these transitions.
Stories, practical experiences, anecdotes and a bit of humor about creating and managing cloud security programs and the journey to devsecops. This will be an interactive session.
The session will cover:
Key components of cloud security programs and the basics of devsecops
Real world challenges and practical...
When a healthcare provider develops its own applications that handle patient data, it must take critical steps to safeguard protected health information and ensure HIPAA compliance, says privacy attorney Adam Greene.
By adopting DevSecOps practices, security is finding itself adding significant value to organizations, helping them move faster and safer by working with development and operations teams. Yet according to the SANS 2018 survey, Secure DevOps: Fact or Fiction?, adoption is still in its infancy, and most organizations...
The practices of DevOps, Continuous Delivery and Agile have become common place for some time now among the development and operations teams in most organizations, and now they are surfacing in security teams. This change is rippling across the organization and breaking down silos for software delivery. Teams are...
System Administrators are no loner managing boxes sitting under their desks; Now, they're coding their infrastructure. The new digital users, enforced by the as-a-service business model, leave them facing critical challenges to manage and interconnect increasingly diverse systems, and to ensure scalability and...
The latest edition of the ISMG Security Report offers an in-depth look at the ever-changing ransomware threat. Other topics: filling the DevSecOps skills gap and the repercussions of Australia's encryption-busting law.
Many large organizations are app developers, and individuals are increasingly using apps to access computing resources. But the age-old problem of code not being reviewed for flaws at every stage of testing and production continues, warns Joseph Feiman of WhiteHat Security.