U.S. organizations were barely GDPR compliant in 2018, when California unveiled its own privacy legislation, the California Consumer Privacy Act, which goes into effect on Jan. 1, 2020. Yet, this is but one of several privacy laws being enacted across the U.S., and it poses many questions about the role of security to...
What does it take to securely migrate nearly all your systems and data onto the cloud, phase out your own on-premises data center, and build shared cyber risk responsibility with third-parties? That's a journey under way at health insurer Wellmark. The health insurer's vice president and CISO Thien La will describe...
At RSA Conference 2019 in San Francisco, Information Security Media Group's editorial team conducted more than 150 video interviews with industry thought leaders. Here are the highlights.
Strong business resilience metrics for measuring effectiveness, simpler networks and smaller tool sets are all needed to cope with the evolving threat landscape, says retired Major General Earl Matthews, senior vice president at Verodin.
Organizations need to go far beyond putting security software on mobile devices and develop a much broader mobile security strategy, says Michael Covington of Wandera.
Faced with the increasing sophistication and maturity of cyber threats, CISOs and security teams need to devise ways to better cope with the high-stress environment, says Webroot's Gary Hayslip,
The quality of authentication provided by behavioral biometrics is improving, says James Stickland, CEO of Veridium. Nevertheless, he says, "we haven't reached a maturity level where it is used as an explicit form of authentication, but it's certainly now deemed as an implicit form of authentication."
DDoS attacks are getting larger in size and shorter in duration at a time when multicloud environments, which lack a single point of monitoring, are becoming more common, says Ashley Stephenson, CEO of Corero Network Security, who offers risk management insights.
The CERT Insider Threat Center at Carnegie Mellon University is one of the world's leading authorities on detecting insider fraud, and it has just released Version 6 of its Best Practices to Mitigating Insider Threats.
As part of this research, the center addresses how to detect and prevent insider fraud, as well as...
Ex-black hat Alissa Knight recently joined Aite Group's new cybersecurity practice, and among her first tasks: a hard look at the security of major financial institutions' mobile banking apps. The results may surprise you.
Keynotes and briefings at the recent 28th annual RSA Conference 2019 covered a wide range of topics, including privacy, hackers, cyber extortion, machine learning, artificial intelligence, human psychology, legal matters, career advice and internet-connected device concerns. Here are 15 highlights.
Traditional security processes and controls don't translate cleanly to containers, says Sabree Blackmon of Docker, who does not recommend treating containers as virtual machines to help maximize the benefits.
In addition to relying to heavily on anti-virus and anti-malware tools, small and midsize enterprises lack the resources or expertise to catch new and sophisticated forms of attacks, says Dell's Brett Hansen, who offers strategic insights.
Using artificial intelligence and machine learning in cybersecurity has pitfalls, says McAfee's Steve Grobman, who describes appropriate steps to take.
Vendor risk management must be a higher priority in all business sectors and must extend beyond security to include privacy, says Kabir Barday of OneTrust.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.