With application GRC more critical than ever in today's dynamic, dispersed environment, what are the critical capabilities needed in a solution? Keri Bowman of Saviynt offers six recommendations, including risk reporting and out-of-the-box rule sets and compliance management.
Unifying decision-making about privacy, security, ethics and governance poses a huge challenge from a regulatory and operational perspective, says OneTrust CEO Kabir Barday. OneTrust has created a network of 900 lawyers across 300 jurisdictions that feed intelligence into the company's platform.
In a surprise move, Britain's Information Commissioner's Office recently named names - lots of names - on the data breach front. The ICO has published detailed information about breaches of personal data, complaints and the civil investigations. Attorney Edward Machin explains the implications.
"Disruptive" is the operative word, and Atefeh "Atti" Riazi uses it to describe the impact digital transformation has had on how we live, work, learn and conduct commerce. Newly hired as CIO of Hearst, she opens up on AI and the power of disruptive technologies to drive new business outcomes.
Acronis plans to use $250 million raised in July to build out a global network of data centers so service providers can host data locally, CEO Patrick Pulvermueller says. Service providers looking to protect client data have to adhere to an ever-increasing set of compliance and governance rules.
Cloud vendors from Amazon, Microsoft and Google to IBM and Sumo Logic have turned to Sysdig's Falco open-source threat detection engine to secure their environments. Sysdig CEO Suresh Vasudevan says Falco has become the standard for threat detection in the industry.
With so many cybersecurity technologies and services available, how do organizations get started with evaluating the managed detection and response option that is right for them? Lyndon Brown of Pondurance weighs in on how to select the MDR provider that fits your needs best.
Malware analysis and sandboxing solutions traditionally have been bound to operating systems and file types, but file types in the critical infrastructure world are different. Critical infrastructure cannot rely on standard malware analysis tools given the unique operating systems used in the space.
CISO Mike Manrod of Grand Canyon Education is seeing very clever evasion tactics employed by initial access brokers who gain "an initial foothold into a network or into a set of infrastructure and then sell that foothold or get that foothold for an affiliated partner organization."
Expel raised $31 million less than a year after hauling in $140 million to fuel the MDR vendor's international expansion and provide a financial cushion. The company has doubled down on the United Kingdom, Ireland, Sweden and the Netherlands to take advantage of its existing customer base there.
In October, former Uber CSO Joe Sullivan was convicted of covering up a 2016 data breach. The trial likely marked the first time a chief security officer had faced criminal charges over incident response. Attorney Jonathan Armstrong says, "This trend is going to be difficult to put back in the box."
APIs increasingly drive everything from web and mobile application development to IoT devices since they streamline communication among disparate systems, says Synack CEO Jay Kaplan. But testing the efficacy and security of APIs remains challenging given the size of API endpoints.
In the latest weekly update, Troy Leach, chief strategy officer at Cloud Security Alliance, joins ISMG editors to discuss the latest innovation in the payments space and accompanying risks, as well as how the case of Sam Bankman-Fried's failed cryptocurrency exchange will affect regulatory actions.
From the cyberwar in Ukraine to ongoing ransomware threats and emerging global data regulations, 2022 has been a taxing year for CISOs. And they can expect more of the same in 2023, says Rodman Ramezanian of Skyhigh Security. He offers predictions and advice for the new year.
It's called the cybersecurity poverty line, and it distinguishes organizations as haves or have-nots - not just financially, but in terms of cybersecurity defenses. Cisco's Mike Storm discusses how to develop and leverage embedded security to rise above the line.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.