Some people run from change. Arun DeSouza of Nexteer Automotive runs toward it. "Now is my time," says the veteran chief information security and privacy officer, who shares his leadership and technology insights in this exclusive interview.
Does your organization have a plan in place if one of your employees is accused of being an insurrectionist? If your software was being used to spread plans for a riot, could you detect that? Threat modeling expert Adam Shostack discusses how companies should be prepared to respond to issues in the news.
Organizations in the APAC region are not immune to the impact of the SolarWinds supply chain hack, so it's essential that they reassess their risk management practices and audit their suppliers, two security experts stress.
When he co-founded the firm Beyond Identity in 2020, serial entrepreneur Jim Clark said he felt somewhat responsible for the proliferation of passwords. Now he and partner Tom Jermoluk are doing something about it. They are providing access to their passwordless technology for free. Clark explains why.
The SolarWinds supply chain compromise has raised questions over how to detect software that has been tainted during the vendor's development and build process. A concept called verified reproducible builds could help, says David Wheeler of the Linux Foundation.
When deploying automation in their security operations centers, organizations should start with "small and simple things," advises Nat Smith of Gartner, who also offers tips on retaining skilled SOC analysts.
The threat posed by software supply chain attacks is growing, but organizations can take steps to minimize the risks. Trey Herr of the Atlantic Council outlines ways to gain more insight into supply chain problems.
As the U.S. marks its first anniversary of fighting COVID-19, pandemic expert Regina Phelps says the next several, critical weeks come down to two vital words: vaccines and variants. "Those are going to determine our destiny for the long and foreseeable future," she says.
CISOs are playing an even more critical role as a result of the proliferation of supply chain attacks, a surge in the use of insecure IoT devices and other emerging risks, says Lt. Gen (retired) Rajesh Pant, national cybersecurity coordinator at the Prime Minister's Office for the Government of India.
To help mitigate supply chain risks, organizations should leverage web scraping tools, social media analytics tools and robotics to verify third-party providers, says Arpinder Singh of Ernst & Young.
In defining an IAM strategy for the cloud, CISOs need to automate the processes of provisioning, de-provisioning, monitoring and auditing as well as implementing federated access and API integration, says Rushdhi Mohammad, information security officer at the Industrial Bank of Kuwait.
Organizations with largely remote workforces must strengthen their dynamic authentication processes to enhance security, says Sridhar Sidhu, senior vice president and head of the information security services group at Wells Fargo.
Chris Kubic, former CISO of the National Security Agency, describes how deception technology can change the defensive landscape: "Where deception comes into play is for the unknown threats, the things that are either an attack you haven't seen before or the attacker evolved their technique."
The physical breach of the U.S. Capitol by a violent mob, members of which allegedly accessed lawmakers' systems and stole devices, offers cybersecurity professional lessons to learn on authentication, encryption and more, says cybersecurity expert Brian Honan.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.in, you agree to our use of cookies.