"Security should not be treated as a tick mark activity for compliance purposes," says CISO Sumeet Khokhani. He discusses how security requires understanding of the nature of business processes and how a risk-based, practical approach can help organizations focus on what matters most.
Two Senate leaders on Thursday introduced legislation that would form a working group charged with monitoring the security of AI data obtained by federal contractors. This body would also ensure that the data adequately protects national security and recognizes privacy rights, the lawmakers say.
As the risks to IT and OT converge, organizations must use "zero trust" to verify user identities and build effective monitoring capabilities to track the behavior of privileged users, say Kartik Shahani of Tenable and Rohan Vaidya of CyberArk.
According to a panel of experts, protecting the Active Directory, a rich target for increasing ransomware attacks, will require organizations to audit privileged accounts and endpoints with continuous monitoring and an identity governance approach.
The U.S. Department of Commerce this week announced the establishment of an artificial intelligence advisory committee set to counsel President Joe Biden and other federal agencies on issues ranging from privacy concerns to data security, along with global competition and inherent biases.
As the lines blur between identity and privilege, there is a growing set of solutions to secure the anytime, anywhere workforce. Archit Lohokare, CyberArk’s vice president of product management, discusses passwordless authentication, zero trust and other ways enterprises are modernizing identity and access.
The artificial intelligence systems used by image recognition tools, such as those that certain connected cars use to identify street signs, can be tricked to make an incorrect identification by a low-cost but effective attack using a camera, a projector and a PC, according to Purdue University researchers.
To help balance security and user convenience, organizations should offer centralized user access to applications, says Krishnamurthy Rajesh, head of IT and information security at ICRA, an India-based credit rating agency.
Artificial intelligence and machine learning can enhance data security by picking up threats in the network earlier, says John Lee, a managing director at the Global Resilience Federation, a nonprofit provider of threat intelligence.
A seemingly nonstop number of ransomware-wielding attackers have been granting tell-all media interviews. One perhaps inadvertent takeaway from these interviews is the extent to which - surprise - so many criminals use lies in an attempt to compel more victims to pay a ransom.