IT and OT security are more different than most realize. IT focuses on digital systems and data, and OT concerns itself with physical systems and their interconnectivity, said Dragos CEO Robert Lee. The stark differences between IT and OT security are laid bare around vulnerability patching.
Continued reliance on legacy VPNs hinders remote work performance and fails to provide users or organizations with zero trust security protection, said Netskope's Sanjay Beri. Companies often start by augmenting their VPNs to enable zero trust network access before moving to full replacement.
While the concept of zero trust has been around for years and has been adopted by the federal government, most small- and medium-sized businesses still don't know how to implement zero trust, said Chase Cunningham. But progress is being made - with a big focus on automation.
Cybersecurity professionals are stressed out, overworked, underpaid and working on short-staffed teams, said Candy Alexander, president of the ISSA International Board. She advised organizations to look for the right indicators of a good cybersecurity culture.
The University of Iowa Health Care is facing a proposed class action lawsuit from a patient who alleges that online tracking tools embedded into the medical center's websites secretly transmitted sensitive personal and health information to Facebook.
The U.S. Federal Trade Commission is seeking tougher sanctions for Facebook after determining that several gaps exist in the company's compliance with a 2020 consent decree mandating privacy improvements. The company will have 30 days to respond and could challenge tougher privacy rules in court.
The final steps in mortgage closing involve much paperwork in the presence of attorneys, title companies and loan officers. While technology is available to simplify a complex and error-prone process, resilience and trust actually make e-closing a trustworthy experience for consumers.
Critical infrastructure attacks during 2022 focused primarily on Eastern Europe and Ukraine given fears of reprisal from attacking the U.S., said Optiv CEO Kevin Lynch. The amount of OT security investment needed to defend against adversaries is bigger than what many organizations can handle today.
CISOs have gone from complaining that they don't get enough time and attention from the board of directors to presenting to the board every quarter, said Zscaler CEO Jay Chaudhry. Conversations with CIOs or boards tend to focus on what architectural changes can be made to reduce business risk.
Small and midsize businesses need proactive measures to ensure security just as much as any large organization. But challenges abound for SMBs as they struggle with a smaller staff and budget constraints, making them more vulnerable to cyberattacks, said SonicWall President and CEO Bob VanKirk.
The definition of insider threat seems to have evolved since the hybrid workforce became the norm. More organizations are now talking about the "compromised insider." Randall Trzeciak of Software Engineering Institute said that in the last three years, insider threats have changed to insider risks.
Divakar Prayaga, A.P. Moller - Maersk's director for security engineering, discusses the evolution of a CISO's role from a tech to a business partner, how it affects a firm's cybersecurity posture and how to get the best return on security technology investments amid challenging economic conditions.
As COVID-19 made remote work more prevalent, managing identity through both network and remote capabilities became a challenge for organizations. Zero trust is a big initiative for the Center for Internet Security, but applying zero trust principles to its infrastructure has not been easy.
As IT and OT systems converge with the adoption of Industry 4.0, the security risk to OT systems and IoT devices is high. To secure the enterprise, organizations need network segmentation tools to scan for malicious content across the OT environment, says Ivan Issac of OPSWAT.
Organizations with a security-by-design approach need to go beyond being reactive to a proactive, offensive strategy to strengthen their security posture, says Mrutyunjay Mahapatra, member board of directors and chairman of the audit committee at Reserve Bank Innovation Hub.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.