Privacy regulations, user satisfaction concerns and the need to prevent data breaches are driving more organizations that must authenticate users to find "a better way of ensuring that people are who they are when they are accessing critical information," says Tony Smales, CEO of Forticode.
As the European Union's General Data Protection Regulation enforcement date approaches, organizations are working to address challenges, including changing the broadly accepted definition of what constitutes personally identifiable information, says Rashmi Knowles of RSA.
Cybersecurity and fraud prevention functions need to start working more closely together to share and leverage cross-functional knowledge that can help improve security, says Michael Thelander of iovation.
What's it like to be the CISO of a security company? Mike Convertino of F5 Networks says if a CISO uses the company's products, he or she can provide valuable feedback for product development.
The biggest challenge with securing massive enterprise resource planning platforms is that organizations are unclear about who is responsible for ERP security, says Alexander Polyakov of ERPScan.
Security still remains an afterthought when many organizations are adding new technologies to provide a differentiated customer experience, says Anna Convery of Radware, who recommends a change in approach.
In the new borderless, cloud-first paradigm that organizations find themselves in, a robust identity mechanism provides the best context for securing access, says Dustin Maxey of Ping Identity.
As attackers get increasingly sophisticated in reverse-engineering applications, it is imperative that enterprises secure trusted applications that are reaching back into the datacenter from beyond the perimeter, says Rusty Carter of Arxan Technologies.
Over 55 percent of people will reuse passwords despite acknowledging the risks, says Amber Steel of LastPass. In the enterprise context, this bad behavior needs to be addressed without burdening employees with policies which could impact productivity, she says.
What matters most, right now, to the information security community? At RSA 2018, RSA's president said WannaCry was a wakeup call for vulnerability and risk management. Other experts see artificial intelligence, machine learning and secure coding as hot trends.
Hackers are going to breach a network, bypassing firewalls and other network defenses. So the focus must be on what happens next, says Mukesh Gupta of Illumio, who describes how micro-segmentation can help contain breaches.
Organizations that procure cybersecurity services are increasingly looking not just for private cloud-based approaches, but products that operate from public cloud environments, says Larry Hurtado, CEO of Digital Defense.
With roughly one month to go before the May 25 enforcement date, what do organizations still misunderstand about the EU's General Data Protection Regulation? John McLeod of AlienVault shares his insights on GDPR.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
