An enterprise's cross-functional groups responsible for the business growth and brand reputation should be held equally accountable for cybersecurity. That's the view of a CISO and a CTO who participated in a fireside chat at ISMG's recent Virtual Cybersecurity Summit.
Based on the threats and tactics unleashed in 2020, cybersecurity promises to be a top-of-mind business risk for the next president to manage. Bill Swearingen of IronNet Cybersecurity reflects on a virtual roundtable discussion about what to expect over the next four years.
India's urban cooperative banks need to take a holistic approach to build a security governance structure, opt for an ASP services model and map their business-critical risks to comply with the RBI's security posture guidelines, according to a panel of experts.
Glen Hymers, CISO and head of data protection at the U.K.-based charity Save the Children International, says adapting to a cloud-first environment requires extensive security measures, including automated monitoring.
Adopting a "security by design" approach and weaving it into the digital transformation road map helps organizations defend against cyberthreats, says Reem AlShammari, CISO at Kuwait Oil Co., who also advocates threat information sharing.
IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins. New guidance helps address how to reduce the risk of potentially vulnerable components in connected devices.
An IAM strategy for remote workforces should ensure that key stakeholders are aligned in listing key applications, infrastructure is mapped and risk- and role-based authentication for measuring user risk profiles are applied, says UAE-based Mustapha Huneyd, director of customer security at Ericsson.
The market for IT vendor risk management tools includes products and services that automate processes in the vendor risk management life cycle.
CyberGRX has received the highest score for the second year in a row from Gartner for their VRM Solution with rich assessment data.
Don't just take our word for it, read...
As the healthcare sector prepares for the distribution of COVID-19 vaccines, intensifying the attention to supply chain cybersecurity is critical, says Michael McNeil, senior vice president and CISO of McKesson Corp., which distributes pharmaceuticals and medical supplies.
Attackers have been actively exploiting a flaw in Rackspace's hosted email service to send phishing emails, bearing legitimate and validated domain names, as part of business email compromise scams, warns IT security testing consultancy 7 Elements. Rackspace tells customers it plans to fix the problem soon.
Payments companies must secure their APIs and enhance their authentication standards in line with The Reserve Bank of India's guidelines to make QR codes interoperable and boost the electronic payments ecosystem.
Newly updated Food and Drug Administration guidelines will help experts to more accurately score and communicate the criticality of security vulnerabilities identified in medical devices, says Elad Luz, head of security research at CyberMDX.
In some respects, government agencies enter the cybersecurity arena with one hand
already tied behind their backs. It's accepted: They are under great public scrutiny in terms
of their financial spending. They are challenged to recruit and retain qualified staff. And yet
they are still a favored target of...