Asian organizations are beginning to look at extending digital identity beyond the traditional internal enterprise IAM stack to customer identity and access management, or CIAM, says Alex Laurie, senior vice president at ForgeRock.
The SolarWinds supply chain attack is another example of the damage that lateral movement by system intruders can cause. Tim Keeler of Remediant describes why detecting lateral movement is so challenging.
The Good Health Pass Collaborative is developing a road map for digital health passes that international travelers could use to prove they have been tested for COVID-19. Dakota Gruener, executive director of ID2020, which launched the project, describes the effort, including privacy-protection measures.
A company's Wi-Fi network is an ever-present target for attackers, and the range of risks, particularly in an era of pervasive IoT, continues to grow. Tracie Thompson of HackHunter says rogue access can be difficult to locate and remove.
The key to prioritizing which risk alerts require immediate action is knowing what your most valuable assets are, says Angelo G. Longo, U.S. information security officer for BetMGM, an online sports betting and gaming entertainment company.
Modern vehicles have been characterized as smartphones on wheels, but the analogy is reductive: They're more like rolling databases. Privacy expert Andrea Amico says data hygiene practices need to be applied to vehicles - just like any other connected system.
Financial institutions should go beyond transactional monitoring when analyzing fraudsters' behavioral patterns and look at communication as well, says Maheswari Kanniah, group chief regulatory and compliance officer at Kenanga Group, an investment bank in Malaysia.
Her title says "information security," but Radian CISO Donna Ross considers herself more of a security risk officer. It's an important distinction that drives her approach to technology, leadership and communicating with senior leadership.
Australia is increasingly emphasizing the importance of cybersecurity, both to enhance defenses and to create economic opportunities. Jed Horner of Standards Australia describes the role standards can play.
Flavio Aggio, CISO of the World Health Organization, has had a long career across many sectors. He understands supply chain risk, and he sees the SolarWinds hack as "resumption of a very old attack - in new packaging." He offers insights on mitigating this and other cybersecurity risks.
Glauco Sampaio comes from a technology background. But as CISO as well as privacy and fraud prevention officer at Cielo, a Brazilian payment card processor, he focuses on how to marry technology with business risk - and how to share his vision with business executives.
Banking institutions, cryptocurrency exchanges and other companies have begun implementing video-based identity verification. But deepfake technology can be used to circumvent these security checks, says Ilya Volovik, a researcher at Gemini Advisory.