Plenty has been said about threats to internet of things devices - and rightfully so. But what about operational technology that often has been neglected by security controls? Mark Nunnikhoven of Trend Micro weighs in on OT risks.
For years, Dawn Cappelli studied and wrote about the insider threat. Then she went to Rockwell Automation and built an insider program. She discusses the program's success and her expanded role as vice president and CISO.
In an in-depth interview, Golok Simli, CTO at India's Union Ministry of External Affairs, sizes up the shortcomings of the Information Technology Act, 2000 and discusses the ongoing challenges involved in protecting privacy.
As corporate information silos fall, traditional approaches to governance, risk and compliance are giving way to the new category of integrated risk management solutions. Vivek Shivananda, CEO of Rsam, discusses the evolution.
Taking a threat-centric approach - trying to defend against every threat out there - is a recipe for failure in the current threat landscape, says RSA CTO Zulfikar Ramzan, who advocates a business-driven approach instead.
Thirty-four companies have signed on to the Microsoft-led Cybersecurity Tech Accord, which is aimed at protecting civilians from cybercriminal and state-sponsored attacks. The agreement crucially includes a pledge not to help governments with cyberattacks
It's a quandary: How does one convey the urgency of cybersecurity without falling into the trap of spreading fear, uncertainty and doubt? Diana Kelley, cybersecurity field CTO at Microsoft, shares strategies.
The U.S. and U.K. warned Monday that Russian hackers have compromised critical internet infrastructure with the aim of spying, extracting intellectual property and gaining footholds for future cyberattacks.
Cybercriminals are organized, well funded, and highly motivated. They are deploying advanced malware, leveraging cloud-based computing resources, and developing cutting edge tools to attack your organization's data.security defenses.
The proliferation of online devices accessing personal and financial information,...
Cloud providers have transformed from offering a fringe platform utilized by courageous companies on technology's leading edge into a cloud-first, standard, go-to approach for running all sorts of business-critical systems. According to IDC, nearly 50% of IT infrastructure spend will be on private/public clouds by...
At its core, HIPAA compliance is simply about maintaining patient privacy by ensuring the appropriate access to and use of patient data by your users. Electronic Health Record (EHR) solutions provide detail around when patient data is accessed, but without visibility into what users do with sensitive patient data...
Blockchain can be leveraged to help address certain security problems in millions of IoT devices, says Ratan Jyoti, CISO at Ujjivan Bank. In an interview, he describes the uses for blockchain he envisions.
Panera Bread appears to have failed to fix a customer data leak for more than eight months after getting a heads-up from an independent security researcher. Here's what others should learn from the bakery café chain's mistakes.
The GDPR regulation will be enforced beginning May 25, 2018 and for many organizations, the initial transition to GDPR compliance is likely to be a lengthy and challenging process that will require regular reevaluation based on continued reassessment of the risks.
The role of network security in preventing...