Content by Michael Novinson

Profiles in Leadership: JT Jacoby

Michael Novinson  •  May 10, 2023

The International Rescue Committee has identified new processes and ways to safeguard information in the midst of rapid digital transformation, according to CISO JT Jacoby. The IRC went from having multi-factor authentication deployed on just 1,500 devices in November to more than 10,000 today.

Profiles in Leadership: Vlad Brodsky

Michael Novinson  •  May 10, 2023

OTC Markets Group in recent years has gone from having almost sector-specific cybersecurity regulations to highly robust ones, said CISO Vlad Brodsky. Since 2016, the New York-based financial market has been subject to stringent policies and procedures to ensure OTC's cybersecurity and resiliency.

It's OpenAI Season for Bug Hunting

Michael Novinson  •  May 9, 2023

As Bugcrowd helps OpenAI keep pace with the inevitable cybersecurity risks amid the massive popularity of its applications, the bug bounty firm's CEO discusses the unique elements of finding vulnerabilities in OpenAI, its impact and the journey so far.

Getting a Tighter Grip on Supply Chain Security Risk

Michael Novinson  •  May 7, 2023

Some of the most sophisticated cyberattacks are being targeted at third-party suppliers in an effort to affect their critical clients, said Ashan Willy, CEO of Proofpoint. But often client organizations affected by these attacks do not even realize a key supplier has been hit, he said.

Protecting Yourself Against App-Based Malware Attacks

Michael Novinson  •  May 7, 2023

The fundamentals of protecting against application-based malware attacks are no different from infrastructure-based attacks, and it is all about having threat intelligence, context and the capability to really understand these applications, said Mariano Nunez, co-founder and CEO at Onapsis.

Why App Security Should Shift Everywhere, Not Just Left

Michael Novinson  •  May 7, 2023

Organizations are faced with the security challenges presented by the combination of custom and open-source code. Sandeep Johri, CEO of Checkmarx, suggests treating all open-source code as an unknown source and conducting security checks using software composition analysis to identify vulnerabilities.

How to Protect Data as Cloud Migration Accelerates

Michael Novinson  •  May 7, 2023

Organizations face three major challenges in safeguarding data, said Gee Rittenhouse, CEO of Skyhigh Security. The first is determining where data is located. The second is knowing who had access to the data and what they are doing with it. The third is determining the level of risk exposure.

Unpacking the Booming Business of Cybercrime

Michael Novinson  •  May 7, 2023

Cybercrime has evolved over the decades, and criminals are running entities that function exactly like legitimate organizations. The high-revenue industry is growing, and those running it continue to improve at doing their jobs, said Jon Clay, vice president of threat intelligence at Trend Micro.

Evolving Threats and Shifting Priorities in Healthcare

Michael Novinson  •  May 7, 2023

As the cyberthreat and regulatory landscapes are evolving, so too are the data security and privacy priorities of healthcare sector entities, said Taylor Lehmann, director, Office of the CISO, Google Cloud, who explains how organizations can respond to the challenges.

Using Generative AI Tools to More Effectively Clean Up Data

Michael Novinson  •  May 7, 2023

Artificial intelligence can solve really old problems around data wrangling and data protection that are essential to many security investigations, said Norwest Ventures' Rama Sekhar. The VC firm is looking at emerging companies that use large language models to automatically clean up data.

Robust Identity Protection Isn't Just for Employees Anymore

Michael Novinson  •  May 4, 2023

Organizations must extend identity protection beyond employees to safeguard contractors, supply chain partners, software bots and intelligent devices, said SailPoint CEO Mark McClain. Businesses struggle to keep up with what applications or data non-employee or non-human identities need access to.

How Cybersecurity Startups Can Weather the Economic Storm

Michael Novinson  •  May 4, 2023

Companies have taken a hatchet to their "innovation budget" amid economic headwinds, making it difficult for startups to hit their sales projections, said Momentum Cyber's Dino Boukouris. Long sales cycles for early-stage startups have resulted in them burning through cash faster than anticipated.

Why Vendor Consolidation Reduces Costs and Boosts Security

Michael Novinson  •  May 4, 2023

Complexity has made it tough for organizations to be secure and efficient, which is driving many customers to look at vendor consolidation, said Palo Alto Networks President BJ Jenkins. Organizations that deploy a lot of point solutions are stuck finding a way to make all the products work together.

Why Thoma Bravo Plans to Triple Down on Identity Protection

Michael Novinson  •  May 4, 2023

Thoma Bravo has agreed to spend $12 billion on three high-profile identity acquisitions to help with the transition from on-premises licenses to cloud-based subscriptions. Vendors in the space must expand their customer success organization and shift incentives for the salesforce, said Chip Virnig.

The Hottest Security Technologies for Early-Stage Startups

Michael Novinson  •  May 4, 2023

Organizations looking to adopt zero trust architectures are increasing pursuing service mesh rather than microsegmentation due to new innovations, said Ballistic Ventures General Partner Barmak Meftah. Microsegmentation excels at limiting the attack surface but comes with major overhead expense.