Keynotes and briefings at the recent 28th annual RSA Conference 2019 covered a wide range of topics, including privacy, hackers, cyber extortion, machine learning, artificial intelligence, human psychology, legal matters, career advice and internet-connected device concerns. Here are 15 highlights.
Traditional security processes and controls don't translate cleanly to containers, says Sabree Blackmon of Docker, who does not recommend treating containers as virtual machines to help maximize the benefits.
To help prevent breaches involving telehealth, it's critical that only the minimum amount of patient data be shared when delivering remote healthcare services, says Scott Anderson, CTO at Conversa Health.
Two third-party Facebook application developers exposed users' personal information by leaving the data exposed without a password in unsecured Amazon Web Services S3 buckets, researchers from UpGuard say. One data set contained 540 million unsecured records, the report found.
The FBI is largely failing to notify cybercrime victims of their rights in a timely manner following a "cyber intrusion," a new report from the U.S. Justice Department's inspector general finds. At times, small errors, such as typographical mistakes, can cause long delays in the notification process.
Several industry groups have offered suggestions - ranging from better cyber information sharing to new regulatory "safe harbors" for entities complying with best practices - in response to Sen. Mark Warner's recent request seeking ideas for improving healthcare sector cybersecurity.
An "Asian female" has been arrested for attempting to access President Donald Trump's Mar-a-Lago club while he was staying there, claiming she wanted to use the pool. Prosecutors say the apparent Chinese national was carrying a USB thumb drive containing "malicious software" - and had no swimsuit.
How can an enterprise without a traditional perimeter understand and defend against orchestrated attacks designed to evade detection? JP Blaho of NETSCOUT Arbor offers insights on how to gain visibility.
In addition to relying to heavily on anti-virus and anti-malware tools, small and midsize enterprises lack the resources or expertise to catch new and sophisticated forms of attacks, says Dell's Brett Hansen, who offers strategic insights.
How do machine learning, threat intelligence and advanced analytics blend together to form agile and accurate fraud prevention? Avner Gideoni of IBM Security's Trusteer division explains the concept of "laser-cut fraud prevention."
Alert fatigue is a major challenge, and the ability of SOC teams to be proactive is hamstrung by the fact that they spend a lot of their time in doing repetitive work, says Cody Cornell of Swimlane, who advocates broader use of orchestration and automation.