By 2025, the volume of data is projected to grow by a factor of 10. How can enterprises hope to identify and secure sensitive data at the speed of business? Stephen Cavey of Ground Labs shares insights.
Five years ago, rating the cybersecurity posture of organizations to help reduce risk and improve their security posture was a new idea. Since then, the concept has been expanded to include everything from threat management to cyber insurance premiums, says Sam Kassoumeh, COO of SecurityScorecard.
The healthcare sector has unique cybersecurity infrastructure threats as well as vulnerabilities. Dr. Abdul Rahman of Fidelis Cybersecurity describes it as a "terrain problem," and he recommends new strategies.
Successful CISOs distinguish themselves by the length of their tenure in the job, which in many cases depends on their ability to communicate with the board of directors and senior managers, says Mat Newfield, CISO of Unisys. And that involves much more than demanding additional money and people.
For a managed security service provider to deliver maximum value for customers, it needs to provide a hybrid approach that delivers not only actionable security information but also context, says Matt Peters of Expel.
Information security programs continue to rely not just on security policies, but also the controls that ensure they get enforced. Unfortunately, such controls begin degrading the moment they're put in place, sometimes rapidly, says Josh Mayfield, director of security strategy at Absolute Software.
To help ensure that their sensitive data cannot be exfiltrated, some organizations have adopted data diodes, which are hardware devices designed to provide a one-way link to stop exfiltration or block remote attackers, says Mike Timan of Owl Cyber Defense.