CISOs must focus on the business value they're providing, not the technical details of their work, when interacting with the C-suite and board. Don’t focus too narrowly on security risks and technical requirements and miss what the business wants to achieve, says David Nolan, CISO, The Aaron’s Co.
In 2021, U.S. mergers and acquisitions shot up 55%. In 2022, that percentage is set to climb even higher. The wave of post-COVID M&A demands that cybersecurity leaders improve their efficacy. Ben Murphy of Truist shares insight on where, when and how cybersecurity needs to influence the M&A agenda.
It has never been more vital to secure your supply chain, with governments also recognizing the urgency by increasingly calling for Software Bills of Materials (SBOMs) and the implementation of effective third-party security risk management (TPRSM) to stem the surge in ransomware and other cyberattacks.
It’s not...
Software as a service - it's the new shadow IT, says Phyllis Woodruff of Global Payments. And it highlights the new challenges arising for security leaders overseeing their organizations' cloud migrations. She discusses how to make cloud "bulletproof" for business teams.
Successful organizations create experience parity that results in engaged employees, which leads to innovation and satisfied customers. This video will detail how experience parity can lead to better employee retention and acquisition, stronger collaboration, and more efficient results for hybrid workplaces.
Detection tools can potentially overwhelm security operation center analysts with alerts, many of which are false positives, leading to ticket fatigue and missed attacks. Splunk's Jesse Trucks shares how the latest risk-based alerting technology helps SOCs focus on the threats that really matter.
In the latest weekly update, ISMG editors discuss the implications of the former Uber CSO's guilty verdict for the rest of the industry, the growing problem of keyless car theft, and the latest progress toward a passwordless future revealed at the annual FIDO Alliance conference.
If remote access to corporate networks is only as secure as the weakest link, only some dreadfully weak passwords now stand between hackers and many organizations' most sensitive data, according to new research from Rapid7 into the two most widely used remote access protocols - SSH and RDP.
The latest edition of the ISMG Security Report discusses how Russian-speaking ransomware gangs have their eyes on a new target, offers the latest on Australia's data security reckoning and the government’s response, and outlines emerging trends in customer identity and access management.
Certificate heavyweight DigiCert has landed Zscaler second-in-command Amit Sinha as its new leader and tasked him with boosting trust around connected device and user authentication. DigiCert brought in Sinha following a 12-year stint at Zscaler, where he became company president and a board member.
The threats come at a scale that no enterprise has seen before, and it is harder to recruit and retain staff to detect and respond. Yet, how can business leaders determine if an MSP is capable of adapting as their organization's security needs change? WatchGuard's Corey Nachreiner shares advice.
Many banks and credit unions approach IT and cybersecurity issues strictly as technical problems and increase their spend year-over-year on information security programs and technology. Since many financial institutions view these issues through a technical lens, their solution almost always entails buying more...
The convergence of networking and security in the cloud, described as secure access service edge (SASE), is a nascent market that already has the attention of IT operations teams looking to adapt their networking and security architectures to better serve the needs of digitally transformed enterprises.
This...
In this episode of "Cybersecurity Unplugged," as the use of Kubernetes and cloud containers over traditional forms of storage continues to increase, Nikki Robinson of IBM discusses the benefits of breaking down "complicated environments into something that's tangible and easy to manage."
Count Log4Shell among Chinese hackers' favorite vulnerabilities, federal agencies say in a compilation of top exploits used by Beijing for state-sponsored cyber theft and espionage. Chinese state-sponsored hacking remains "one of the largest and most dynamic threats," warn the FBI, NSA and CISA.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.