More organizations are deploying single sign-on mechanisms when they move to software-as-a-service applications to help enhance authentication and control access, says Moshe Ferber, chairman of the Israeli chapter of the Cloud Security Alliance.
The cloud - at one point it was a revolution in the workplace. But the
cloud is no longer a trend or a movement. It's now so integrated into
IT and infrastructures that, for many companies, it's simply another part
of the business.
And the changes don't stop there - critical
infrastructures, applications, and...
Visibility, or a lack thereof, continues to challenge organizations as they attempt to protect their businesses by knowing which systems, applications and data they have, says AlgoSec's Jeffrey Starr. He discusses how centralized visibility, control and automation can help.
Digital transformation impacts the way that organizations deal with cybersecurity risk, says Tim Wilkinson of Avast Business, who provides advice on how to place security at the center of the transformation.
Many organizations struggle to understand what cloud assets they actually have. Sam Curcuruto of Expanse explains the role cloud governance plays in gaining better clarity and control.
Britain's biggest businesses continue to inappropriately expose servers and services to the internet, putting the organizations and data at risk, according to a study by Rapid7. Tod Beardsley describes the findings, including a widespread lack of phishing defenses as well as cloud misconfigurations.
Given today's increasing IT complexity and scale, it's become imperative to break down the barriers between Security and IT groups and align them including their tools, processes, and skills around a common goal: delivering a fast and secure user experience while enabling business agility.
For CIOs and CISOs who...
A security researcher found an unsecured database belonging to the Shanghai Jiao Tong University in China that contained 8.4 TB of email metadata. While it's not clear if anyone accessed the data, an attacker could have seen all email being sent or received by a specific person.
Migrating from on-premises data security to the cloud and then embedding security in the application development process are common challenges for enterprises. Dan Fitzgerald, a CISO at the consultancy McKinsey & Co., shares insights on how to make these transitions.
Healthcare organizations need to take bold steps to help ensure that their cloud services providers are effectively protecting patient data. That's the advice of John Houston, CISO of UPMC, and Ira "Gus" Hunt, a security specialist at the consultancy Accenture Federal Services.
Newly discovered microarchitectural data sampling flaws in Intel processors - collectively dubbed "ZombieLoad" - could be exploited to steal private data from PCs and servers, including shared cloud environments. Intel, Microsoft, Apple and others have begun to ship patches designed to help mitigate the problems.
While cloud computing offers many advantages, a major disadvantage has been security, because data physically resides with the cloud service provider (CSP) and out of the direct control of the owner of the data. For enterprises that elect to use encryption to protect their data, securing their encryption keys is of...
Attackers exploiting a buffer overflow in WhatsApp's signaling software to automatically infect devices with malware - without users even having to answer their phone - and then alter call logs to hide attack traces is "a bit of a nightmare scenario," says cybersecurity expert Alan Woodward.
Stories, practical experiences, anecdotes and a bit of humor about creating and managing cloud security programs and the journey to devsecops. This will be an interactive session.
The session will cover:
Key components of cloud security programs and the basics of devsecops
Real world challenges and practical...
With IT environments more complex and dynamic than ever, micro-segmentation is the clear choice for isolating communication flows and hardening your security posture. The right provider should help you accurately visualise and map all of your application flows and dependencies and then enable micro-segmentation...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
