How does one begin to secure the digital transformation journey in two legacy enterprises? Kush Sharma, principal for Sharma and Company and former CISO for the city of Toronto, shares his experience and offers advice on investing in and integrating technologies.
Of all the areas under his direction - business continuity, GRC, data governance - third-party risk is the most challenging, says Peter Gregory, senior director of cyber GRC at GCI General Communications Inc. "Their breach is my breach," he says, offering mitigation advice.
Bobby Ford of Hewlett Packard Enterprise says that too often when an organization engages with security, it happens in an ad hoc way. He describes his mission to create a Cybersecurity Center of Excellence to streamline the organization's security incident management and response processes.
The threat landscape has grown, and the airlines industry in particular has been challenged. As a result, Rob Hornbuckle, CISO of Allegiant Airlines, sees his role differently: It's beyond security and about more than just the business. Where is the role going, and how does one grow with it?
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including improving federal agencies' cybersecurity and businesses recovering from the pandemic's impact.
Infection numbers are surging in the southern U.S., states and cities are enacting new mask mandates and the fall flu season looms as the great unknown. Sound familiar? COVID-19 is back with the highly contagious Delta variant. Pandemic expert Regina Phelps discusses what that means for business recovery.
Ransomware attacks have evolved over the years as attackers have come out with new strategies for digital extortion, says Chris Novak, global director of the Threat Research Advisory Center at Verizon Business Group. He shares insight from the Verizon 2021 Data Breach Investigations Report.
The Identity Theft Resource Center, a nationally recognized nonprofit organization established to support victims of identity crime, has published new research that shows nearly 30% of people who contact the ITRC are victims of more than one identity crime.
How can the security and HR organizations partner to foster a better, enterprisewide culture of security? This is what Steve Luczynski and Valerie Utsey did in previous roles, and they share insights from their presentation on the topic at RSA Conference 2021.
The COVID-19 pandemic created unique conditions for technology and surveillance practices to erode global privacy. In this discussion of their RSA Conference keynote, Niloo Howe and David Cole share their research, case studies and analysis.
Dr. Victoria Baines, a visiting research fellow at Oxford University in the U.K., is acclaimed as one of the country’s most influential women in cybersecurity. In this video interview, she describes potential future cyberthreats as criminals adapt to the changing cybersecurity landscape.
The surge of cyberattacks on the healthcare sector in the midst of the COVID-19 pandemic has accentuated many critical cybersecurity challenges that must be urgently addressed, says Joshua Corman of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency.
It's a young practice but, globally, cyber insurance is starting to exert its influence with some of the largest enterprises - and in some of the most notable cyberattacks. John Pescatore of SANS Institute discusses questions that cybersecurity leaders need to ask before acquiring new policies.
In the past six months alone, we've seen the SolarWinds attack, the Microsoft Exchange Server exploits and the Colonial Pipeline ransomware strike. The threats are more imminent than ever. But Philip Reitinger of the Global Cyber Alliance believes strongly: We created this mess, and we can fix it.
If anyone ever doubted the importance of thinking strategically about cybersecurity, laying the groundwork for expected future requirements, then the coronavirus pandemic will have made that clear, says Kerissa Varma, group CISO of Old Mutual Ltd., who offers lessons learned for being "truly resilient."