Forrester senior analyst Tope Olufon discusses how CISOs face the challenge of shadow IT with generative AI. CISOs need to approach AI as they would any other technology, he says. "Create a threat model, not just based on best practices, but for your organization, and then build security for that."
Even though the EU's General Data Protection Regulation has been in effect for more than a year, it's no privacy panacea, says (TL)2 Security founder Thom Langford. While GDPR has reframed the global privacy discussion, room for improvement remains, he explains in this interview.
The early days of email attacks - so much noise in the form of malware, spam and links - have given way to attacks that often rely on little more than words, and email gateways often struggle to arrest social engineering ploys, says Michael Flouton of Barracuda Networks.
Bad news for anyone who might have hoped that the data breach problem was getting better. "Anecdotally, it just feels like we're seeing a massive increase recently," says Troy Hunt, the creator of the free "Have I Been Pwned?" breach-notification service. Unfortunately, he says, the problem is likely to worsen.
Visibility, or a lack thereof, continues to challenge organizations as they attempt to protect their businesses by knowing which systems, applications and data they have, says AlgoSec's Jeffrey Starr. He discusses how centralized visibility, control and automation can help.
As organizations pursue digital transformation initiatives backed by new application deployment techniques, they must ensure that security, operations and development teams fully coordinate, says Marco Rottigni of Qualys.
Dan Woods, vice president of the Shape Intelligence Center at Shape Security, outlines what enterprises can do to protect themselves against automated attacks.
Data breaches, incident response and complying with the burgeoning number of regulations that have an information security impact were among the top themes at this year's Infosecurity Europe conference in London. Here are 10 of the top takeaways from the conference's keynote sessions.
A top cybersecurity imperative for organizations is to "take proactive mitigation before an event even occurs" by tracking attack trends and mitigating against emerging types of attacks, says Akamai's Jay Coley.
The threat landscape continues to evolve, says Chester Wisniewski of Sophos. "The more professional, the more skilled criminals out there are moving, seemingly, away from this 'spray and pray' mass exploitation approach and getting more targeted. It's what I call a blended threat."
In today's highly connected, cloud-based environment, application security is more critical than ever, says Jeff Williams, co-founder and CTO of Contrast Security, who explains why.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cio.inc, you agree to our use of cookies.