In the face of a growing attack surface, the architecture and technology of traditional SIEMs keeps them from meeting the needs of modern enterprises. Firms can address these gaps with data protection, threat content as a service, and peer-to-peer collaboration, said Securonix CEO Nayaki Nayyar.
Many of the cyber-related questionnaires that organizations ask their third parties to complete "are too broad" and not properly focused on questions related to the services or products being offered by that vendor, said Cassie Crossley, vice president of supply chain at Schneider Electric.
A key problem in organizations is that security and development are treated as two disparate processes instead of part of the same system. Executives deal with security issues after the fact and don't make it part of the development pipeline, said Nick Durkin, field CTO at Harness.
The role of a CISO in an organization is continuously evolving, more so after the COVID-induced digital transformation boom - and not in isolation. Protecting businesses is more than just putting the technology pieces together, said Arvin Bansal, CISO of Nissan Americas.
Data breaches are often the result of hackers exploiting bugs in third-party service providers to make their way to larger organizations. Rishi Rajpal, vice president of global security at Concentrix, discussed how to pick the right partners and mutually benefit from each other's services.
The challenges in building a privacy program to comply with laws and regulations across multiple jurisdictions and verticals are numerous, especially since much has changed in the past decade, said Nishant Bhajaria, director of privacy engineering, architecture and analytics at Uber One.
A startup cybersecurity strategy should be akin to a Russian doll: It should be built to preserve core elements of business. In most cases, this is a product offering, which needs to be secure, said Venkat Ranga, vice president of business information systems and head of IT at Aryaka Networks.
With the growing dominance of AI and concerns over its responsible use, is it time to move toward AI ethics by design? Sameer Ahirrao, founder of Ardent Privacy, shared how privacy and regulatory verticals should - and will - shape the future of AI.
Privacy protections must be important considerations throughout the life cycle and in all touchpoints involving customer data collected and used by financial institutions such as Equitas Small Finance Bank, says Venugopal Parameswara, the institution's CISO.
The final steps in mortgage closing involve much paperwork in the presence of attorneys, title companies and loan officers. While technology is available to simplify a complex and error-prone process, resilience and trust actually make e-closing a trustworthy experience for consumers.
Divakar Prayaga, A.P. Moller - Maersk's director for security engineering, discusses the evolution of a CISO's role from a tech to a business partner, how it affects a firm's cybersecurity posture and how to get the best return on security technology investments amid challenging economic conditions.
The guilty verdict against Joe Sullivan, former chief security officer of Uber, has generated much discussion about CISO accountability for disclosures of breaches. How should CISOs be preparing to deal with this responsibility? Kirsten Davies, CISO at Unilever, said communication is crucial.
The threat posed by cybercriminals and fraudsters creates shared risks across the financial services industry including fintech companies. But fintech firms can balance rapid innovation with security and work with each other and governments to repel attackers, said Razorpay CISO Hilal Lone.
Cybersecurity is "a full-time task" that requires a lot of discipline, says Ajay Sabhlok, CIO and chief digital officer at Rubrik. He discusses tips for increasing your company's cyber maturity, ideas about how CIOs and CISOs can align, and advice on what not to do, such as pay a ransom.
As ransomware attacks continue to pummel organizations, Rapid7 Chief Scientist Raj Samani says victims must identify how the attacker broke in and if they've given themselves persistent ways to regain access. Otherwise, he says, "They'll hit you again and again."