Too many organizations continue to approach security with a "perimeter defense" mindset despite enterprise networks long having moved past on-premises data centers to myriad cloud services, says Ajay Arora of Vera Security.
Verifications.io, a self-described "big data email verification platform," has suffered a massive breach. Security researcher Bob Diachenko said he discovered the site was exposing 763 million records.
By 2025, the volume of data is projected to grow by a factor of 10. How can enterprises hope to identify and secure sensitive data at the speed of business? Stephen Cavey of Ground Labs shares insights.
Five years ago, rating the cybersecurity posture of organizations to help reduce risk and improve their security posture was a new idea. Since then, the concept has been expanded to include everything from threat management to cyber insurance premiums, says Sam Kassoumeh, COO of SecurityScorecard.
Successful CISOs distinguish themselves by the length of their tenure in the job, which in many cases depends on their ability to communicate with the board of directors and senior managers, says Mat Newfield, CISO of Unisys. And that involves much more than demanding additional money and people.
For a managed security service provider to deliver maximum value for customers, it needs to provide a hybrid approach that delivers not only actionable security information but also context, says Matt Peters of Expel.
Information security programs continue to rely not just on security policies, but also the controls that ensure they get enforced. Unfortunately, such controls begin degrading the moment they're put in place, sometimes rapidly, says Josh Mayfield, director of security strategy at Absolute Software.