Although cybersecurity plans sometimes clash with business goals, the role of security should be to enable the business and not necessarily lock everything down, says Andrew Woodward of Australia's Edith Cowan University.
Achieving built-in, rather than bolted-on security at the DevOps stage through transparent orchestration is the new mantra for building resilient systems and software, says Sumedh Thakar of Qualys.
The Cobalt cybercrime group is targeting as many banks as possible, which poses risks particularly for smaller, less protected institutions, says Tim Bobak, APAC executive director for Group-IB.
Cybercrime investigators will face increasing difficulties if bad actors begin accepting more privacy-centric cryptocurrencies rather than bitcoin, says Andrei Barysevich of Recorded Future.
There's a rush to cloud services, and that can offer security benefits. But it can be difficult to keep track of data and classify it in the cloud, says Neil Campbell of Telstra, a telecommunications company.
Artificial intelligence has the potential to filter out much of the noise that can bog down teams trying to triage security alerts, says Bryce Boland, former CTO for FireEye in Asia-Pacific.
Deterring nation-states such as Russia and North Korea from executing cyberattacks will require sanctions and other pressure, says Fergus Hanson of the Australian Strategic Policy Institute.
Securing the public cloud is not as challenging as it used to be, but too many organizations are still taking the wrong approach, says Microsoft's Jonathan Trull. Understanding the shared responsibility model for security is critical, he says.
Even though many organizations believe that supply chain cyber risk is a serious problem, very few organizations are vetting their suppliers, says CrowdStrike's Michael Sentonas.
Security silos persist because stakeholders within the enterprise security ecosystem are focused on their own key performance indicators, says Abdallah Zabian of DXC Technology, who suggests a more holistic approach is needed.
The EU's General Data Protection Regulation has significantly raised privacy awareness worldwide in the brief time that it's been in force, says Rob Hinson of OneTrust. Organizations are revamping both internal and external privacy programs to meet the minimum global standard, he says.
Are cyberattackers working on ways to counter artificial intelligence-augmented security? And will the bad guys ever use AI-driven attacks? Adi Ashkenazy of XM Cyber offers an analysis.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.
