Banks' boards of directors need to understand the implications of cybersecurity in terms of the overall risk structure, says Bhaskar Pramanik, a board member at State Bank of India and former chairman of Microsoft India.
What are three burning questions regarding legal and compliance issues that enterprise security leaders should ponder as they head into 2019? Ed Amoroso, former CISO of AT&T and current CEO of TAG Cyber, outlines the questions and possible answers.
How does an organization measure cybersecurity success? For too many, it's simply the absence of a breach. But Diwakar Dayal of Tenable proposes ways to measure a cybersecurity posture, benchmark it against peers and use the metrics to create a report card and reduce cyber risk.
Enforcement of the European Union's General Data Protection Regulation began May 25. What has happened since then? And how has the privacy dialogue evolved in the U.S.? Attorney Jay Kramer shares insights on how organizations are now approaching privacy.
Hampered by insufficient tools and skills, many organizations are now investing in managed detection and response solutions. What questions should they ask when selecting a partner? Sharda Tickoo of Trend Micro shares insights.
The healthcare sector is making progress in moving from a reactive to a proactive approach to cybersecurity as it learns lessons from other sectors, including financial services, says Greg Garcia, executive director for cybersecurity at the Healthcare and Public Health Sector Coordinating Council.
Testing an incident response plan for use when a vendor has a security incident is an essential component of risk management, says Phil Curran, CISO at Cooper University Health Care.
Common data security mistakes made by many organizations including having a static security plan that doesn't evolve, focusing solely on compliance and not testing incident response plans, says Monique Kunkel of NTT Data Services.
Why is ramping up vendor risk management such a critical component of compliance with the EU's General Data Protection Regulation? Attorney Steven Teppler provides insights.
"Smart cities" projects face huge cybersecurity challenges as they adopt advanced technologies, including IoT systems, says Adnan Baykal of the Global Cyber Alliance.
Tabletop exercises are a critical way to make sure an organization's incident response plan is effective and everyone knows their roles, says Ronald Raether of the law firm Troutman Sanders.
DDoS attacks against healthcare organizations have increased not only in size and scale, but especially in complexity, says Tom Bienkowski of Netscout Arbor. How can enterprises build upon their traditional DDoS defenses?
Organizations in all sectors struggle with mitigating the insider threat, but it's an acute concern in healthcare, where patients' lives are at stake. Pete Nourse of Veriato outlines specific threats to this sector.
The latest version of the NIST Cybersecurity Framework - Version 1.1 - includes more information on supply chain risk management, authentication, authorization, identity proofing and self-assessing cybersecurity risk management, says Matthew Barrett of the National Institute of Standards and Technology.
Cryptocurrency offers both immediacy and anonymity - traits that are attractive to threat actors looking to exploit organizations via ransomware or cryptomining. Laurence Pitt of Juniper Networks discusses why healthcare entities are uniquely vulnerable.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.
