Keynotes and briefings at the recent 28th annual RSA Conference 2019 covered a wide range of topics, including privacy, hackers, cyber extortion, machine learning, artificial intelligence, human psychology, legal matters, career advice and internet-connected device concerns. Here are 15 highlights.
Traditional security processes and controls don't translate cleanly to containers, says Sabree Blackmon of Docker, who does not recommend treating containers as virtual machines to help maximize the benefits.
In addition to relying to heavily on anti-virus and anti-malware tools, small and midsize enterprises lack the resources or expertise to catch new and sophisticated forms of attacks, says Dell's Brett Hansen, who offers strategic insights.
Using artificial intelligence and machine learning in cybersecurity has pitfalls, says McAfee's Steve Grobman, who describes appropriate steps to take.
Vendor risk management must be a higher priority in all business sectors and must extend beyond security to include privacy, says Kabir Barday of OneTrust.
Alert fatigue is a major challenge, and the ability of SOC teams to be proactive is hamstrung by the fact that they spend a lot of their time in doing repetitive work, says Cody Cornell of Swimlane, who advocates broader use of orchestration and automation.
Taking a workflow-driven approach is critical to successfully embrace security automation, orchestration and response - or SOAR - technologies, says Dan Sarel of Demisto.
It's becoming increasing important to detect adversaries that have bypassed your security controls and moved laterally in your environment, says Carolyn Crandall of Attivo Networks, who describes the role deception can play.
Communication of cyber risks to executives using enterprise risk methodologies is imperative for improving incident prevention, according to Randy Trzeciak and Brett Tucker of Carnegie Mellon University, who offer tips.
The operational technology world is focused on two things: safety and reliability. But with increasing IT-OT integration, cybersecurity needs to be considered the third leg of the stool, says Phil Quade, CISO at Fortinet.
Many third-party risk programs address information technology but not operational technology, says Dawn Cappelli of Rockwell Automation, who discusses why OT security should be a priority.
Analyst turnover is a pervasive problem for the cybersecurity industry. Mike Armistead, CEO of Respond Software, sees robotic decision automation as a solution.
Because of the wealth of personal information available on the dark web, breach detection and remediation are more urgent than prevention and protection, says Nick Hayes of IntSights.
Email remains the top threat vector for organizations. And while the move to cloud-based solutions has significantly improved email security, environments such as Office365 have their own complexities that need to be addressed, says David Wagner, CEO of Zix Corp.
The advent of IoT devices and IT/operational technology integration have dramatically expanded the attack surface. And as a result, the definition of threat intelligence is changing, says Vishak Raman of Cisco.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.