The SolarWinds supply chain attack is another example of the damage that lateral movement by system intruders can cause. Tim Keeler of Remediant describes why detecting lateral movement is so challenging.
The Good Health Pass Collaborative is developing a road map for digital health passes that international travelers could use to prove they have been tested for COVID-19. Dakota Gruener, executive director of ID2020, which launched the project, describes the effort, including privacy-protection measures.
A company's Wi-Fi network is an ever-present target for attackers, and the range of risks, particularly in an era of pervasive IoT, continues to grow. Tracie Thompson of HackHunter says rogue access can be difficult to locate and remove.
The key to prioritizing which risk alerts require immediate action is knowing what your most valuable assets are, says Angelo G. Longo, U.S. information security officer for BetMGM, an online sports betting and gaming entertainment company.
Modern vehicles have been characterized as smartphones on wheels, but the analogy is reductive: They're more like rolling databases. Privacy expert Andrea Amico says data hygiene practices need to be applied to vehicles - just like any other connected system.
Her title says "information security," but Radian CISO Donna Ross considers herself more of a security risk officer. It's an important distinction that drives her approach to technology, leadership and communicating with senior leadership.
Flavio Aggio, CISO of the World Health Organization, has had a long career across many sectors. He understands supply chain risk, and he sees the SolarWinds hack as "resumption of a very old attack - in new packaging." He offers insights on mitigating this and other cybersecurity risks.
Glauco Sampaio comes from a technology background. But as CISO as well as privacy and fraud prevention officer at Cielo, a Brazilian payment card processor, he focuses on how to marry technology with business risk - and how to share his vision with business executives.
Banking institutions, cryptocurrency exchanges and other companies have begun implementing video-based identity verification. But deepfake technology can be used to circumvent these security checks, says Ilya Volovik, a researcher at Gemini Advisory.
In the wake of COVID-19-accelerated transformation and the SolarWinds hack, the importance of understanding your organization's digital exposure is more critical than ever. In this latest Cybersecurity Leadership panel, CEOs and CISOs discuss asset discovery and attack surface vulnerability.
Small businesses have been disproportionately affected by hackers in recent months. To aid in countering the threat, Mastercard has launched a cybersecurity education effort targeting this market segment. Paul Trueman, a senior vice president Mastercard, explains the “Trust Center” initiative.
It's one thing to plan for a remote workforce. Quite another when you suddenly have to deploy and support it - at 100%. Martin Mazor of Entertainment Partners discusses the vital role of identity in his enterprise's unique business.
The U.S. federal government is increasingly using IoT devices across its agencies, which has raised concerns about security. NIST has published draft guidance to help federal agencies navigate safe IoT deployment and use, says Kat Megas, program manager in NIST's Cybersecurity for IoT Program.