RSAC Fireside Chat: Reinforcing ‘Identity and Access Management’ to expose ‘shadow access’
The world of Identity and Access Management (IAM) is rapidly evolving. Related: Stopping IAM threats IAM began 25 years ago as a method to systematically grant human users access to company IT assets. Today, a “user” most often … (more…) ... Read More
Author Q&A: Former privacy officer urges leaders to prioritize security as part of cloud migration
Cyber threats have steadily intensified each year since I began writing about privacy and cybersecurity for USA TODAY in 2004. Related: What China’s spy balloons portend A stark reminder of this relentless malaise: the global cyber security market is … (more…) ... Read More
RSAC Fireside Chat: Uptycs emulates Google, Akamai to protect cloud-native apps and endpoints
The inadequacy of siloed security solutions is well-documented. Related: Taking a security-first path The good news is that next-gen security platforms designed to unify on-prem and cloud threat detection and remediation are, indeed, coalescing. At RSA Conference 2023 I visited … (more…) ... Read More
GUEST ESSAY: A primer on NIST 207A — guidance for adding ZTNA to cloud-native platforms
Zero trust networking architecture (ZTNA) is a way of solving security challenges in a cloud-first world. Related: The CMMC sea change NIST SP 800-207A (SP 207A), the next installment of Zero Trust guidance from the National Institute of Standards and … (more…) ... Read More
GUEST ESSAY: A roadmap for wisely tightening cybersecurity in the modern workplace
Hackers can hurt your business or organization in many ways. First and foremost, cyberattacks can lead to data breaches in which sensitive information is stolen. If a cyber-criminal uses you as a way to get at your customers, suppliers, or … (more…) ... Read More
RSAC Fireside Chat: The need to stop mobile apps from exposing API keys, user credentials in runtime
As digital transformation accelerates, Application Programming Interfaces (APIs) have become integral to software development – especially when it comes to adding cool new functionalities to our go-to mobile apps. Related: Collateral damage of T-Mobile hack Yet, APIs have also exponentially … (more…) ... Read More
RSAC Fireside Chat: Counteracting Putin’s weaponizing of ransomware — with containment
The ransomware plague endures — and has arisen as a potent weapon in geopolitical conflicts. Related: The Golden Age of cyber espionage Cyber extortion remains a material threat to organizations of all sizes across all industries. Ransomware purveyors have demonstrated … (more…) ... Read More
RSAC Fireside Chat: Upgrading containment to counter Putin’s weaponizing of ransomware
The ransomware plague endures — and has arisen as a potent weapon in geopolitical conflicts. Related: The Golden Age of cyber espionage Cyber extortion remains a material threat to organizations of all sizes across all industries. Ransomware purveyors have demonstrated … (more…) ... Read More
RSAC Fireside Chat: Deploying Hollywood-tested content protection to improve mobile app security
Your go-to mobile apps aren’t nearly has hackproof as you might like to believe. Related: Fallout of T-Mobile hack Hackers of modest skill routinely bypass legacy security measures, even two-factor authentication, with techniques such as overlay attacks. And hard … (more…) ... Read More
RSAC Fireside Chat: Achieving ‘outcome-based security’ by blending cybersecurity, business goals
Could cybersecurity someday soon be implemented as a business enabler, instead of continuing to be viewed as an onerous business expense? Related: Security sea-change wrought by ‘CMMC’ This would fit nicely with the ‘stronger together’ theme heralded at … (more…) ... Read More
