Enterprise security and risk management efforts continue to lag
Increasingly, enterprises realize that they not only need to secure their digital assets, but that they need to do it economically. Most organizations know that they need to be compliant to any number of government or industry regulations that affect them — from HIPAA to GDPR — but simply achieving ... Read More
Study: Hospitals dramatically increase ad spend following data breaches
Determining the actual cost of a data breach is difficult and often leads to heated discussions in security circles. How do you determine how many customers who left (following a breach) wouldn’t have left anyway? Perhaps they already were upset with the organization for some other reason. How do you ... Read More
Old password habits die hard … if they ever die at all
If there’s anything that security and IT teams hate more than managing credentials, I certainly can’t think of it. Users hate having to manage their passwords and they tend to do so poorly. And that, in turn, leads to password reset request calls — among the most costly of helpdesk ... Read More
What are the priorities for CISOs in 2019?
Well, 2018 is a wrap and another year is behind us — and what a big year it was for cybersecurity. There have been numerous high-profile breaches, regulatory fines, and fascinating developments in how enterprises build and deploy their applications. And, more broadly, business transformation efforts have accelerated the speed ... Read More
NIST releases guidance for risk assessment automation
Security professionals are stretched as thin as you can imagine. Their environments are fragmenting from just their data centers to a multitude of cloud services. Meanwhile, they’re having difficulty finding skilled staff, and their development teams have been busily dismantling traditional waterfall development lifecycles for continuously delivered pipelines. While cloud, ... Read More
Lights out: Can the U.S. survive a ‘catastrophic’ power outage?
Recently, the President’s National Infrastructure Advisory Council (NIAC) examined the ability of the U.S. federal government to respond to and recover from a catastrophic power outage striking a large swath of the nation. What is a catastrophic power outage? It’s a power outage longer than a few days or even ... Read More
The FCC seeks to aggressively stem fraudulent robocalls with STIR and SHAKEN
If your recent experience is anything like mine, your phone has been pummeled by robocalls. For whatever reason, throughout the past year, I’ve been inundated with calls from across the U.S. regarding health insurance, car insurance, investment scams, mortgage refinance … you name it. On a mobile phone it’s easy ... Read More
Healthcare survey finds abundance of medical device security overconfidence
When facing a determined adversary, it’s one thing to be confident, it’s quite another to be overconfident. But that’s what a new survey of healthcare IT professionals and biomedical engineers found: an overabundance of confidence when it comes to connected medical device security. According to the 2018 Zingbox Second Annual ... Read More
Continuous processes can complicate security, but also provide an answer
While cloud computing has promised to simplify the management of business-technology systems, it hasn’t exactly turned into a net simplification when it comes to security. Sure, cloud infrastructure platforms remove the complexity of having to secure the underlying infrastructure, and software-as-a-service and platform-as-a-service providers simplify many aspects of application security ... Read More
The app explosion and digital transformation drive rapid growth of the identity management market
The identity management market is growing much faster than the overall IT market, and for good reason. While the enterprise IT market is expected to grow by 3.5 percent through 2018, research firm Technavio predicts the worldwide identity and access management market will grow at 13 percent through 2022. Why? ... Read More
