Essential steps to implementing a "zero trust" architecture when shifting to the cloud to support a distributed workforce include implementing multifactor authentication, conducting device posture checks on endpoints and analyzing network traffic, says Timothy Snow of Cisco.
As the U.S. marks its first anniversary of fighting COVID-19, pandemic expert Regina Phelps says the next several, critical weeks come down to two vital words: vaccines and variants. "Those are going to determine our destiny for the long and foreseeable future," she says.
CISOs are playing an even more critical role as a result of the proliferation of supply chain attacks, a surge in the use of insecure IoT devices and other emerging risks, says Lt. Gen (retired) Rajesh Pant, national cybersecurity coordinator at the Prime Minister's Office for the Government of India.
To help mitigate supply chain risks, organizations should leverage web scraping tools, social media analytics tools and robotics to verify third-party providers, says Arpinder Singh of Ernst & Young.
In defining an IAM strategy for the cloud, CISOs need to automate the processes of provisioning, de-provisioning, monitoring and auditing as well as implementing federated access and API integration, says Rushdhi Mohammad, information security officer at the Industrial Bank of Kuwait.
Organizations with largely remote workforces must strengthen their dynamic authentication processes to enhance security, says Sridhar Sidhu, senior vice president and head of the information security services group at Wells Fargo.
Chris Kubic, former CISO of the National Security Agency, describes how deception technology can change the defensive landscape: "Where deception comes into play is for the unknown threats, the things that are either an attack you haven't seen before or the attacker evolved their technique."
The physical breach of the U.S. Capitol by a violent mob, members of which allegedly accessed lawmakers' systems and stole devices, offers cybersecurity professional lessons to learn on authentication, encryption and more, says cybersecurity expert Brian Honan.
Many companies claim to be successfully using artificial intelligence for security, but the use cases are still not convincing because the technology is incapable of detecting unknown malware, says Guy Sheppard of SWIFT.
Adam Turteltaub, chief engagement and strategy officer at the Society of Corporate Compliance and Ethics, says compliance teams should create a dashboard of data that will help keep track of actions taken by staff members who are working remotely.
From contact tracing to data transfer to the new California Privacy Rights Act, 2021 already is shaping up to be a big year for privacy. Trevor Hughes, CEO and president of the International Association of Privacy Professionals, offers a "state of privacy" overview.
"Multisectoral" authentication can help to ensure that government benefits are provided to the right recipients, says Joni Brennan, president of the Digital ID & Authentication Council of Canada.
Because many attacks against enterprises' cloud implementations are automated, a good defense involves using predictive technology that can analyze behaviors, says Brandon Tan of Forcepoint.
What compliance lessons can be learned from major fraud cases in 2020, including the Goldman Sachs bribery case, the Wirecard mass corruption case and the Novartis bribery case? A panel of experts offers in-depth analysis.
In 2020, the "zero trust" conversation evolved from "What is it?" to "How do we achieve a zero trust architecture?" Chase Cunningham, principal analyst serving security and risk professionals at Forrester, offers an outlook for what we can expect in 2021.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.