For a long time now, people (employees, users) have been touted as ‘the weakest link’ because of the tendency to make mistakes or try to bypass cumbersome processes, with no malicious or criminal intent in mind,” says Anthony Lim, Senior Cybersecurity Advisor, Asia Pacific, for Frost & Sullivan and Vice-Chair for (ISC)2 Application Security Advisor Council.
In the 2015 Anthem data breach, the compromise of an adminstrator’s credentials was the initial entry point that caused the breach and exposure of 13.5 million patient records. High-profile, high-impact breaches like this are spurring healthcare enterprises to institute more cybersecurity defenses and to monitor the insider threat.
Your company may think it has adequate insurance coverage for a network breach, but there’s a good chance that it does not. According to the findings of a recent UK government report, over half of the companies surveyed thought they had the right coverage in place, while only 10 percent actually did. Another sizable group of those surveyed responded that they had no idea which of the many cyber risks facing their company even could be insured.
The 2015 RSA Conference provides security professionals access to myriad keynotes, educational sessions and solutions for today’s cybersecurity risks. Whether you’re headed to San Francisco for the conference April 20-24 or you’re observing cybersecurity trends from your office, here is a sampling of some of the trends, products and services showcased at this year’s event.
Security professionals are unable to keep pace with cybersecurity threats against companies as external and internal threats mushroom from both known and emerging technologies, according to a Trustwave survey.
The Massachusetts Institute of Technology is starting a new research effort to help CISOs better manage cybersecurity within critical infrastructure companies. Exxon Mobil Corp. and Schneider Electric SE are early members of the consortium, according to MIT.
Only 20 percent of payment card-accepting companies complied with the full set of international security standards in 2013, according to a new report from Verizon. The 2014 PCI Compliance Report looked at how hundreds of retailers, hospitality companies, financial service firms and other organizations followed the standards established by the PCI Security Standards Council.
For the next generation of enterprise security leaders, is there a clear path forward to success? Enterprise security leaders discuss mentorships, education, certifications and the skills new CSOs and CISOs will need to succeed in their evolving roles and bring value to the business. But the problem is: with existing security leadership roles varying so widely, is the development of a uniform skill set even possible?