Security technology is one tool that enables enterprise security leaders to achieve their goals- learn more about new and upcoming security technology products and the latest industry innovations here.
Security services such as background checks, investigations and insurance often provide the backbone of a success enterprise security program. Learn more about services that can assist security leaders in building a stronger, secure enterprise.
As much of the world continues to hunker down at home in response to COVID-19, threat actors continue to find ways of exploiting the crisis to gather sensitive and valuable information from individuals. But while we’re busy making sure that our primary computers and cloud-based accounts are locked down, it’s often the devices we least suspect – our smartphones – that provide the opening that hackers need. The 2018 hacking of Jeff Bezos’s iPhone X, perhaps the most famous example of smartphone hacking, provides an important reminder that these most personal of devices should be used with appropriate caution, especially in this time of upheaval.
A new document, Planning for on-campus K-12 education during COVID-19, developed by the COVID-19 Healthcare Coalition, provides guidance to be used as a resource by school leaders to develop and implement plans for returning to on-campus learning.
The National Security Agency released a Limiting Location Data Exposure Cybersecurity Information Sheet (CSI) to guide National Security System (NSS) and Department of Defense (DoD) mobile device users on how they might reduce risk associated with sharing sensitive location data.
The Cybersecurity and Infrastructure Security Agency (CISA) released the Cyber Career Pathways Tool, an interactive approach for current and future cybersecurity professionals to envision their career and navigate next steps within the NICE Cybersecurity Workforce Framework.
Today's challenging reality presents an opportunity for CISO’s to reevaluate the economics and efficiencies of their current infosec program. To do so, CISO’s must narrow their focus on maximizing their return on investments and shift to a risk-based prioritization strategy. No matter the situation, CISO’s are always expected to meet goals and drive results. Even though security professionals cannot reduce risk to zero, they can reduce risk significantly by first eliminating the most impactful risks facing their organization. Below, I discuss the four critical steps of leading an economical and efficient information security program while following a risk-based approach.
Countless businesses export data from the European Union to the United States. Does your human resources office have information on European employees? The sales department information on European clients? That is personal data. The question is if data exports can continue in the wake of the Court of Justice of the European Union’s (CJEU) ruling in the “Schrems II” case.
Twenty years ago, almost everything in the IT world was on-premises: hardware and software, including the tools you used to verify who your users were and what they could do in your systems. In today’s cloud-native world, almost nothing is on-prem, and because of the explosion of apps, remote users and devices, it has become a considerably more complicated task, by orders of magnitude, to verify the identity of a user — or a service — and determine policies that say what they are and aren’t allowed to do.
Organizations need to evolve their thinking around cybersecurity to stay ahead of these changing threats. A holistic approach that effectively builds security into all infrastructure and processes from the ground up is cost-effective and necessary to safeguard valuable employee and customer data. This requires an overall shift in philosophy – and adopting the concept of security by design is a key first step.
ON DEMAND: The physical security industry adopts datacenter information technology in bits and pieces, but not to the extent possible. This prevents organizations from making strides in reducing costs and complexity, rapidly responding to change, and delivering on the prime security directives of keeping people and property safe.
ON DEMAND: Chad Schermerhorn, Security Expert at Brivo, will discuss how your physical security stack should be an operational asset. It should be based on the strongest, and most-up-to-date smart security that can protect you today and adapt for unexpected threats that may come.
ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.
ON DEMAND: The security ecosystem protects digital assets, physical assets, and people - the newly distributed workforce creates new and increased physical and cybersecurity risks. Situational and security awareness is a role every employee must play, and you’ll help get them there with awareness, cybersecurity hygiene and security practices that help keep company, employee and customer information safe.
The event will look at the in-car and off-board infrastructure cybersecurity policies, technologies, services, and products that will enable top OEMs and suppliers to strengthen their products’ defenses, mitigation, and resilience. Read More
This month in Security magazine, we examine how physical security leaders are being propelled into a unique position of revenue preservers and risk managers for their businesses. In addition, we profile Scott Ashworth, Director of Security for Atlanta United. Also, security leaders discuss how to develop cybersecurity careers, election security, data protection strategies, measuring and reporting security operations maturity and more!