Cloud-based services are affecting governance, risk management and compliance practices in Australia, says Tim Nedyalkov, who is a technology information security officer with Commonwealth Bank. He discusses the differences between how managers and practitioners approach the problems.
Tammy Klotz took on a new job at a new company and even in a new state in 2020 - and she was charged with both establishing herself and raising the firm's cybersecurity posture. No challenge during a global pandemic, right? Here is how she has begun to pave her way.
"There are so many basics we need to get right," says Daniel Dresner, professor of cyber security at Manchester University. In this interview, he discusses the cybersecurity practices that he recommends to make the task of securing small- to medium-sized enterprises less overwhelming.
The pandemic has created the need for rapid digital transformation and the growing trend of working from home is pushing businesses to adopt "zero trust" and implement it within their own organizations, says Bobbet Castillo, chief technology officer and information security officer at Petnet.
Bobby Ford of Hewlett Packard Enterprise says that too often when an organization engages with security, it happens in an ad hoc way. He describes his mission to create a Cybersecurity Center of Excellence to streamline the organization's security incident management and response processes.
Cyber criminals are opportunistic and merciless, targeting security vulnerabilities such as weak passwords or unnecessary administrator rights. The National Cyber Security Centre recently found that 23.2 million victim accounts worldwide used 123456 as the password, and many companies still provide full admin rights...
Key challenges from the recent State of Cybersecurity 2021 report include "integrating risk with maturity and keeping up with industry trends," says Jenai Marinkovic, member of the ISACA Emerging Trends Working Group.
When Conrad Bell joined C Spire, the cybersecurity team numbered one - him. Today he has a thriving team. The VP and CISO explains how he built it, describes the skills he values and tells how this team is helping the telecommunications firm respond to today's daunting cybersecurity challenges.
The threat landscape has grown, and the airlines industry in particular has been challenged. As a result, Rob Hornbuckle, CISO of Allegiant Airlines, sees his role differently: It's beyond security and about more than just the business. Where is the role going, and how does one grow with it?
Darrell Bateman, the CISO of City Bank Texas, explains why governance and compliance issues are critical for security leaders in the banking industry and how success can help cement a CISO's relations with the board of directors.
Given that budgets and time are finite, how can organizations best identify if their information security strategy is well balanced and appropriate? Nandhini Duraisamy, chief operating officer of Quadron Cybersecurity Services, shares best practices.
Because a relatively small number of individuals provide the vast majority of services and infrastructure that power cybercrime, they remain top targets for arrest - or at least disruption - by law enforcement authorities, says cybercrime expert Alan Woodward. But of course, geopolitics sometimes gets in the way.
In the latest weekly update, four editors at Information Security Media Group discuss timely cybersecurity issues, including cryptocurrency exchange hacks and the cyber implications of the U.S. withdrawal from Kabul.
Accreditation organization CREST has concluded an investigation into whether NCC Group employees cheated on its penetration-testing exams, finding that the cybersecurity business's training materials violated its rules. It says NCC Group has agreed to overhaul its processes and demonstrate compliance.