For years, Brett Johnson dedicated his time to cooking up new ways to defraud individuals and enterprises. Now the convicted felon spends his time recounting his crime story for business and security leaders. He'll be a featured speaker at ISMG's Security Summit Aug. 14-15 in New York.
"Our risk landscape has changed from protecting the things that we operate to protecting the things that we buy, and that's why third party risk management is the place where people are really focusing," says Joel de la Garza of the venture capital firm Andreessen Horowitz.
Alberto Yepez of ForgePoint Capital says cryptocurrency poses new challenges for accommodating the "know your customer" process of confirming that you're "doing business with the people that you want to be doing business with."
With the topic of election security buzzing, Elvis Chan of the FBI has two primary concerns about the upcoming midterm elections: The cybersecurity of the election systems and protecting people from the influence of foreign adversaries such as Russia.
Barely one month after the enforcement date of the EU's General Data Protection Regulation, California passed its own landmark new data privacy legislation. Cisco Chief Privacy Officer Michelle Dennedy discusses this new law and what it says about the business value of data privacy.
In the wake of so many mega-breaches, new account fraud is easier to perpetrate than account takeovers. This puts new pressure on enterprises to know their digital customers, as well as to authenticate their identities and activities, says Shaked Vax of IBM Security.
Breach defense is a strategic business issue for most enterprises, but too many cybersecurity solutions rely more on flash than substance, says Lastline CEO Chris Kruegel. It's time to start talking about true breach defense.
An ongoing security operations center challenge is trying to get the right data to the right person at the right time. The problem is compounded by there being "too much data and not finding the right people to deal with the data," says Mischa Peters of IntSights. What can help?
Getting employees involved in data security requires explaining the benefits, such as avoiding service interruptions, says Paul Bowen of Arbor Networks, who offers insights on making security part of the daily routine.
To stop fraudsters, iovation's John Marsden wants organizations not just to ask customers to verify their personal details. He also wants organizations to take a good, hard look at the devices that alleged customers are using.
To better counter threats carried by content - email, attachments, files - Deep Secure's Simon Wiseman says organizations should investigate content threat removal, which involves extracting required data from content and discarding the rest.
Aaron Sherman, who recently made the transition from serving as an FBI agent investigating cybercrime and nation-state threats to working at Braintrace on ways to improve detection and response efforts, shares insights on the career change.