EdgeWave's Mike Walls, a former bomber pilot who led Navy red teams, says penetration testing is useful in analyzing bits and bytes but not the readiness of operations under attack from cyberspace. Red teams, he says, can analyze the impact on operations.
Keeping track of missing devices is a critical aspect of information security. Ali Solehdin, senior product manager at Absolute Software, discusses Computrace, which helps organizations secure endpoints and the sensitive data those devices contain.
After helping a hospital to pass an audit that assessed compliance with requirements of the HITECH Act "meaningful use" electronic health record incentive program, CISO Mitch Stewart offers this audit prep advice: Beef up your risk assessment.
With regulators gearing up to begin the next phase of HIPAA compliance audits, many covered entities appear to be overconfident about passing that scrutiny, according to the results of ISMG's latest Healthcare Information Security Today survey.
Organizations are getting increasingly prioritizing incident response capabilities by putting investigation firms on retainer, or creating their own internal teams, says Patrick Morley, president and CEO of Bit9 + Carbon Black.
Last year, organizations took an average of 205 days to detect a breach. To better combat such attacks and lock down breaches, FireEye's Jason Steer says organizations must lower that to hours or even minutes.
Attackers today continue to refine their distributed denial-of-service attack capabilities, delivering downtime on demand. The increase in attack effectiveness and volume demands new types of defenses, says Akamai's Richard Meeus.
Two years after the leaks that showed the U.S. National Security Agency spied on America's European allies, the U.S. and Europe still need to rebuild trust so they can collaborate on defending against cyber-attacks, says Carsten Casper of Gartner.
"Show me your dashboard." That's a request security expert Gavin Millard regularly makes to CISOs to demonstrate how today's too-complex dashboards highlight the challenge of gathering and distilling essential security metrics.
The Gartner Security and Risk Management Summit tackles digital business, a concept that blurs the physical and digital worlds, and requires organizations to reconsider how they approach IT security and risk management.
Financial services firms are increasingly applying contextual security tools to help identify fraud more quickly. But a shift to continuous authentication will provide even better security, says Vasco's Jan Valcke.