InfoSec World 2020 news, articles & updates| SC Media

InfoSec World 2020

IoT adds value, risk but management within reach

Along with the tremendous opportunity brought to the enterprise by the gadgets that hang off of the Internet of Things (IoT) comes sizable risk that organizations must assess and manage. “Value should be considered while determining risk,” said Paul Rohmeyer, associate industry professors at the Stevens Institute of Technology, who led the “Managing Cybersecurity and…

Union Pacific tracks cyber risk via its own probability modeling methodology

Rick Holmes, assistant VP and CISO at Union Pacific Railroad, detailed at InfoSec World 2020 how the transportation giant incorporates cybersecurity risk into its larger enterprise risk management process in order to help senior executives estimate losses caused by potential cyber incidents and make better decisions on where to invest in defenses. “We think that…

Ex-CIA exec: Covid-19 has created ideal ‘crisis’ conditions for malicious hackers

Companies trying to stave off business disruption caused by the global Covid-19 pandemic may be ripe for compromise as they introduce new risks in the scramble to maintain business continuity, warned a retired senior CIA executive in a keynote presentation Wednesday at the InfoSec World 2020 digital conference. In essence, the coronavirus has created ideal…

Triage plan can fend off insider threats, Latson says

Insider attacks doubled last year from two years ago, according to recent Ponemon Institute research, and most likely most of those insiders’ network behavior could have foreshadowed a preventable attack only if their data access were properly monitored. That’s where a proactive strategy comes in, advised InfoSec World 2020 featured speaker Velma C. Latson, who…

Party City celebrates IT risk assessment program; reveals keys to success

At InfoSec World 2020 on Tuesday, a pair of risk officers from Party City offered an inside glimpse into how the $2.1 billion specialty retailer pulled off its first-ever top-down enterprise-wide IT risk assessment. Among the chief success factors they cited were: executive buy-in, the collaboration of skilled partners, assuring adequate resources, well-planned project scoping,…

Triangle of network security management requires formalized process, Rodrigue says

Why do we care about cyber hygiene? For starters, security pros want to ensure operating effectiveness of basic controls and put in a system of checks and balances between processes. Companies also want to offer a foundation for more advanced technical security mechanisms, their effectiveness becomes limited otherwise. They also want to detect blind spots…

Cracking the cyber liability code leads to better insurance coverage

The cyber insurance market continues to evolve and mature with coverage enhancements, along with an abundance of carriers. With so many carriers entering the market, it’s more important than ever for companies to take their time and read the fine print. In their session Tuesday at InfoSec World 2020, “Cracking the Cyber Liability Code,” two…

Alsid’s Melber urges active directory protection to fend off new attack patterns

Enterprises that start concentrating on protecting the active directory will be doing themselves a huge favor, Derek Melber emphasized in his Tuesday afternoon InfoSec World 2020 session, “New Attack Patterns: Targeting the Keys to the Kingdom.” “The attackers are going directly after the core IAM (Identity and Access Management) for nearly 95 percent of the…

Netflix DVD’s Sanders: Revamp strategies to stay ahead of attackers

CISOs scrambling to stay ahead of the rapid changes coming in security and positioning themselves to proactively divine new threats just over the horizon should tune into Tuesday’s InfoSec World 2020 keynote address led by Jimmy Sanders, head of security at Netflix DVD. Cybersecurity at the DVD mail order service – which launched the company’s…

Next post in InfoSec World 2020