InfoSec World 2020 news, articles & updates| SC Media

InfoSec World 2020

Don’t be the weakest link in a widespread attack

InfoSec World 2020 — Small suppliers and SMBs shouldn’t think they are immune to hacks. In fact, some of the most prolific hacks started with attacks on third-party suppliers, such as HVAC companies and small defense manufacturers. The Target hack quickly comes to mind. In the InfoSec World 2020 session, You’ve Been Pwned…But Your Customers…

Risk assessments reveal businesses remain deficient in security compliance, training

InfoSec World 2020 – An analysis of more than 100 risk self-assessments conducted by business organizations across a cross-section of industries revealed that over 65 percent admitted to achieving zero-to-minimal compliance of U.S. state data privacy and security regulations, including myriad breach laws and the California Consumer Privacy Act. The discouraging findings show that business…

Lululemon’s Rex Sarabia works up a sweat building a security awareness program from scratch

At InfoSec World 2020 on Monday, Rex Sarabia, security awareness program manager at Lululemon, led the session “Building an Enterprise Security Awareness Program from the Ground Up.” SC Media interviewed Sarabia about his presentation to learn more about Sarabia’s biggest challenges, his tips for security professionals starting up their own programs, and how he “gamifies”…

Equifax CISO Farshchi: Transparency, focus on behavior transformed security, culture

When Jamil Farshchi takes the stage this morning at InfoSec World 2020 to deliver the keynote “Leaders Needed: Preventing the Next Big Breach,” no one would doubt the Equifax CISO knows from whence he speaks. After all, he joined the credit monitoring company after a devastating breach reported in 2017 exposed information on tens of…

Digital disruption grows attack surface, Edelman Financial Engines’ Conlon says

Staying one step ahead of attackers by eliminating vulnerabilities before they’re detected is the obvious goal of any enterprise. How to shore up your infrastructure and IT operations with state-of-the-art defense and efficiency should be on any infosec team’s to-do list, and what follows are various best practices to help you with your network security…

Sapphire Software’s Nicholas Takacs asks: Is self-aware malware possible yet?

“Two can play at this game…” Cybersecurity is a non-stop arms race between white hats and malicious hackers, and the three “A’s” — automation, analytics and artificial intelligence — are among the more powerful defensive tools that CISOs can implement to defend their organizations. But cybercriminals can also potentially employ them to magnify their attacks…

Aflac’s Tim Callahan presses hard line on managing third-party risk

Ask 100 people to define risk and you’ll get 100 definitions (if not more), but all typically agree on one thing: identifying and managing risk is extremely important to an organization’s livelihood and resilience. It can make a difference in curbing, mitigating and/or recovering from cybersecurity incidents. Recently, that resilience and the ability to manage…

Microsoft’s Kelley: Six principles that influence people to say yes can be leveraged to thwart social engineering

Behind nearly every cybersecurity incident there’s a person who was either unwittingly duped or with malicious intent breached an organization from the inside. But as the rich array of experts in the Awareness, Decisions & Devices: The Human Layer of Security track at InfoSec World 2020 can attest, it’s possible to boost awareness and spark…

Next post in InfoSec World 2020