RSA Conference 2023 Compendium: 160+ Interviews and More

Information Security Media Group • May 24, 2023

As the largest media company at RSA Conference 2023, ISMG conducted more than 160 individual interviews with CEOs, CISOs, government leaders, investors, researchers and attorneys. This compendium covers every facet of cybersecurity, from the latest technology solutions to emerging trends.

►

Leadership & Executive Communication

How to Better Educate 'Citizen Data Scientists' on AI and ML

Latest

Network Detection & Response

Cisco's New XDR Tool Emphasizes Robust Telemetry Correlation

Michael Novinson • May 31, 2023

Cisco Security Executive Vice President and General Manager Jeetu Patel said the industry struggles to address multifaceted attacks that originate in email and include bad links, malware downloads to a device and more. Cyber defenders need correlated data from multiple sources of telemetry, he said.

Video

Why Identity Is Key to Baselining API Security Programs

Anna Delaney • May 31, 2023

Change management is a critical part of a robust API management program, said Shaam Farooq, vice president of technology at Atlas Energy Solutions and a CyberEdBoard member. Team members must review and approve changes as they happen and communicates those changes across IT and OT security teams.

Artificial Intelligence & Machine Learning

Integrating Generative AI Into the Threat Detection Process

Steve King • May 31, 2023

In this episode of "Cybersecurity Insights," Chen Burshan and Amir Shachar of Skyhawk Security discuss how they integrated generative AI into their threat detection process and significantly increased the speed and lowered the costs of detecting breaches based by focusing on anomalous activity.

3rd Party Risk Management

Synopsys Extends Lead in Gartner MQ for App Security Testing

Michael Novinson • May 30, 2023

Synopsys stands head and shoulders above the competition in Gartner's application security testing rankings, with Snyk rising and HCL Software falling from the leaders category. Longtime app security players Veracode, Checkmarx and OpenText joined Synopsys and Snyk atop the Gartner Magic Quadrant.

HIPAA/HITECH

Where Hospitals Are Still More Cyber Reactive Than Proactive

Marianne Kolbasuk McGee • May 30, 2023

Many hospitals are still more reactive than proactive in terms of embracing recommended best practices that can advance their cybersecurity maturity level, said Steve Low, president of KLAS Research, and Ed Gaudet, CEO of consulting firm Censinet, who discuss findings of a recent benchmarking study.

Card Not Present Fraud

Invoice and CEO Scams Dominate Fraud Affecting Businesses

Mathew J. Schwartz • May 29, 2023

Losses to fraud reported by Britain's financial services sector exceeded $1.5 billion in 2022, declining by 8% from 2021, says trade association UK Finance. About 40% of losses tied to authorized push payment fraud, in which victims get tricked into transferring funds to attackers.

Audit

Sports Warehouse Fined $300,000 Over Payment Card Data Theft

Mathew J. Schwartz • May 29, 2023

Online sports retailer Sports Warehouse has agreed overhaul its security program and pay a $300,000 fine to New York State after hackers stole 20 years' worth of payment card data and customer information the company was storing in plaintext on its e-commerce server.

Managed Detection & Response (MDR)

Expel, CrowdStrike, Red Canary Dominate MDR Forrester Wave

Michael Novinson • May 26, 2023

Expel, CrowdStrike and Red Canary held steady atop Forrester's MDR rankings, while Secureworks and Binary Defense tumbled from the leaders category. Providers have turned their attention from maximizing their efficacy at detecting ransomware to finding faster and better ways to respond to attacks.

Cyberwarfare / Nation-State Attacks

ISMG Editors: How Ukraine's Cyber Defenders Prepped for War

Anna Delaney • May 26, 2023

In the latest weekly update, ISMG editors discuss top takeaways from Ukraine's cyber defense success, how a European regulator suspended Facebook data transfers to the United States, and the state of the EU General Data Protection Regulation on its five-year anniversary.

Governance & Risk Management

AHA Tells HHS to 'Amend or Suspend' Web Tracking Guidance

Marianne Kolbasuk McGee • May 25, 2023

The American Hospital Association is urging federal regulators to back off from recent guidance that treats patient IP addresses as protected health information, saying that the new rules would "reduce public access to credible health information" and create hardships for doctors and hospitals.

Fraud Management & Cybercrime

OAuth Flaw Exposed Social Media Logins to Account Takeover

Prajeet Nair • May 25, 2023

A new OAuth-related vulnerability in an open-source application development framework could expose Facebook, Google, Apple and Twitter users to account takeover, personal data leakage, identity theft, financial fraud and unauthorized actions on other online platforms, security researchers said.

General Data Protection Regulation (GDPR)

5 Years of GDPR: Criticism Outweighs Positive Impact

Akshaya Asokan , Anna Delaney • May 25, 2023

Five years after the effective date of the General Data Protection Regulation, the European Union privacy law - hailed as a way to protect the privacy of citizens in an increasingly digital world - continues to be marred by criticism over its lack of effectiveness and uneven implementation.