In the constant struggle to manage the other five pillars - identify, protect, detect, respond and recover - security leaders often do not have governance at top of mind, said Netography CEO Martin Roesch, but he added, "Good governance is the root of having good security."
In this episode of "Cybersecurity Insights," Eyal Fisher discussed Sweet Security's Cloud Runtime Security Suite, which helps CISOS and security teams defend against all stages of a cyberattack by gathering data, generating insights, baselining the normal environment and looking for deviations.
A directory service should be a "source of truth," said Justin Kohler, vice president of products at Spector Ops. But when users are overprivileged or misconfigurations occur, that creates attack hubs. Kohler discusses BloodHound, a solution he says is like Google Maps for Active Directory.
President Joe Biden's recent executive order for artificial intelligence encourages investment in AI while setting a vision for a regulatory framework to address issues involving AI technology safety, bias and other concerns in healthcare, said attorney Wendell Bartnick of the law firm Reed Smith.
Despite the high frequency of major health data breaches involving vendors, many healthcare sector entities remain lax in their approach to manage and reduce third-party security risk, said Glen Braden, CIO and principal of compliance auditing firm Attest Health Care Advisors.
AI is being used "by everyone" these days, including by malicious nation-state actors, and that is raising the level of threats and risks facing hospitals and other healthcare entities, said John Riggi, national adviser for cybersecurity and risk at the American Hospital Association.
Exciting advancements in medicine through the use of AI are already happening, and many more are in the pipeline. But they need to be approached carefully and vetted properly for risk, said Dr. Eric Liederman, medical informatics and national privacy and security leader at Kaiser Permanente.
Regulating AI is "like regulating Jell-O," said Massachusetts risk counsel Jenny Hedderman, but states are looking at regulating "areas of harm" rather than AI as a whole. In this episode of "Cybersecurity Insights," Hedderman discusses privacy, third-party vendor risk, and lawyers' use of AI.
In this episode of CyberEd.io's podcast series "Cybersecurity Insights," former Uber CSO Joe Sullivan discusses the Uber trial and offers guidance to future CISOs. Was the Uber case a data breach or not. Sullivan explained why that making that distinction can be complicated.
Stolen and compromised credentials continue to be the crux of major health data security incidents involving cloud environments. But stronger credential management practices and a focused approach to "least privilege engineering" would help, said Taylor Lehmann of Google Cloud.
The biggest challenges in threat detection and response today are the inability to cover the entire attack surface and a lack of insight into who is attacking and why. To address these issues, Cisco introduced Breach Protection, a suite of products that combines email, endpoint and XDR protection.
In this episode of CyberEd.io's podcast series "Cybersecurity Unplugged," Alex Zeltcer of nSure.ai discusses how fraudsters access your payment information, how industrialized payment fraud attacks operate, and how nSure.ai uses discriminative AI to identify these attacks and cut their scale.
Visibility, consistency, efficiency - are goals every security leader strives to achieve across cloud environments, and remains one of the key digital transformation challenges. Cisco's Sean Baze talks about how to overcome this challenge and discover new efficiencies through a data-driven approach.
Not so long ago, security organizations rallied behind best of breed security solutions. But now, trying to reduce tech debt, rationalize tools and consolidate vendors, there is a push for the platform approach. Cisco's Amilcar Alfaro talks about how to tap into the platform advantage.
The violent surprise attack on Israel by Hamas and the region's escalating war spotlights the critical importance of situational awareness, and especially for healthcare organizations that rely on medical or tech products from Israeli technology firms, said Denise Anderson, president of the H-ISAC.