strategy
IoT security: The work on raising the bar continues
One of the main goals of Chief Information Security Officers should be to help the organization succeed, and they are unlikely to do that by denying their organization the …
How to develop the right strategy to increase IoT security
As more and more devices become connected, many industries that were previously secure are experiencing new threats or attacks to their devices and services. In this podcast …
Let user experience guide your security requirements
If you’re like most business leaders, you try to do everything you can to keep your company’s information safe. You tell your employees to use strong passwords and offer …
Making informed decisions: The importance of data driven security
When deciding what product to buy, the information the vendor offers about the product is helpful, but not nearly enough: you need to analyze individual product results and …
The importance of career pathing in the cybersecurity industry
A major issue facing our industry right now is a significant shortage of talented, skilled cybersecurity professionals. Whether that’s due to lack of interest or a fundamental …
Endpoint breach prevention by reducing attack surfaces
In this podcast recorded at Black Hat USA 2018, Chris Carlson, VP of Product Management, Cloud Agent Platform at Qualys, talks about endpoint breach prevention by reducing …
Chaos and confusion reign with existing firewall infrastructure
Many organizations are still struggling to master basic firewall hygiene, promising increased complexity and risk associated with network security policy management for those …
Three A’s of SaaS adoption, and why every company goes through them
I’ve noticed that as more and more companies turn to SaaS applications to power their business, they all experience the same journey along the way, more or less. Everyone goes …
Security’s bane: The false positive
Nothing makes security look worse than the false negative – when we miss an attack and damage is suffered. As security professionals, it’s something we all obsess a lot …
Enterprises as modern software factories: Infusing security throughout the app dev process
The DevOps methodology is ready to take the next step in its evolution. The first instance incorporated an operational approach to application development to create in-house, …
The future of OT security in critical infrastructure
Both the likelihood and consequences of cyberattacks to OT/ICS components continue to grow for modern industrial operations. While current advances in OT/ICS cyber security …
There’s a global divide in how organizations assess cyber risk
Nearly 48 percent of organizations globally have embraced strategic vulnerability assessment – defined as mature or moderately mature programs that include targeted and …