Information Management Today

MY TAKE: Fostering Digital Trust – the role of ‘post-quantum crypto’ and ‘crypto agility’ in 2024

The Last Watchdog

DECEMBER 13, 2023

Related: Why IoT standards matter Digital Trust refers to the level of confidence both businesses and consumers hold in digital products and services – not just that they are suitably reliable, but also that they are as private and secure as they need to be. Notable progress was made in 2023 in the quest to elevate Digital Trust.

Encryption

Encryption IoT Authentication Security

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

The Last Watchdog

DECEMBER 14, 2023

Cryptographic inventories need finalizing and quantum safe encryption needs to be adopted for sensitive communications and data. Consumers will begin to see their favorite applications touting “quantum-secure encryption.” What should I be most concerned about – and focus on – in 2024? Our defensive strategies must evolve.

Cybersecurity

Cybersecurity Encryption Marketing Risk

Black Hat insights: Generative AI begins seeping into the security platforms that will carry us forward

The Last Watchdog

AUGUST 13, 2023

Generative AI makes use of a large language model ( LLM ) – an advanced algorithm that applies deep learning techniques to massive data sets. I spoke to technologists, hackers, marketers, company founders, researchers, academics, publicists and fellow journalists about the promise and pitfalls of commoditizing AI in this fashion.

Security

Security Cloud Artificial Intelligence Cybersecurity

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

RSAC insights: Malware is now spreading via weaponized files circulating in data lakes, file shares

The Last Watchdog

JUNE 3, 2022

The zero trust approach to enterprise security is well on its way to mainstream adoption. At RSA Conference 2022 , which takes place next week in San Francisco, advanced technologies to help companies implement zero trust principals will be in the spotlight. But that needs to change, he says. This is a very good thing.

Unstructured data

Unstructured data Cloud Authentication Digital transformation

RSAC insights: Why vulnerability management absolutely must shift to a risk-assessment approach

The Last Watchdog

MAY 31, 2022

Vulnerability management, or VM, has long been an essential, if decidedly mundane, component of network security. Advanced VM tools and practices are rapidly emerging to help companies mitigate a sprawling array of security flaws spinning out of digital transformation. Related: Log4J’s long-run risks. Scan and patch.

Risk

Risk Digital transformation Cloud Passwords

MY TAKE: DigiCert and Oracle partner to extend digital trust and scalable infrastructure globally

The Last Watchdog

MAY 9, 2023

Related: Centralizing control of digital certificates I had the chance to sit down with Deepika Chauhan , DigiCert’s Chief Product Officer, and Mike Cavanagh , Oracle’s Group Vice President, ISV Cloud for North America. Amazon had introduced Amazon Web Services in 2006 and Microsoft Azure became commercially available in 2010.

Cloud

Cloud Digital transformation Military Retail

MY TAKE: A few reasons to believe RSAC 2023’s ‘stronger together’ theme is gaining traction

The Last Watchdog

APRIL 30, 2023

Rising from the din of 625 vendors, 700 speakers and 26,000 attendees came the clarion call for a new tier of overlapping, interoperable, highly automated security platforms needed to carry us forward. Consolidating cloud postures One nascent approach that shows promise: cloud native application protection platform ( CNAPP.)

Authentication

Authentication Cloud Access Cybersecurity

MY TAKE: How ‘CAASM’ can help security teams embrace complexity – instead of trying to tame it

The Last Watchdog

MAY 18, 2022

These specialized tools are expressly designed to help companies get a much better grip on the sprawling array of digital assets they’ve come to depend on. For most of the past 25 years, company networks were made up of clearly defined internal boundaries encompassed by a hard-and-fast perimeter.

Digital transformation

Digital transformation IT Security Cloud

MY TAKE: Log4j’s big lesson – legacy tools, new tech are both needed to secure modern networks

The Last Watchdog

MARCH 29, 2022

Log4j is the latest, greatest vulnerability to demonstrate just how tenuous the security of modern networks has become. This is all part of corporations plunging into the near future: migration to cloud-based IT infrastructure is in high gear, complexity is mushrooming and fear of falling behind is keeping the competitive heat on.

Security

Security Cloud Digital transformation Cybersecurity

RSAC insights: How the ‘CIEM’ framework is helping companies manage permissions glut

The Last Watchdog

MAY 12, 2021

Related: Securing digital identities. Companies are adopting multi-cloud and hybrid cloud infrastructures and relying on wide-open app development like never before. Now comes an emerging security discipline to help companies get a grip on all of these permissions.

Cloud

Cloud Analytics Access Cybersecurity

RSAC insights: Introducing ‘CWPP’ and ‘CSPM,’ new frameworks to secure cloud infrastructure

The Last Watchdog

MAY 17, 2021

In pulling off that milestone hack, Paige Thompson took advantage of CapOne’s lack of focus on cloud security as the banking giant rushed headlong into leveraging Amazon Web Services. A slew of new cloud-security frameworks have gained traction since the Capital One hack. Here are the key takeaways: Cloud migration risks.

Cloud

Cloud Security Risk Financial Services

MY TAKE: RSAC 2023 roundup – evidence of ‘stronger together’ innovation takes shape

The Last Watchdog

APRIL 28, 2023

Related: Demystifying ‘DSPM’ Rising from the din of 625 vendors, 700 speakers and 26,000 attendees came the clarion call for a new tier of overlapping, interoperable, highly automated security platforms needed to carry us forward. about the role of advanced wearable authentication devices, going forward.

Authentication

Authentication Cloud Access Security

My Take: Russian hackers put the squeeze on U.S agencies, global corps in MOVEit-Zellis hack

The Last Watchdog

JUNE 16, 2023

According to Lawrence Abrams, Editor in Chief of Bleeping Computer, the Clop ransomware gang began listing victims on its data leak site on June 14th, warning that they will begin leaking stolen data on June 21st if their extortion demands are not met. It was bound to happen. federal agencies, in addition to global corporations.

Cybersecurity

Cybersecurity Ransomware Government Authentication

MY TAKE: ‘Digital trust’ has a huge role to play mitigating cybersecurity threats, going forward

The Last Watchdog

MAY 23, 2022

Digital services get delivered across a complex amalgam of public cloud, hybrid cloud and on-premises digital systems. We simply must attain — and sustain — a high bar of confidence in the computing devices, software applications and data that make up he interconnected world we occupy. Failure is not an option.

Cybersecurity

Cybersecurity Digital transformation Computer and Electronics Encryption

MY TAKE: Why monetizing data lakes will require applying ‘attribute-based’ access rules to encryption

The Last Watchdog

JUNE 2, 2021

The amount of data in the world topped an astounding 59 zetabytes in 2020, much of it pooling in data lakes. We’ve barely scratched the surface of applying artificial intelligence and advanced data analytics to the raw data collecting in these gargantuan cloud-storage structures erected by Amazon, Microsoft and Google.

Encryption

Encryption Access Artificial Intelligence IoT

MY TAKE: How ‘CASBs’ are evolving to close the security gaps arising from digital transformation

The Last Watchdog

APRIL 5, 2019

The Cloud Access Security Broker (CASB) space is maturing to keep pace with digital transformation. Related: CASBs needed now, more than ever. One company still actively innovating as an independent CASB is San Jose, CA-based security vendor CipherCloud. This is especially important within the cloud.

Digital transformation

Digital transformation Security Cloud Access

MY TAKE: Why companies had better start taking the security pitfalls of API proliferation seriously

The Last Watchdog

JANUARY 4, 2022

Related: ‘SASE’ framework extends security to the network edge. That said, APIs are certain to get a lot more attention by security teams — and board members concerned about cyber risk mitigation — in 2022. based supplier of networking technology. Here are my key takeaways: Manipulating APIs.

Security

Security Digital transformation Cloud Cybersecurity

SHARED INTEL: Automating PKI certificate management alleviates outages caused by boom

The Last Watchdog

OCTOBER 26, 2021

Our Public Key Infrastructure is booming but also under a strain that manual certificate management workflows are not keeping up with. As business networks shift into the era of cloud computing and agile software, the volume of digital certificates has swelled dramatically. This scaling up of PKI has put companies in a mad scramble.

Digital transformation

Digital transformation Compliance Encryption Authentication

SHARED INTEL: The cybersecurity sea change coming with the implementation of ‘CMMC’

The Last Watchdog

SEPTEMBER 7, 2022

Finally, Uncle Sam is compelling companies to take cybersecurity seriously. could take effect as early as May 2023 mandating detailed audits of the cybersecurity practices of any company that hopes to do business with the Department of Defense. This includes cloud providers and managed services providers.

Cybersecurity

Cybersecurity Digital transformation Compliance Risk

NEW TECH: Exabeam positions SIEM technology to help protect IoT, OT systems

The Last Watchdog

MARCH 9, 2020

Security information and event management systems — SIEMs — have been around since 2005, but their time may have come at last. Exabeam is a successful security vendor in the SIEM space. Daughney Daughney stresses that SIEMs must evolve to keep up. Part of its Cloud Studio is the new Parser Editor tool.

IoT

IoT Digital transformation Cloud Security

MY TAKE: ‘Network Detection and Response’ emerges as an Internet of Things security stopgap

The Last Watchdog

APRIL 9, 2020

Related: The promise, pitfalls of IoT Companies have commenced the dispersal of IoT systems far and wide. Data collected by IoT devices will increasingly get ingested into cloud-centric networks where it will get crunched by virtual servers. The many privacy and security issues raised by IoT, however, are another story.

IoT

IoT Security Cloud Passwords

Black Hat insights: Will Axis Security’s ZTNA solution hasten the sunsetting of VPNs, RDP?

The Last Watchdog

JULY 30, 2021

Company-supplied virtual private networks (VPNs) leave much to be desired, from a security standpoint. Related: How ‘SASE’ is disrupting cloud security. Then a global pandemic came along and laid bare just how brittle company VPNs truly are. This has long been the case.

Access

Access Cloud Encryption Security

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

The Last Watchdog

JUNE 2, 2022

Big banks and insurance companies instilled the practice of requesting their third-party vendors to fill out increasingly bloated questionnaires, called bespoke assessments, which they then used as their sole basis for assessing third-party risk. But, the company founders never intended to stop at simply cleaning up bespoke assessments.

Security

Security Risk Digital transformation Cybersecurity

Business as Usual During a Terrible, Horrible, No Good, Very Bad Year

Thales Cloud Protection & Licensing

JULY 20, 2021

With the unprecedented need for workforces to work remotely, companies around the world were put to the ultimate test to keep the pace of business as usual, with limited disruption—many finding that balance difficult at best. Tue, 07/20/2021 - 09:40. 2020 was a challenging year for the world.

Encryption

Encryption Cloud Data breaches Compliance

SHARED INTEL: Report details how cyber criminals leverage HTTPS TLS to hide malware

The Last Watchdog

APRIL 21, 2021

Google was absolutely right to initiate a big public push a couple of years ago to make HTTPS Transport Layer Security (TLS) a de facto standard. Related: Malicious activity plagues the cloud services. This surge in TLS abuse has shifted the security community’s focus back to a venerable network security tool, the firewall.

Encryption

Encryption Digital transformation Data breaches Cloud

NEW TECH: DigiCert unveils ‘Automation Manager’ to help issue, secure digital certificates

The Last Watchdog

APRIL 21, 2021

Related: Why it’s vital to secure IoT. The devil truly is in the details when it comes to how companies are hustling to leverage cloud infrastructure and spin up cool new apps. They’re in need of better ways to manage PKI, and it can’t be human error-prone processes. Ask Spotify.

Digital transformation

Digital transformation Security Encryption Authentication

MY TAKE: What if Big Data and AI could be intensively focused on health and wellbeing?

The Last Watchdog

JANUARY 11, 2022

The blue-sky mission is to bring modern data mining and machine learning technologies to bear delivering personalized services that ameliorate not just physical ailments, but also mental and even emotional ones. I had a lively discussion with Craig Hinkley, CEO of NTT Application Security , about the thinking behind this crusade.

Big data

Big data Analytics Personal data Government

SHARED INTEL: Here’s why CEOs who’ve quit Tweeting are very smart to do so

The Last Watchdog

MARCH 6, 2020

Corporate consultancy PwC’s recent poll of 1,600 CEOs worldwide found that cyber attacks are now considered the top hinderance to corporate performance, followed by the shortage of skilled workers and the inability to keep up with rapid tech advances. Yet, stolen personal data for more than 10.6 19 on a hacking forum.

Cloud

Cloud Digital transformation Encryption Security

MY TAKE: A path for SMBs to achieve security maturity: start small controlling privileged accounts

The Last Watchdog

JUNE 23, 2021

To boost productivity, they must leverage cloud infrastructure and participate in agile software development. But this also opens up a sprawling array of fresh security gaps that threat actors are proactively probing and exploiting. And it doesn’t take enterprise-grade security systems to accomplish this.

Security

Security Passwords Cloud Access

Black Hat insights: WAFs are getting much more dynamic making them well-suited to protect SMBs

The Last Watchdog

AUGUST 4, 2021

That said, there is one venerable technology – web application firewalls ( WAFs) – that is emerging as a perfect fit for SMBs in today’s environment, as all companies shift to a deeper reliance on cloud services and mobile apps. Related: Kaseya hack raises more supply chain worries. Here are the big takeaways: WAF resurgence.

Risk

Risk Digital transformation Marketing Cloud

SHARING INTEL: Here’s why it has become so vital to prioritize the security-proofing of APIs

The Last Watchdog

NOVEMBER 30, 2021

Indeed, APIs have opened new horizons of cloud services, mobile computing and IoT infrastructure, with much more to come. Yet, in bringing us here, APIs have also spawned a vast new tier of security holes. Yet, API security risks haven’t gotten the attention they deserve. Thus security-proofing APIs has become a huge challenge.

IT

IT Security Big data Digital transformation

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List

Thales Cloud Protection & Licensing

JANUARY 11, 2023

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List. If you have already watched them, repetition is the mother of all education. Trends in Cloud Security: Key Findings from the 2022 Cloud Security Study. Thu, 01/12/2023 - 05:54.

Compliance

Compliance Cloud Security Financial Services

MY TAKE: Why speedy innovation requires much improved cyber hygiene, cloud security

The Last Watchdog

MARCH 11, 2020

Organizations are increasingly outsourcing IT workloads to cloud service providers and looking to leverage IoT systems. A big challenge security executives face is balancing speed vs. security. Teeming threat landscape Security leaders’ key priority is reducing exposures to the cyber risks they know are multiplying.

Cloud

Cloud Security Digital transformation Honeypots

MY TAKE: Agile cryptography is coming, now that ‘attribute-based encryption’ is ready for prime time

The Last Watchdog

MAY 3, 2021

All of the technical innovation cybersecurity vendors are churning out to deal with ever-expanding cyber risks, at the end of the day, come down to protecting encrypted data. I had the chance to learn more about ABE from Brent Waters, a distinguished scientist in the Cryptography & Information Security (CIS) Lab at NTT Research.

Encryption

Encryption Retail Digital transformation Cloud

SHARED INTEL: FireMon survey shows security lags behind fast pace of hybrid cloud deployments

The Last Watchdog

MARCH 18, 2020

Corporate America’s love affair with cloud computing has hit a feverish pitch. Yet ignorance persists when it comes to a momentous challenge at hand: how to go about tapping the benefits of digital transformation while also keeping cyber exposures to a minimum level.

Cloud

Cloud Security Digital transformation Cleanup

NEW TECH: Silverfort deploys ‘multi-factor authentication’ to lock down ‘machine identities’

The Last Watchdog

NOVEMBER 6, 2019

Related: A primer on IoT security risks The big hitch with 2FA, and what it evolved into – multi-factor authentication, or MFA – has always been balancing user convenience and security. In terms of baking in security at a fundamental level of future systems, that’s very significant.

Authentication

Authentication Cloud Digital transformation Risk

NEW TECH: Baffin Bay Networks takes a ‘cloud-first’ approach to securing web applications

The Last Watchdog

SEPTEMBER 10, 2019

That experiment conducted by a reporter for The Atlantic crystalizes the seemingly intractable security challenge businesses face today. This trend has greatly expanded the attack surface for malicious botnets to automatically probe and infiltrate company networks, at scale.

Cloud

Cloud Security Digital transformation Financial Services

NEW TECH: Breakthrough ‘homomorphic-like’ encryption protects data in-use, without penalties

The Last Watchdog

SEPTEMBER 30, 2019

Related: Post-quantum cryptography on the horizon For decades, some of our smartest mathematicians and computer scientists have struggled to derive a third way to keep data encrypted — not just the two classical ways, at rest and in transit. Cryptographically speaking, this is the equivalent of moving the Himalayas, not just Mt.

Encryption

Encryption Cloud Access Privacy

MY TAKE: Why ‘basic research’ is so vital to bringing digital transformation to full fruition

The Last Watchdog

MARCH 17, 2021

Ongoing basic research in advanced cryptography concepts is pivotal to putting the brakes on widening cyber risks and ultimately arriving at a level of privacy and security that makes sense. Yet at the same time, they’re also charged with keeping an eye on the eventual “productization” of all this rarefied research.

Digital transformation

Digital transformation Encryption Analytics Privacy

How to activate multifactor authentication everywhere

Thales Cloud Protection & Licensing

JANUARY 20, 2022

Verizon’s Data Breach Investigation 2021 Report indicates that over 80% of breaches evolve phishing, brute force or the use of lost or stolen credentials. Verizon’s Data Breach Investigation 2021 Report indicates that over 80% of breaches evolve phishing, brute force or the use of lost or stolen credentials. Thu, 01/20/2022 - 10:19.

Authentication

Authentication Data breaches Access Retail

RSAC insights: ‘SASE’ disrupts networking by meshing security, connectivity at the services edge

The Last Watchdog

MAY 14, 2021

It’s accurate to say that security has been bolted onto modern business networks. It also has become very clear that we won’t achieve the full potential of digital transformation without security somehow getting intricately woven into every layer of corporate IT systems. Here are the key takeaways: Connectivity vs. security.

Security

Security Digital transformation Cloud Access

BEST PRACTICES: Why pursuing sound ‘data governance’ can be a cybersecurity multiplier

The Last Watchdog

APRIL 1, 2020

Deploying the latest, greatest detection technology to deter stealthy network intruders will take companies only so far. It turns out there are some housekeeping things companies can do while ingesting, leveraging and storing all of the data churning through their complex hybrid cloud networks.

Government

Government Cybersecurity Archiving Access

NEW TECH: Devolutions’ ‘PAM’ solution helps SMBs deal with rising authentication risks

The Last Watchdog

MARCH 10, 2020

The cybersecurity needs of small- and mid-sized businesses (SMBs) differ from those of large enterprises, but few solutions cater to them. A 2018 Cisco Cybersecurity Special Report found that 54 % of all cyber attacks cost the target company more than $0.5 Security is just one of many complex responsibilities.

Authentication

Authentication Risk Digital transformation Passwords

Five Hot Security and Privacy Topics You Need To Understand in 2022

Thales Cloud Protection & Licensing

JANUARY 26, 2022

Five Hot Security and Privacy Topics You Need To Understand in 2022. Panelists included security professionals from many well-established and successful organizations as well as consultants and industry leaders. Schrems II and the Security of International Data Flows. Thu, 01/27/2022 - 06:13.

Privacy

Privacy Security Encryption Cloud

MY TAKE: Fostering Digital Trust – the role of ‘post-quantum crypto’ and ‘crypto agility’ in 2024

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

Webinars

Trending Sources

Black Hat insights: Generative AI begins seeping into the security platforms that will carry us forward

Webinars

RSAC insights: Malware is now spreading via weaponized files circulating in data lakes, file shares

RSAC insights: Why vulnerability management absolutely must shift to a risk-assessment approach

MY TAKE: DigiCert and Oracle partner to extend digital trust and scalable infrastructure globally

MY TAKE: A few reasons to believe RSAC 2023’s ‘stronger together’ theme is gaining traction

MY TAKE: How ‘CAASM’ can help security teams embrace complexity – instead of trying to tame it

MY TAKE: Log4j’s big lesson – legacy tools, new tech are both needed to secure modern networks

RSAC insights: How the ‘CIEM’ framework is helping companies manage permissions glut

RSAC insights: Introducing ‘CWPP’ and ‘CSPM,’ new frameworks to secure cloud infrastructure

MY TAKE: RSAC 2023 roundup – evidence of ‘stronger together’ innovation takes shape

My Take: Russian hackers put the squeeze on U.S agencies, global corps in MOVEit-Zellis hack

MY TAKE: ‘Digital trust’ has a huge role to play mitigating cybersecurity threats, going forward

MY TAKE: Why monetizing data lakes will require applying ‘attribute-based’ access rules to encryption

MY TAKE: How ‘CASBs’ are evolving to close the security gaps arising from digital transformation

MY TAKE: Why companies had better start taking the security pitfalls of API proliferation seriously

SHARED INTEL: Automating PKI certificate management alleviates outages caused by boom

SHARED INTEL: The cybersecurity sea change coming with the implementation of ‘CMMC’

NEW TECH: Exabeam positions SIEM technology to help protect IoT, OT systems

MY TAKE: ‘Network Detection and Response’ emerges as an Internet of Things security stopgap

Black Hat insights: Will Axis Security’s ZTNA solution hasten the sunsetting of VPNs, RDP?

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

Business as Usual During a Terrible, Horrible, No Good, Very Bad Year

SHARED INTEL: Report details how cyber criminals leverage HTTPS TLS to hide malware

NEW TECH: DigiCert unveils ‘Automation Manager’ to help issue, secure digital certificates

MY TAKE: What if Big Data and AI could be intensively focused on health and wellbeing?

SHARED INTEL: Here’s why CEOs who’ve quit Tweeting are very smart to do so

MY TAKE: A path for SMBs to achieve security maturity: start small controlling privileged accounts

Black Hat insights: WAFs are getting much more dynamic making them well-suited to protect SMBs

SHARING INTEL: Here’s why it has become so vital to prioritize the security-proofing of APIs

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List

MY TAKE: Why speedy innovation requires much improved cyber hygiene, cloud security

MY TAKE: Agile cryptography is coming, now that ‘attribute-based encryption’ is ready for prime time

SHARED INTEL: FireMon survey shows security lags behind fast pace of hybrid cloud deployments

NEW TECH: Silverfort deploys ‘multi-factor authentication’ to lock down ‘machine identities’

NEW TECH: Baffin Bay Networks takes a ‘cloud-first’ approach to securing web applications

NEW TECH: Breakthrough ‘homomorphic-like’ encryption protects data in-use, without penalties

MY TAKE: Why ‘basic research’ is so vital to bringing digital transformation to full fruition

How to activate multifactor authentication everywhere

RSAC insights: ‘SASE’ disrupts networking by meshing security, connectivity at the services edge

BEST PRACTICES: Why pursuing sound ‘data governance’ can be a cybersecurity multiplier

NEW TECH: Devolutions’ ‘PAM’ solution helps SMBs deal with rising authentication risks

Five Hot Security and Privacy Topics You Need To Understand in 2022

Stay Connected