With the volume of data breaches and cyberattacks continuing to rise, organizations are increasingly relying on breach and attack simulation tools to provide more consistent and automated validation of controls, says Cymulate's Tim Ager.
Organizations that want to protect sensitive data first need to know where it is. But outside of military and government realms, few employees know how to manually classify data, or have an incentive to do so, says TITUS CTO Stephane Charbonneau.
With the rise in awareness of visual security threats and the advent in open plan office environments, protecting data inside the organization is a growing concern, says Ben Rooney, a marketing executive at 3M.
What's your digital identity strategy? Numerous agencies in countries across Europe - such as the Italian postal service - are creating new approaches to verifying identities and allowing them to be used as a trusted service, says CA's Paul Briault.
Threat intelligence is increasingly being brought to bear to help businesses apply kill-chain concepts, focusing on disrupting discrete parts of online attacks as early as possible, says Fortinet's Simon Bryden.
The Internet of Things is posing an increased risk to all organizations. One global data center provider, for example, recently discovered that its malware-infected power supplies were part of a botnet, says Chris Richter of Level 3 Communications.
The list of information security threats facing organizations continues to grow longer. But it's up to CIOs to put the right defenses - and priorities - in place, says David White at BAE Systems Applied Intelligence.
Organizations are getting increasingly prioritizing incident response capabilities by putting investigation firms on retainer, or creating their own internal teams, says Patrick Morley, president and CEO of Bit9 + Carbon Black.
Attackers today continue to refine their distributed denial-of-service attack capabilities, delivering downtime on demand. The increase in attack effectiveness and volume demands new types of defenses, says Akamai's Richard Meeus.
Last year, organizations took an average of 205 days to detect a breach. To better combat such attacks and lock down breaches, FireEye's Jason Steer says organizations must lower that to hours or even minutes.
"Show me your dashboard." That's a request security expert Gavin Millard regularly makes to CISOs to demonstrate how today's too-complex dashboards highlight the challenge of gathering and distilling essential security metrics.
This year's Infosecurity Europe conference in London - celebrating its 20th anniversary - decamped from Earl's Court to the glass-topped, 19th-century Olympia Conference Center, and featured more than 300 exhibitors and 200 speakers.
Financial services firms are increasingly applying contextual security tools to help identify fraud more quickly. But a shift to continuous authentication will provide even better security, says Vasco's Jan Valcke.
Law enforcement officials estimate that fewer than 200 people in the world build the core infrastructure and tools relied on by cybercriminals who would otherwise lack such capabilities. What's the best way to stop them?
Intel Security cybercrime expert Raj Samani says that after the April disruption of the Beebone botnet by law enforcement agencies, researchers have found more infected nodes than normal, largely in Iran.