The latest edition of the ISMG Security Report describes why firewalls and VPNs don't belong in Zero Trust design. It also discusses cybercriminals' evolving ransomware tactics and the devastating price of responding to a ransomware attack, as experienced by Travelex in 2019.
Four ISMG editors discuss important cybersecurity issues, including how Canada's Desjardins Group settled a data breach lawsuit for $155 million, how Facebook is being sued after allegedly violating patient privacy, and highlights from ISMG's Northeast Summit held in New York this week.
Tired of keeping track of passwords? Recent announcements by major platform vendors Google, Apple and Microsoft could have passwords down for the count in the next six years, says Andrew Shikiar, executive director of the FIDO Alliance, which has been on a 10-year mission to eliminate passwords.
Evolving to a zero trust architecture can be overwhelming for organizations, leaving many unsure of where they should even start. Cloudflare Chief Security Officer Joe Sullivan urges CISOs to break the journey into bite-sized chunks that can be easily digested.
In the latest weekly update, Jeremy Grant, coordinator of the Better Identity Coalition, joins three editors at ISMG to discuss important cybersecurity issues, including where we are with passwordless, if we are getting closer to a U.S. federal privacy law, and next-gen authentication technologies.
Organizations have created significant security challenges by rapidly migrating applications, data and workloads to multiple public clouds over the course of the COVID-19 pandemic, according to Abbas Kudrati of Microsoft and Upendra Singh of HCL.
Implementing modern architectures such as zero trust and secure access service edge remains an issue for many organizations. This challenge is further amplified by the shortage of skilled cybersecurity personnel, says Kate Adam, senior director of enterprise product marketing at Juniper Networks.
There's a lot of confusion in the market around what constitutes zero trust architecture, and Zscaler founder, Chairman and CEO Jay Chaudhry believes firewalls and VPNs shouldn't be part of a system that's supposed to not trust anybody or anything by default.
Jeremy Grant says many areas in cybersecurity are fragmented, but Grant Schneider adds, "We don't want everyone developing collaboratively because the competition drives a lot of innovation in this space." The two discuss striking the right balance between industry fragmentation and collaboration.
Security leaders shouldn't ignore current geopolitical tensions, which are going to infiltrate into private sectors, says Troy Leach of the Cloud Security Alliance. And John Kindervag of ON2IT Cybersecurity says - for that reason - organizations need to stop being cheap on cybersecurity.
Businesses have embraced zero trust architectures in an effort to increase their protection while reducing cost and complexity for the organization, according to iboss CEO Paul Martini. Martini says companies are turning to zero trust to more effectively protect their users, applications and data.
With rising threats facing critical infrastructure sectors, such as healthcare and financial services, "society as a whole, and the safety of society is completely dependent on cyber risk" - and being security resilient, says Jeetu Patel of Cisco.
For CISOs, it's critical to not implement security without first carefully considering the user's experience, says Bernardo Vasquez, advisory CISO in the strategic client practice of Palo Alto Networks. He explains why and discusses other topics, including ZTNA 2.0.
In the wake of digital transformation and President Biden's 2021 cybersecurity executive order, an entire industry has sprung up around the concept of Zero Trust. John Kindervag, the researcher who created the architecture, weighs in on how the discussion has evolved.
Cyberwarfare has emerged as the bridge between espionage and kinetic conflict. "It's here," says Chase Cunningham of Ericom Software. He discusses how enterprise cybersecurity leaders should now think more deeply about their adversaries' motivations and capabilities.