Burned out security and software teams are hard to retain and increase the odds of a breach. Bill speaks with Object First’s David Bennett, about how he tackles the issue as an object storage solution startup CEO.
Cybersecurity
After a breach, you’ll need help from an incident response team, either in-house or third party. Frank explains how and what to look for.
In Ep. 6 of the Acceleration Economy Minute, Kieron Allen explains why legal representation is needed for those who wish to succeed in the acceleration economy.
CISO Robert Wood details three techniques to analyze security breaches so that organizations can prevent them in the future.
In episode 32, Chris looks at a new Cybersecurity Infrastructure Security Agency post that focuses on three critical steps for advancing vulnerability management across the ecosystem in IT.
Security and data breaches aren’t all bad news; they’re also opportunities to build on lessons learned and correct deficiencies, as Chris explains.
Robert explains why communication is key to getting security, legal, sales, and engineering teams on board with a DevSecOps strategy shift.
In Ep. 3 of the Acceleration Economy Minute, Kieron references the work of fellow AE cybersecurity analysts who discuss how and why organizations must expand on their approach to defense.
Threat hunting is often thought of as something one does to uncover as yet undetected threats in an organization. But there’s also attack-specific threat hunting, which, analyst Chris Hughes explains, is essential when responding to security breaches.
From victim and media notification to legal liabilities and government considerations, the many issues that arise after a security breach are more easily addressed with the help of a lawyer. Frank explains why.
Analyst Bill Doerrfeld discusses the benefits and drawbacks of low-code/no-code with CEO Prashanth Chandrasekar, giving examples of how the approach both widens businesses’ horizons and limits them.
The first article in a series on the top 10 things to do if you’ve been breached discusses RACI (responsible, accountable, consulted, informed), a framework for defining roles and responsibilities in projects or processes.
In this Data Modernization Battleground moment, Chris says that cybersecurity professionals must understand data inventory, how businesses are using data, and who has access to data.
Analyst Chrus Hughes takes a look at EPSS, a new approach to evaluating vulnerability that takes into account not only criticality and scores, but also exploitability.
Wayne recaps Data Modernization Battleground sessions with Teradata and Okera, which discussed their data analytics for multi-cloud and data security solutions.
From hackathons and gamification to champion programs and callouts, there are many ways for security teams to build essential relationships with development teams.
Janet looks at this year’s Verizon Data Breach Investigations Report (DBIR) and singles out a few facts that can help organizations evaluate risk in partnership strategy.
Chris provides takeaways from the Cyber Safety Review Board’s recent Log4j incident report.
Bill Doerrfeld speaks with oak9 Co-founder Aakash Shah about ways to reduce known and unknown vulnerabilities brought on by open-source software.
As Bill explains, continuous delivery/deployment scenarios require special and specific security — especially in industries that handle sensitive personal and financial data.