March 04, 2023

March 04, 2023

How security leaders can effectively manage Gen Z staff

Gen Z will look for jobs in organizations that share their values. Gen Z is likely to remind their superiors of such values if they find themselves being asked to do something that goes against such. Be ready for situations like this and make sure the company’s values isn’t just a marketing creation. Another way to look at this is to proactively go after individuals whose values resonate with the company’s. All working generations have experienced pros and cons of work from home, the office or a mix of both. This is unlikely to be a Gen Z-only preference, but younger generations may be more prone to think, “Why do I need to go to a specific location to do a job I can perform from anywhere?” ... The two aspects here are peer training and paid training. Gen Z is eager to learn but also to move forward, now even though this may not be effective to all roles it can be a positive in cybersecurity where attackers and attacks are always evolving fast.


LastPass Hack Highlights Importance of Applicable Acceptable Use Policies

While LastPass has made it clear that several course corrective activities have taken place post-incident to prevent similar hacks, the argument that this type of exploitation was preventable persists. Specifically, one control that should be scrutinized is the LastPass Acceptable Use Policy (AUP). These important documents provide employees with a set of rules applied by the company that explain the methods through which employees may access or use corporate networks, devices or data. Many of these policies require that corporate data may only be accessed and managed on corporate systems. This specific provision allows the organization to control both physical and logical access to important information, such as business operations and client data. As the business world has morphed with a more distributed and remote configuration, corporate AUPs require additional scrutiny as well. Specifically, companies should take a hard look as to the applicability of the Bring Your Own Device (BYOD) mentality and consider the security implications that could emerge through mismanagement.


3 Steps to Unlock the Power of Behavioral Data

In practice, a strong data culture is a “decision culture” according to McKinsey research, which is a culture where an organization can accelerate the application of advanced analytics, powering improved business performance and decision-making. Furthermore, Forrester found that organizations that use data to derive insights for decision-making are almost three times more likely to achieve double-digit growth. So why is it such a challenge to create this type of culture? ... Data creation is the process of creating high-quality, contextual behavioral data to power AI and other advanced data applications. Instead of working with the data exhaust which happens as a result of SaaS applications and black box analytics tools, data creation allows a choice of metrics that would best reflect the organization’s needs. The great thing about this is that it saves data teams quite a lot of time as it continuously delivers a highly trusted real-time stream of data that evolves with the business.


5 steps for building a digital transformation-ready enterprise architecture

In a hyper-competitive and increasingly cloud-based business environment, it's clear that digital-first is the only way forward. Of course, the transformation could have been smoother. For most businesses, it's happened in fits and starts—a program written here, a piece of software implemented there. The end result, in many cases, has been a patchwork: out-of-date applications, redundant or overly complicated programs, and generally clogged internal processes. Think of a big, tangled pile of extension cords—it's unclear what goes where, what can be safely removed, what needs replacing, and so forth. These clogged processes present a serious problem for businesses engaged in digital transformation. They can slow down a company's inner workings and, over time, lead to lost productivity and revenue. That's why it's imperative for companies to clear away the cobwebs and redesign their internal processes for maximal productivity—to, in other words, embark on an organization-wide program of enterprise architecture.


Crucial role of data protection in the battle against ransomware

Central to any cybersecurity strategy being developed is the role of the IT infrastructure teams and storage administrators in the secure storage and protection of data.However, formulating and implementing a strategy alone will not be enough, organisations must rigorously test their resiliency plans. It is essential to identify the cracks in the defences as a proactive strategy, even as learnings are applied reactively. A key reason behind the rise of ransomware attacks is that the attack surface, the systems that are accessible and could be compromised, is massive and constantly growing. The larger the enterprise, the larger the attack surface, as the vulnerable endpoints and pieces of software being used are many. Any breach that occurs, thus must be quickly contained, and its impact as minimised as possible. Merely adding more storage to a data centre is not the solution. Enterprises will need to incorporate immutable storage and encryption technology and optimize the recovery process.?


US Cybersecurity Strategy Shifts Liability Issues to Vendors

The administration envisions that it will roll out more stringent software development practices, work with vendors to implement them in the software development process and then work with industry and Congress to establish a liability shield for companies that adopt those practices. That process will take well over a year, the senior administration official predicts. Veracode founder and Chief Technology Officer Chris Wysopal says drawing from the NIST Secure Software Development Framework for the safe harbor law is more aspirational than realistic since the liability shield must consider a company's maturity and security posture. Kalember says no current institutions are well positioned to assess compliance with NIST or assign blame after a security incident. "We need a few different levels of what building safe software means," Wysopal tells ISMG. "The SSDF is a good starting point, but I think it does need to be more practical and more basic."

Red more here ...
KRISHNAN N NARAYANAN

Sales Associate at American Airlines

2 年

Thanks for sharing

回复

要查看或添加评论,请登录

Kannan Subbiah的更多文章

  • March 19, 2025

    March 19, 2025

    How AI is Becoming More Human-Like With Emotional Intelligence The concept of humanizing AI is designing systems that…

  • March 17, 2025

    March 17, 2025

    Inching towards AGI: How reasoning and deep research are expanding AI from statistical prediction to structured…

  • March 16, 2025

    March 16, 2025

    What Do You Get When You Hire a Ransomware Negotiator? Despite calls from law enforcement agencies and some lawmakers…

  • March 15, 2025

    March 15, 2025

    Guardians of AIoT: Protecting Smart Devices from Data Poisoning Machine learning algorithms rely on datasets to…

    1 条评论
  • March 14, 2025

    March 14, 2025

    The Maturing State of Infrastructure as Code in 2025 The progression from cloud-specific frameworks to declarative…

  • March 13, 2025

    March 13, 2025

    Becoming an AI-First Organization: What CIOs Must Get Right "The three pillars of an AI-first organization are data…

  • March 12, 2025

    March 12, 2025

    Rethinking Firewall and Proxy Management for Enterprise Agility Firewall and proxy management follows a simple rule:…

  • March 11, 2025

    March 11, 2025

    This new AI benchmark measures how much models lie Scheming, deception, and alignment faking, when an AI model…

  • March 10, 2025

    March 10, 2025

    The Reality of Platform Engineering vs. Common Misconceptions In theory, the definition of platform engineering is…

  • March 09, 2025

    March 09, 2025

    Software Development Teams Struggle as Security Debt Reaches Critical Levels Software development teams face mounting…

社区洞察

其他会员也浏览了