Articles about Q&A

Web scraping, automatically harvesting and extracting data from websites, can be a useful tool for businesses to learn about their customers.

But it's easy to fall into the trap of harvesting data just because it's there, leading to information overload not to mention privacy concerns for the consumer. To find out more about web scraping and how it can be used in an ethical way we spoke to founder and CEO of Rayobyte, Neil Emeigh.

Continue reading →

In recent years, the software bill of materials (SBOM) has become a key element of software security and software supply chain risk management.

We spoke to Tim Mackey, head of software supply chain risk strategy at Synopsys to find out more about the benefits and challenges of SBOMs.

Continue reading →

As developers come under increasing pressure to deliver projects quickly, there's a rising level of conflict between development and security teams. And attackers are taking advantage of this conflict in order to target software supply chains.

So, what kind of threats do enterprises face and what can they do to protect themselves? We spoke to Pete Morgan, co-founder and CSO of supply chain security company Phylum to find out.

Continue reading →

While social media sites like Facebook remain popular, many people have worries about how their data is is being collected and used by the companies behind them.

Bret Cox is founder and CEO of True, a social network which doesn't monetize user information and focuses on people you really know. We talked him to find out more.

Continue reading →

Data science involves analyzing and interpreting large, complex amounts of data and turning it into valuable insight to achieve business goals. Though not exactly a breakthrough field now, it has changed many aspects of how markets conduct business.

In a conversation with Jerry Johnson, founder and president of Marketing Data Science Associates and director of Cascade Strategies, we talk about data science, its applications in marketing, and its future with the emergence of AI.

Continue reading →

When it comes to software development, quality testing is among the first items on the chopping block during budget cuts. It is often viewed as a cost center, and nothing more than a box to tick on the road to getting software out the door.

Chief quality architect Mush Honda of quality management platform Katalon, sees it differently. We spoke to him to find out why he thinks quality testing is an essential catalyst for company growth by helping companies retain customers, who can easily switch to competitors at the first sign of online hiccups.

Continue reading →

Traditionally used by intelligence agencies and the military, the OSINT technique is used to gather information about people, organisations or companies from freely accessible sources, then analyse the data obtained and draw useful conclusions and information from it.

But IT security experts can also benefit from the technique to discover potential vulnerabilities and remediate them before they're exploited by attackers.

Continue reading →

Developers need access to many devices and internal services in order to build software. But many of these devices and services are exposed to the public web, creating gaps in security.

Add in the challenges of securing remote working and it's clear that there's a tricky balancing act needed to enable development while keeping the organization secure. We spoke to Avery Pennarun, CEO and co-founder of VPN service Tailscale, to find out how this can be achieved.

Continue reading →

Digital transformation projects often rely on the updating or replacing of apps, but that can put a brake on the speed of progress.

Many enterprise apps rely on established systems like Java which have been around for a long time but still remain popular. We spoke to Kim Weins, VP of products at open source web development platform Vaadin, to find out more about the challenges of bringing enterprise apps up to date.

Continue reading →

The cybersecurity world is a constantly evolving one. In recent years though we've seen the rise of new technologies like AI and quantum computing that, while they may revolutionize legitimate businesses, also have worrying implications for security.

We spoke to Kevin Kennedy, vice president of products at detection and response company Vectra AI, to find out more about the risks and what organizations can do about them.

Continue reading →

This summer, Gartner introduced Continuous Threat Exposure Management (CTEM). This is a set of processes and capabilities that allow organizations to create a system for review of exposures that is faster than the periodic project-based approach.

With endless threats and vulnerabilities hammering today's organizations, exposure management that evaluates the accessibility, exposure and exploitability of all digital and physical assets is necessary to govern and prioritize risk reduction for enterprises.

Continue reading →

Last year Toyota suffered a data breach due to accidentally exposing a credential allowing access to customer data in a public GitHub repository.

This type of breach could be avoided if organizations turned their focus on credentials that are exposed within SaaS applications. We spoke to Corey O'Connor, director of product at SaaS security platform DoControl, about why he believes identity security needs to go beyond just protecting the keys.

Continue reading →

Much of our current IT infrastructure relies on DNS to safely route traffic. Securing that infrastructure is in turn heavily reliant on cryptography, but there's a threat looming on the horizon.

Quantum computing will offer a level of processing power that could render current cryptographic techniques obsolete, and that's a problem for the entire internet and networking world. We spoke to Peter Lowe, principal security researcher at DNSFilter, to discuss the possible impact of quantum computing on security and what can be done to address the threat.

Continue reading →

We're currently in the middle of a global chip shortage, while at the same time major hardware companies like Intel, NVIDIA and Arm are looking to dominate the hardware market for AI and ML applications.

This creates something of an issue where models have to be tuned and optimized according to specific hardware specifications and software frameworks, sacrificing the portability that the industry has come to take for granted..

Continue reading →

Thanks to improved security technology, most cyberattacks now rely on some element of social engineering in order to exploit the weakest link, the human.

Phillip Wylie, hacker in residence at CyCognito, believes CISOs now need to take a step back and focus on the overall picture when it comes to security. This includes securing internal and external attack surfaces, and testing the security of these environments, as well as educating employees about the risks.

Continue reading →