Articles about Q&A

Thanks to eCommerce, IoT devices, social media and more, organizations are collecting larger volumes of data than ever before. But often this is on the basis that they collect everything and work out what to do with it later. An approach that opens them up to risk that data can be misused.

We spoke to open detection and response firm Corelight's CISO Bernard Brantley, who believes organizations can implement a complete data strategy, allowing them to work backward from risk to raw logs and create a supply chain that generates information critical to risk reduction activities.

Continue reading →

Introduced by the US military in the 1950s, Moving Target Defense (MTD) is the concept of controlling change across multiple system dimensions in order to increase uncertainty and apparent complexity for attackers, reduce their window of opportunity and increase the costs of their probing and attack efforts.

This technique has been translated to the cybersecurity world in recent years, but while the concept is strong, it's a complex strategy that has many drawbacks if not executed properly. We spoke with Avihay Cohen, CTO and co-founder of Seraphic Security, find out more about how this concept is applied to today's cybersecurity strategies, its pitfalls and how to implement it successfully.

Continue reading →

As we enter 2023, factors such as an uncertain economy, inflation, the fear of a recession, hiring freezes and layoffs, and supply chain issues continue to take their toll on businesses -- impacting not only daily operations, but budgets for the new year.

When it comes to cybersecurity spending, in particular, Curtis Fechner, engineering fellow, threat management at Optiv, says many executives expect their budgets to be unchanged in 2023, which is a best case scenario as the risk of cuts amid an uncertain economy and business landscape looms large.

Continue reading →

Last year saw zero day vulnerabilities being actively exploited in the wild across many of the major web browsers.

For businesses that allow their users to choose which browser they use this is a problem due to the frequency of vulnerabilities. We spoke to Ofer Ben-Noon, co-founder and CEO at Talon Cyber Security and former member of the Israeli intelligence community, to find out more about the current threat landscape and how firms can secure their browsers.

Continue reading →

When threat actors evaluate a company's attack surface, they're not thinking in terms of organizational silos. They're probing for the right combination of vulnerabilities, misconfigurations and identity privileges.

It follows that security organizations shouldn't be operating in silos either. Defenders risk playing into the hands of attackers as organizations struggle with reactive and siloed security programs. Having a sprawl of point tools generates heaps of fragmented data but offers few insights.

Continue reading →

Artificial intelligence is having an impact on more and more areas of our lives. One of the areas where it has most potential is in healthcare, allowing professionals to make faster and better decisions, and applying innovative problem solving.

We spoke to Eric Landau, founder and CEO of Encord, to find out more about the benefits and challenges of using AI in this sector.

Continue reading →

The current economic downturn has meant significant budget cuts for many enterprises. But cyberthreats continue to escalate and businesses need to take them seriously.

This means that more than ever CISOs must prove the value of their cybersecurity programs to senior management. But how can they do this effectively? We spoke with Tim Erlin, VP of product innovation at SecurityScorecard to find out.

Continue reading →

Today's software customers have varied requirements about how that software is deployed and how they pay for it. So how can software companies provide high-value offerings that support customer retention?

As software suppliers offer a mix of monetization and deployment models, they need clarity into how their products are being used. We spoke to Vic DeMarines, vice president, software monetization product management, at Revenera, for insights into current trends and best practices in software monetization.

Continue reading →

It often seems to be the case that progress in the technology world is offset by an increase complexity. This can be seen in increased IT infrastructure costs, multi-cloud frameworks that need bigger teams of software engineers, increased data capture needing additional analytics, and more.

All of which lead in turn to spiraling budgets. We spoke to Andy Nallappan, chief security officer and head of software engineering and operations at Broadcom, about how organizations can partner with their strategic vendors to reduce IT complexity, drive more innovation and ultimately boost their bottom line.

Continue reading →

Talent shortages are affecting many industries at the moment and increasingly enterprises are turning to technologies like robotic process automation (RPA) to fill the gaps.

Now there's a new alternative in the form of the 'digital coworker', designed to work seamlessly alongside a company's human workforce. We spoke to Chaz Perera, CEO and co-founder of Roots Automation, to discover more about this latest innovation.

Continue reading →

The move to the cloud has meant the days of external exposure being defined by the set of IP ranges in your firewall are gone. Today's attack surface is made up of many internet-facing assets with exposure being controlled at the domain level.

This means web applications have fast become an attractive target for attackers, particularly unknown and forgotten assets -- which are plentiful in modern environments. So how can businesses defend themselves?

Continue reading →

The demands of modern business IT environments can often lead to friction between developers and security teams which can hamper the successful rollout of cloud security.

Developers want to deliver features as fast as possible and security teams want things to be as secure as possible, so there is constant conflict of interest. We spoke to David Hendri, CTO and co-founder of cloud security startup Solvo, to discover how to rebuild the trust between developers and security by creating a common language.

Continue reading →

The number of use cases for Kubernetes is expanding as an increasing number of enterprises across a wide array of industries are adopting it as their platform of choice. However, this also expands the enterprise attack surface and business risk as a result.

We spoke to William, Morgan CEO of Buoyant, about how CISOs are coming face-to-face with the insecurity that can arise from managing Kubernetes platforms. They are beginning to see the risks that can unfold as well as how a service mesh can support a security stack.

Continue reading →

As the network as we know it has changed and adversaries are finding success with new attack routes that exploit gaps in defenses.

As enterprise security undergoes a major shift we need to change the way we think about this complex 'atomized network'. We spoke to Martin Roesch, CEO of Netography, to find out about the challenges this presents and how to address them.

Continue reading →

As more and more of our computing moves to the cloud, protecting information and apps throws up a new set of challenges for enterprises.

We spoke to Ratan Tiperneni, president and CEO of cloud-native app protection specialist Tigera, to find out more about the security implications of going cloud native and how to deal with them.

Continue reading →