Articles about Q&A

When getting a new smartphone most people focus on features and pricing, while security tends to be overlooked. But as we access the internet more using mobile devices, protecting users' personal information, transactions, and digital identities is vital.

We talked to Tom Tovar, CEO of Appdome, to discuss why mobile security should be at the forefront of consumer and media conversations and why it's currently being neglected.

Continue reading →

Ransomware attacks are increasingly targeting organizations across industries, with the potential to cause devastating financial, operational, and reputational damage.

We spoke to James Eason, practice lead for cyber risk and compliance at Integrity360, to get his insights into how executive boards can effectively prepare for such incidents.

Continue reading →

The overall threat landscape facing organizations is expanding, yet many of the threats such as phishing remain the old favorites. What's more, AI is making them more effective by eliminating many of the old tell-tale signs.

With the evolving challenges and risks facing them, how can CISOs effectively network internally and externally to gather support of the broader team and build an appropriate security posture? We spoke to Robin Bell, CISO at Egress, to find out.

Continue reading →

In recent years generative AI has made its way into many areas of business, helping to transform and streamline processes. However, its potential in the procurement space remains relatively unexplored.

We talked to Kevin Frechette, CEO of Fairmarkit, to find out how enterprises can exploit GenAI to gain agility, efficiency, and smarter decision-making in their sourcing decisions.

Continue reading →

Increasing amounts of regulation are creating an issue for businesses as they seek to ensure compliance whilst still delivering on their core activities. This is leading many to boost the size of their security teams.

We spoke to Jay Trinckes, CISO of Thoropass, who believes that using AI, with its ability to analyze vast amounts of data quickly and accurately, will be key to bridging this gap without the need for massively expanded staffing.

Continue reading →

Protecting critical national infrastructure (CNI) against attack is a huge undertaking for governments and for those organizations that deliver CNI services.

New regulation in Europe -- the NIS2 Directive -- includes an increased focus on resilience for CNI, covering traditional critical services like banking, utilities, transport and public safety as well as new provisions for digital service providers. In 2025, the Digital Operational Resilience Act (DORA) will enforce more stringent resilience and security requirements on the financial sector. And in the UK, the forthcoming Cyber Security and Resilience Bill will demand more investment in security too.

Continue reading →

As with other forms of 'off the books' shadow tech, used by employees without company approval, shadow AI is a double-edged sword.

Cyberhaven Labs recently reported a sharp 485 percent increase in corporate data flowing to AI systems, with much of it going to risky shadow AI apps.

Continue reading →

A recent survey found that only 37 percent of businesses are prepared for AI. This means they risk being left behind as competitors embrace the technology.

We spoke to Richard Tworek, CTO at Riverbed about how organizations can embrace AI and how they can succeed in today's rapidly evolving landscape.

Continue reading →

For enterprises, making the right cyber security investment isn't just about selecting the most advanced technology. To truly get the best return, decision-makers must also consider the strategic and financial aspects of their choices.

We spoke to Ben Vaughan, chief commercial officer at Bridewell, to discuss how by engaging with the right teams, businesses can ensure their security solutions are not only technically sound but also aligned with their long-term financial goals and sustainable growth.

Continue reading →

In DevOps and IT circles, the word 'observability' has been bandied about for the past few years. Observability is one of those hot and trendy terms which also means different things to different people.

Yet the goal is generally the same: how can we observe our environment and then proactively and even automatically make fixes to things that aren't working, are anomalous, suspicious and/or could potentially cause a disastrous outcome? Such outcomes could include a network failure, a security breach, a server reaching capacity, or in the unstructured data management world -- something else entirely.

Continue reading →

As the European Union updated the Network and Information Security (NIS 2) Directive in October last year, many companies were asking: what does it take to comply with this sweeping new regulation? Designed to tighten cybersecurity across critical industries, NIS 2 goes beyond the original directive’s framework, bringing strict rules, wider sectoral reach, and substantial penalties.

We spoke to Sam Peters, chief product officer at isms.online, to find out what businesses need to know to ensure compliance and understand the directive's impact on both operations and reputation.

Continue reading →

Blockchain technology has often been touted as a game changer for the security of transactions in different fields.

However, many organizations still don't full appreciate its value or how to incorporate it into their applications. We spoke to Lee Jacobson, senior vice president business development Web3 at video game commerce company Xsolla to find out about how blockchain implementation can be made easier.

Continue reading →

While many organizations have solutions in place to identify patchable CVEs, non-patchable security issues such as misconfigurations continue to provide threat actors with consistent access points to exploit organizations.

We spoke to Jason Mar-Tang, field CISO at Pentera, to discuss the challenge of non-patchable security issues vs. CVEs, what makes them so much more difficult to identify, the challenges of remediation, and what standards organizations should implement to tackle this challenge.

Continue reading →

Enterprises are increasingly using GenAI to transform their organization. As they move ahead, they're evaluating their preparedness from a business, safety, skills, and product level. But there's another key factor at the backend that's being overlooked: the network.

Full GenAI adoption introduces significant new challenges and demands on the network, such as bandwidth strain and unique security vulnerabilities. If these demands aren't accommodated, organizations won't realize the benefits of GenAI.

Continue reading →

It's becoming common in the cybersecurity industry to encounter two situations that are equally untenable.

On the one hand, the job of a typical chief information security officer (CISO) has become overburdened with the high stress of constantly evolving risks, talent shortages, budget constraints, board disconnects and more, leading to burnout. On the other, many organizations, particularly small to midmarket ones, don't have the resources to afford a full-time security executive, despite facing the same cybersecurity and compliance challenges as everyone else.

Continue reading →