Not so long ago, many were confused about how security and privacy differ, but that has been rapidly changing, thanks to regulations such as the European Union's General Data Protection Regulation and California's Consumer Privacy Act, says attorney James Shreve, a partner at Thompson Coburn LLP.
Reducing security complexity remains one of the toughest challenges facing CISOs, driven by the non-stop increase in threats, says Jeff Reed of Cisco. Creating a sustainable solution will require advances in vendor interoperability, as well as automation and visibility, he says.
Ransomware-wielding attackers - aided by a service economy that gives them access to more advanced attack tools - are increasingly targeting organizations rather than individuals to shake them down for bigger ransom payoffs, says McAfee's John Fokker.
Development teams are increasingly building and deploying for the cloud, but DevOps practices too often fail to account for what happens after applications go from development into production and maintenance - and the ongoing security challenges they will face, says Jake King, CEO, of Cmd.
"The Human Element" is the theme of the RSA Conference 2020, but there are plenty of technology-rich topics in store for attendees, including session tracks that focus on election security, open source tools, product security and anti-fraud. Britta Glade, a conference director, previews the event.
Security practitioners must go beyond buzzwords, such as threat hunting, "and translate it into implementation effectiveness - controls that really sustain over a period of time," says Ashish Thapar of Verizon Enterprise Solutions, who offers an assessment of the cybersecurity threat landscape in the APAC region.
It's difficult to build a reliable security system based on artificial intelligence and machine learning, says Aleksandr Lazarenko of Group-IB, who offers insights on how to make the most of these technologies.
Strong business resilience metrics for measuring effectiveness, simpler networks and smaller tool sets are all needed to cope with the evolving threat landscape, says retired Major General Earl Matthews, senior vice president at Verodin.
The quality of authentication provided by behavioral biometrics is improving, says James Stickland, CEO of Veridium. Nevertheless, he says, "we haven't reached a maturity level where it is used as an explicit form of authentication, but it's certainly now deemed as an implicit form of authentication."
DDoS attacks are getting larger in size and shorter in duration at a time when multicloud environments, which lack a single point of monitoring, are becoming more common, says Ashley Stephenson, CEO of Corero Network Security, who offers risk management insights.