With Q-day getting closer, regulatory guidance pushing firms to migrate to quantum security in the next five years, and an extensive remediation backlog waiting to be discovered, security leaders must start their quantum security migration today. Easier said than done. In this Say Easy, Do Hard segment, we discuss the quantum-safe journey using a f...
Segment 1 - Interview with Tim Morris. Bringing intelligence to assets. You’ve been through 6 CMDB projects in the last decade. None of them came close to the original goals, the CMDB was already out-of-date long before the project had any hopes of completing. Is building an asset inventory just too ambitious a project for most organizations, or is...
Title: Keys Without People” — John Heasman on Cleaning Up Non-Human Access. Summary: John breaks today’s non-human identity mess into three buckets: core tools your business runs on, old/one-off integrations that linger, and engineer tokens left behind. His playbook is simple: decide what’s truly critical, assign a clear owner, keep access minimal,...
Interview with Tod Beardsley. This interview is sponsored by runZero. Legacy vulnerability management (VM) hasn't innovated alongside of attackers, and it shows. Let's talk about the state of VM. Check out https://securityweekly.com/runzero to learn more! Topic Segment: NPM Incidents. In this week’s topic segment, we’re discussing all the NPM suppl...
This is a summary of a recent webcast with Frederico Hakamine, Technology Evangelist at Axonius, Erik Nost, Senior Analyst, Security and Risk at Forrester, and Sarah Lervold, Business Value Consultant at Forrester. They discussed findings from a recent Total Economic Impact™ (TEI) study.
Vulnerability prioritization, the final frontier. Many say they do it, but do they really? It takes way more than vulnerability data to truly prioritize vulnerabilities. Greg Fitzgerald, Co-Founder and CXO at Sevco Security, and Steve Lodin , Vice President, Information Security at Sallie Mae, join Business Security Weekly to dig in. We'll discuss ...
Application, user, and data security are the three core components of every security program, but data is really what attackers want. In order to protect that data, we need to know where it is and what it's used for. Easier said than done. In this Say Easy, Do Hard segment, we tackle data inventory and classification. In part 2, we discuss the step...
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
