Blogs

Our personal and professional lives are reliant on technology. But the sensitive data we share and store online is more vulnerable to cyberthreats than ever before. From credit card numbers and medical records to private messages and intellectual property, encrypting data is essential to safeguard our information from prying eyes and unauthorized access. Without encryption, we risk exposing our most valuable assets to malicious actors who seek to exploit our online vulnerabilities.

Since returning from RSA Conference 2023, I've collected my thoughts from the massive sensory input that comes from this four-day, 625-vendor, 700-speaker cybersecurity conference. Upwards of 45,000 people attended this year's RSA Conference—a massive increase over last year's 26,000 attendees.

Taking inspiration from the words of Helen Keller, "Alone we can do so little; together we can do so much," the theme for RSA Conference 2023 is "Stronger Together."

This episode of Women in Cybersecurity features the amazing Tanya Janca, founder and CEO of the We Hack Purple Community author of Alice and Bob Learn Application Security. Tanya is a powerhouse in the application security community, so I was thrilled to talk to her about her passion for sharing knowledge and techniques to advance our field.

New tools are proliferating to secure data wherever it lives. Six data security trends—ranging from AI washing to new data security platforms—are in the forefront for 2023.

Identity's place in the attack chain is driving the shift of identity responsibility from IT operations teams to security teams to look into passwordless, digital IDs, platforms, and more.

Encryption is a foundational element of cybersecurity. Organizations should implement encryption to counter the ever-growing threat of data breaches.

This episode of Women in Cybersecurity features Barbie Bigelow, a veteran CIO, cybersecurity executive, board member, advisor, and investor. She is currently CEO of Emerald Growth Partners, LLC, (formerly Better Technology Partners, LLC), which she founded to help clients develop and execute strategic moves while leveraging technology to accelerate growth and increase margins. Clients have included Fortune 500 companies, startup ventures, and non-profits, and she is passionate about sharing her knowledge and increasing the number of women in leadership and board member roles.

Barbie said she got into cybersecurity out of operational necessity; after all, if there is a cybersecurity incident, it affects operations. In her first CIO role at an electronics company, she created a cyber incident response team (CIRT). Since then, she's held roles and advised companies on how to approach cybersecurity in ways to support technological innovation and business needs.

Don't miss her video below, and be sure to check out the full audio interview to learn about her story and her commitments to helping increase the number of women in leadership roles in cybersecurity. 

In this episode of Women in Cybersecurity, I was delighted to interview Helen Patton, an experienced CISO who literally wrote the book on Navigating the Cybersecurity Career Path and is currently CISO for the Cisco Security Business Group. I'm also a longtime follower of hers on twitter where she shares information and resources for security leaders. 

Like many of us, her path to cybersecurity wasn't exactly direct or planned; she says, it was "a series of accidents and unexpected opportunities," where she moved from IT support, to disaster recovery, to cybersecurity. As someone who is passionate about her role and helping others, she is generous in sharing information and advice for other CISOs, as well as bringing more people into our field and helping them thrive. 

Don't miss her video below, and be sure to check out the full audio interview.

Two recent high-profile breaches—Intercontinental Hotels Group and Uber—demonstrate the criticality of securing your identities. Both of these attacks started with a social engineering attack. One started with traditional business email compromise (BEC), and the other started with MFA push bombing. The next stage of both attacks compromised the password/secrets vault.