The latest edition of the ISMG Security Report analyzes the debate over whether the government should require technology firms to use weak encryption for messaging applications. Plus, D-Link's proposed settlement with the FTC and a CISO's update on medical device security.

Threat intelligence programs have evolved greatly over the past decade. But Mario Vuksan, CEO of ReversingLabs, says too many organizations are overlooking the value of local intelligence embedded in their own networks. Vuksan talks about maximizing TI resources.

In the wake of digital transformation, there remain some organizations that - for security reasons - resist the temptation to move to the cloud. What are their objections? Zscaler's Bil Harmer addresses these, as well as the critical questions security leaders should ask of cloud service providers.

Fraud schemes have migrated in recent years, exposing inherent vulnerabilities in how most organizations authenticate users. Diego Szteinhendler of Mastercard outlines new strategies and tools for evolving authentication practices beyond solely payments security.

Since Sentara Healthcare adopted a DevSecOps approach, CISO Daniel Bowden says, his security team has gained improved visibility into the entire application development process.

An effective third-party risk management program starts with asking the right questions, says Brad Keller, chief strategy officer and senior vice president at the Santa Fe Group, a strategic advisory company, who spells out key issues to address.

The latest edition of the ISMG Security Report discusses Cloudflare's harsh criticism of Verizon over an internet outage it labeled as a "small heart attack." Plus: sizing up the impact of GDPR; reviewing highlights of the ISMG Healthcare Security Summit.

In one of the recent stops in this roundtable dinner seriers, ISMG and Zscaler visited Boston to discuss the role of security as a catalyst for digital transformations. We saw in each of these conversations that change is difficult, but that everyone is asking the same questions, says Stan Lowe, Global CISO with Zscaler.

Increasingly, cyber attackers are molding technology and human intelligence into blended threats that prey upon vulnerable defenses. Chester Wisniewski of Sophos lays out how organizations can become more mature in preparedness and response.

Often in breach response, security professionals focus on the technical aspects of the attack. Yet, the non-technical aspects are often more insidious, says Teju Shyamsundar of Okta. And Identity can be a powerful tool to bolster defenses.