The latest edition of the ISMG Security Report analyzes the root causes of the Capital One data breach. Also featured: breach remediation advice and compliance with New York's new third-party risk management requirements.

The promise of cloud and mobility is to provide access to key services quickly and from anywhere at any time from any device. Zscaler's Lisa Lorenzin opens up on zero trust network access technologies, which provide a secure alternative to legacy methods.

The Capital One data breach is in early stages of remediation. Art Coviello, former chair of RSA, which was breached in 2011, shares first-hand insight on steps the breached institution and its CEO should be taking now.

Data breach costs continue well after the initial year, according to the latest IBM/Ponemon Institute,"Cost of a Data Breach" report. Limor Kessem of IBM Security shares details of the study.

Mike Cotton of Digital Defense sees a key shift in the threat landscape, as attackers focus more on attacking key endpoints and infrastructure. As a result, many organizations are developing security blind spots. Cotton explains how to regain visibility.

Taking a zero-trust approach can help organizations unshackle themselves from the password and drastically reduce the attack surface, says Akamai's Fernando Serto.

The latest edition of the ISMG Security Report offers a deep dive on the debate about whether law enforcement officials should have a "backdoor" to circumvent encryption. Also featured: An analysis of Equifax's settlement with the FTC and a discussion of a new report on the cost of data breaches.

Digital transformation: It's the present and future of business, as enterprises adapt to work at the speed and convenience of new demands. But amidst this transformation, how can security leaders avoid being obstacles and actually become catalysts for change? Alex Teteris of Zscaler shares insight.

Security leaders for a decade now have been discussing the profession's growing skills gap. But what is its true business impact, and what are some near- and long-term strategies to mitigate it? FireEye's Gareth Maclachlan shares insight.

When it comes to supply chain risk, many organizations overlook how dependent they are on those critical relationships, says Matt Kraning of Expanse. As a result, they are minimizing serious security vulnerabilities. Kraning offers insights on rethinking that dynamic.