While C-level executives understand the need for cybersecurity as their organizations undergo digital transformation, they aren’t prioritizing it enough, according to a recent Deloitte report based on a survey of 500 executives. The report, “The Future of Cyber Survey 2019,” reveals a disconnect between organizational aspirations for a “cyber everywhere” future and their actual cyber posture. One area where this is evident is in budgeting, with organizations allocating only 14% of their digital transformation budgets to cybersecurity. Further evidence is how often cyber appears on the agendas of company board meetings. Cybersecurity makes it to the agenda of 49% of organizations at least quarterly, which is a positive sign, but it also means the remaining 51% of organizations address it

While C-level executives understand the need for cybersecurity as their organizations undergo digital transformation, they aren’t prioritizing it enough, according to a recent Deloitte report based on a survey of 500 executives. The report, “The Future of Cyber Survey 2019,” reveals a disconnect between organizational aspirations for a “cyber everywhere” future and their actual cyber posture. One area where this is evident is in budgeting, with organizations allocating only 14% of their digital transformation budgets to cybersecurity. Further evidence is how often cyber appears on the agendas of company board meetings. Cybersecurity makes it to the agenda of 49% of organizations at least quarterly, which is a positive sign, but it also means the remaining 51% of organizations address it

Name: John KentTitle: Manager IT, DevSecOpsEmployer: FedExLocation: Irving, TexasEducation: BAAS Computer Science, MS CybersecurityYears in IT: 37Years in cybersecurity and/or privacy: 13Cybersecurity certifications: CSSLP, CEH, CHFI   How did you decide upon a career in security software development? My passion for software development began in 1981 and launched my career in 1987. It wasn’t until my first exposure to pen test results in 2005 that I understood software design, development, test and operations from a much wider perspective. There was so much more to programming than creating working software — it had to be resilient to malicious actors and preserve confidentiality, integrity, and availability. I was hooked! Later, when I discovered that the University of Dallas had a top cybersecurity graduate program, I

Companies in heavy industrial industries such as mining, oil and gas, electricity and chemicals have become a major target for cybercrime. But securing these companies is complicated as they must not only protect their IT infrastructure but also their OT (operational technology) assets. Cybersecurity solutions and tools that work in IT environments do not transfer well to the OT side, potentially harming industrial devices. “Even merely scanning these devices for vulnerabilities has led to major process disruptions,” according to a recent McKinsey article. But even though the same tools aren’t effective for both environments, links between OT and IT are creating vulnerabilities that need to be addressed. Industrial cybersecurity vendor CyberX has found that 40% of industrial sites have at

Name: Renju Damodaran Title: Senior Manager, Cyber Risk ServicesEmployer: Wipro LimitedLocation: Boston, MAEducation: BS, Information Systems from BITS, Pilani.Years in IT: 20Years in cybersecurity: 16Cybersecurity certifications: CISSP, CISA, SABSA SCF   How did you decide upon a career in cybersecurity? Back in the day (early 2000s), I was involved in setting up IT infrastructure for a startup company. I started interacting with information security professionals from external consulting firms and developed an interest in security as a profession. I learned BS7799 framework and landed an information security officer role in ING Vysya Bank (now known as Kotak) at India in November 2003.   Why did you decide to pursue your CISSP? I was initially influenced to pursue the CISSP by