23tipsodix

Rani Lofstrom, Director of Security Incubations at Microsoft

“Passwordless authenticators will keep you safer
and improve productivity”

“You are only as strong as your weakest link. And if your weakest link is anything like my mother, then you had better update your password security. Stat. Or better yet, get rid of passwords altogether. Password management is frustrating and time-consuming for busy employees. Moving to a passwordless authenticator will increase productivity by taking password policies and reset sup 23tipsodix

23tipsodix

Stephanie Scere, Cyber Security & Compliance
Manager at CountryMark

“IT and OT are not the same and should have different
plans of protection”

“Stay vigilant on what you already know and actively train your users. Business email compromise attack losses totaled nearly $2.4 billion in 2021 according to the FBI's Internet Crime Complaint Center. The emails are more sophisticated than in previous years and training your users on a regular basis is crucial to them not falling victim to one of these emails. Phishing campaigns also opens a line of 23tipsodix

23tipsodix

Oren Helman, Senior Vice President - service, marketing &
regulation at IEC - Israel Electric Corporation

“Always confirm that the link contains the exact domain
name of the sender”

“As an organization that serves around 3 million customers in multiple digital channels, it is important for us to ensure all links we send to our customers are associated with the IEC (Israel Electric Corporation) domain and never use short URLs. In light of the increasing phishing campaigns, pay extra attention to links that 23tipsodix

23tipsodix

Jeff Cornwell, Head of Networking and Security Business,
Commercial Marketplace at Microsoft

“Tap into your existing cloud spend via cloud marketplaces
to stretch your cybersecurity dollar”

“With businesses deploying an increasing number of cybersecurity solutions, sometimes a dozen or more concurrently, cloud marketplaces can help organizations simplify procurement, management, and time-to-productivity. Tap into your existing cloud spend via cloud marketplaces to stretch your cybersecuri 23tipsodix

23tipsodix

Oren Eytan, Co-Founder & CEO at odix

“Migrating to the cloud? Congratulation, but you’d better
not rest on the provider’s laurels”

“Migrating to the cloud? Congratulation, but you’d better not rest on the provider’s laurels. Many organizations falsely expect that once their data roamed to the cloud, all their security concerns as well as compliance issues will be addressed by the cloud vendor. In reality, no cloud provider provides entirely comprehensive protection to organizations. In the best case, this is a shared res 23tipsodix

23tipsodix

Sean Katz, Product Manager at Lava Networks

“In the Web3 space, decentralization doesn't automatically
solve all cybersecurity vulnerabilities”

“in the Web3 space, it's important to understand that decentralization doesn't automatically solve all cybersecurity vulnerabilities. While centralized systems may have a single point of failure, decentralized systems have multiple points of vulnerability that need to be secured. Instead of focusing on a single point of failure, consider the concept of a "single point of compromise." In Web3, the weak 23tipsodix

23tipsodix

Jen Stone, Principal Security Analyst and Podcast Host at SecurityMetrics

“A Risk assessment will help to close security gaps
more quickly and effectively”

“Start with a risk assessment. If you implement security controls without understanding threats and vulnerabilities specific to your environment, you may spend time and money on things that don't improve your security stance. A risk assessment will help you target the right areas to close security gaps more quick 23tipsodix

23tipsodix

Stefanie Drysdale, VP of Cyber at Prescient

“Waiting until the worst has happened isn't the time
to be searching for guidance”

“Prevention is the goal -- Knowing what data you're intentionally or unintentionally sharing, both personally and professionally as an organization, and creating a secure environment for it. But more often, in the event of a compromise or breach, you have to have trusted processes and resources for helping you sort through the forensics, following the data, and recovering quickly. 23tipsodix

23tipsodix

Matt Lee, Sr. Director of security and compliance at Pax8

“Get business units and the respective business leaders
on board or any security strategy will fail!”

“Make sure your business units know how security empowers their world, and ensure that you know that you have those executives' buy-in. So many security programs go wrong because the security efforts are not in support of business outcomes, and the lack of executive buy-in results in people working around the controls you put in place and the systems you depend on to identify, protect, dete 23tipsodix

23tipsodix

Jonathan Clark, Co-Founder & CTO at Hexa

“E-Commerce vendors should be cyber-aware all year
round, but especially during the holiday shopping season”

“E-Commerce vendors should be cyber-aware all year round, but especially during the holiday shopping season. Within a few prevention methods, vendors can ensure their platform as well as their users are cyber protected. Invest in regular infrastructure stress-test and deployment tools against Distributed Denial of Service (DDoS) attacks. Ensure those tools are applied across 23tipsodix

23tipsodix

Erez Nissim, Executive Vice President R&D at Playtika and Entrepreneur

“Implement security measures throughout the entire
development lifecycle to reduce the risk of cyber threats”

“Integrating security measures during the entire development lifecycle, will keep your cloud configuration honest and your production environment clean of threa 23tipsodix

23tipsodix

Ryan Williams, Cyber Security Engineer at Waterstons Australia

“Every action adds context to your digital double”

“Every post, click, comment and pic add context to your digital double.Unlike your footprints on the beach, your digital footprint will never be erased by the tide.” 23tipsodix

23tipsodix

Alexandre Blanc, Strategical and Security Advisor at VARS

“Individuals trust you with their data. Don't betray them by
storing unencrypted data in the cloud”

“In 2023 We’ll keep witnessing two worlds colliding with each other; cloud, and on-prem.As the cloud is constantly leaking, due to many cases of abuse (i.e. misconfiguration, account takeover, insider threat, etc.), and on-prem environments suffer from a growing amount of ransomware, organizations shou 23tipsodix

23tipsodix

Shaun St.Hill, CEO at Tech & Main

“Use the experts you’re already paying for”

“Use the resources you already have. For instance, contact the tech support for your firewall vendor and ask questions about your overall security posture.” 23tipsodix

23tipsodix

Yehudah Sunshine, Director of Cyber Marketing at Cyfluencer

“Take a deeper look into how you securely
share proprietary data”

“With the rise of collaboration platforms and remote work, many have grown accustomed to freely sharing data with an almost shocking disregard for the impact it could have on their data security. While the convenience of simply dragging and dropping files and even more damning usernames and passwords have helped many to manage their workflows during the pandemic, in 2023 digit 23tipsodix

23tipsodix

Alexander Ronquillo, Vice President at WhoisXML API

“Actors will continue innovating their techniques
to avoid detection”

“In my 4,000+ hours of consulting work with some of the world's most renown threat hunting & cybersecurity teams, I've found a colossal difference between the teams who innovation driven by deep-expertise, and the teams who settle for "good enough" when building cybersecurity products. The world's supreme teams know that even with standard free and open-source 23tipsodix

23tipsodix

Resham Ganglani, CEO at Halodata Group

“You can't attack an unknown enemy, but you can
always be ready to defend against it”

“Prevention in cybersecurity terms is still the only way to be secure. You can't attack an unknown enemy, but you can always be ready to defend against it.” 23tipsodix

23tipsodix

Michael Conway, Director at Renaissance

“A key threat factor we’ve seen over recent years
and will continue to see is email”

“Working alone has translated to accidental data leakage and the accidental clicking on or following links which have malicious content becoming much more prevalent. A key threat factor that we have seen over the last couple of years and will continue to see is email. Malicious content can be delivered through links receiv 23tipsodix

23tipsodix

Antonio Herraez, CTO at Micromouse

“Use TrueCDR™ technology to disarm menaces from e-mail
and prevent intrusions”

“Since the pandemic hit, the way we work has changed. Working from home has turned collaborative platforms into the communication center of our companies. The exchange of files between users is continuous and supposedly trusty; the user feels they are in a safe environment. Cybercriminals know that and exploit it! They are using known and new evasion techniques that many times are not dete 23tipsodix

23tipsodix

Ben Greenvald, Sr. SAP Integration consultant at Israel National Water Company

“Ensure your organization uses Access Control methods
(RBAC, ABAC, PBAC) properly”

“Make sure you use an Access Control method (RBAC, ABAC, PBAC) properly in your organization because anarchy can cause chaos; either by bad will or goodwill. Letting someone get the access they shouldn’t have, can harm your system. You should not let people in your organization do stuff they are not eligible or certified to as they can misjudge the consequences of what they do. 23tipsodix

23tipsodix

Dudi Malits, CEO and Founder at DM Communications

“Enforce the 12 characters password rule, and don’t open
your social assets to strangers”

“As a marketing agency that provides domestic & international PR, LinkedIn, and SEO services to technology and financial companies, as well as crisis management, I’ve witnessed the cybersecurity incidents organizations are facing. Many of them were initiated by social engineering and identity theft over social 23tipsodix

23tipsodix

Lance Soller, Head of IT at Clariter

“An attack does not have to come in the form of
sophistication. The simpler ones can be more damaging”

“There are many tiers to cybersecurity today. Consider how a breach will occur. What are the most common threat vectors? When are we sitting on our laurels assuming all is good? Let's start off with phishing. An email comes in that looks legitimate. A person clicks on the email and enters their O365 email address and password. Oops! Too late and didn't realize it. But there is 2FA so all is good. While 23tipsodix

23tipsodix

Jay Jay Davey, SOC Client Lead at Bridewell

“Security is much more than a technical problem
or something we can solve with technology”

“Cybersecurity is much more than a technical problem that can only be solved with technology. Security will always be a people’s problem at the core. You must understand the business from its different components, goals, and objectives to truly address the challenges ahead. Organizations should invest in providing continuous technical security monitor 23tipsodix