While the push for security in regulated industries is compliance driven, it's essential for organizations to also develop security strategies based on business risks, says A. Shiju Rawther, head of infrastructure and security operations at a leading credit-rating bureau in India.
Traditional firewalls and security systems can't keep up with the increasing onslaught of malicious encrypted traffic. To protect your data and your bottom line it's critical that you effectively inspect all SSL traffic. Download the eBook to learn the 6 keys for uncovering hidden threats, while ensuring performance...
Rising Cost of Breaches and Data Privacy Concerns Are Driving Encryption.
In response to the rising cost of cybercrime over the past several years, as well as concerns about protecting data privacy, organizations have increasingly adopted SSL encryption to safeguard their valuable information assets. It's expected...
Ashley Madison, the extramarital online hookup service breached by attackers in 2015, has agreed to bolster its information security and data retention practices after regulators in Australia and Canada ruled that the site violated local privacy laws.
Hear ISMG editors untangle the various elements in the Shadow Brokers-Equation Group saga, evaluate a new anti-ransomware tool and reflect on the 10th anniversary of the PCI Security Standards Council in this edition of the ISMG Security Report.
It's easy to look at the payments landscape and see only the flaws. But payment card security has come a long way in the past 10 years, thanks in large part to the PCI Data Security Standard. How will card security be refined in the coming decade?
The UAE has amended its federal law against using fraudulent VPNs. Anyone using one will be fined and possibly imprisoned. Security leaders welcome the move, saying it is a positive step to help combat cybercrime.
CISOs in India will not be able to develop mature information security programs until they address the formidable challenge of gaining the support of senior management, says Manoj Sarangi, vice president and CISO at HCL Technologies, an IT services company.
CREST is launching a chapter in Singapore - its first chapter in Asia - to offer information security professionals certification and accreditation in penetration testing. It plans to eventually offer other certifications as well.
As more women make forays into the business landscape in the Middle East, some are beginning to build careers in IT and information security. But it's still by no means easy for women to break into security careers in the region, says Abeer Khedr, director of information security at National Bank of Egypt.
CISOs face the continuing challenge of how to clearly communicate information security risk to the board and senior management. But now they can take advantage of a free metrics framework designed to help evaluate an organization's cybersecurity readiness. Phil Cracknell of ClubCISO describes the effort.
"Inertia and clumsiness" at the Federal Reserve Bank of New York nearly led to one of the biggest cyber-heists in history - resulting in $81 million being stolen from the central bank of Bangladesh - being even worse, according to a new report.
France's data protection watchdog has slammed Microsoft Windows 10 for collecting excessive amounts of personal data and failing to use strong security controls. Under the country's data protection laws, Microsoft may now face up to $1.7 million in fines.
The 2016 RSA Conference Asia Pacific & Japan, to be held July 20-22 in Singapore, will offer a security road map, imparting lessons to practitioners to help them navigate through cybersecurity complexities. Here's a preview of some of the top session.
While many banks and merchants in Britain, France and Germany have long complied with the PCI Data Security Standard, deregulation has led organizations in other European countries to start taking PCI compliance more seriously and use it for competitive advantage.