The Indian financial sector is at the dawn of a new age of electronic payments. What are the new form factors, and how must they be secured? An expert panel discusses the evolution and its unique security challenges.
The story around payment security in India is driven by the spurt of technology innovations in nontraditional payment channels that are seeing massive traction. SISA's 2016 Summit will look at innovation and the threat landscape.
Mobility and IoT are acknowledged by security practitioners to be a whole different beast when it comes to management. MetricStream's French Caldwell says that GRC likewise needs to change its paradigm to accommodate this disruption.
Three banks and a pharmaceutical company in India are reported to have been hacked by attackers who compromised IT administrators' computers using Lechiffre ransomware, demanding payment in bitcoins. How should CISOs defend against extortion?
Securing sensitive emails isn't just a best practice - it's often the law. Compliance with
regulations is a priority for healthcare, financial services and government organizations; it may
also need to be a priority for companies that work with these organizations or practice business
A lawsuit filed against security firm Trustwave is raising questions about "PCI Professional Forensic Investigators" and how they are monitored by the PCI Security Standards Council. But experts say the onus is on companies, not the council, to ensure their security practices are adequate.
While other nations are drafting and even amending their digital privacy standards, India continues to debate: Is privacy a fundamental right? J. Sai Deepak of law firm Saikrishna & Associates discusses why India must make privacy a legislative issue.
Aloysius Cheang of the Cloud Security Alliance says Asia is neither matured nor competent to understand the nuances of cloud security. CISOs must learn to harmonize data privacy regulations to a set of data protection principles that meet requirements.
The cyber insurance industry in Asia is heating up, with more organizations recognizing that cyber threat can in fact have crippling consequences. How will cyber insurance prove disruptive in 2016? Forcepoint's Carl Leonard shares insight
Common mistakes enterprises make while prescribing a security or information assurance policy may result in big security flaws. CISOs must define security policies that are practical and enforceable, evolved through consensus with the business.
Jeremy King of the PCI Security Standards Council explains why it has extended its compliance deadline for encryption updates aimed at phasing out SSL and TLS 1.0. But he stresses that merchants, processors and acquirers should not wait to make upgrades.
New guidance for cyber-resilience, vendor management and breach notification are expected for New York state banks in early 2016. And the tone set by these guidelines may have a ripple effect, influencing the actions of federal banking regulators.
Vivian Poon, head of Network Security Operations at UBS, sees the need to encourage women to take up new roles in risk management, governance, security and forensics. How does she recommend recruiting these new professionals?
Discussions I recently moderated around mobile security indicate that Indian practitioners have significant doubts about the effectiveness and applicability of mobile security solutions such as MDM and others.