Beyond APT30, another advanced threat group appears to be at work in India and the SEA region, targeting critical information assets. However, APT resiliency is not yet a part of the security lexicon, experts say.
Data loss prevention is a popular initiative to mitigate insider threats and third-party risks. But why is DLP so challenging to deploy correctly? Surendra Singh of Websense shares lessons learned and tips for success.
Put your personal feelings aside; what's dangerous about the AshleyMadison.com breach is that ideologists will now go beyond taking down an IT system and actually destroy a business. This evolution, says cybersecurity expert Carl Herberger, requires a new way to assess and mitigate risk.
The FFIEC has released its much-anticipated Cybersecurity Assessment Tool. Hear why banking regulator Tim Segerson believes the tool is expected to be rolled into regulatory examinations by summer of 2016.
India has yet to experience a data breach on the scale of Sony or Home Depot. But the market is growing, and so are breach risks, says Kroll's Reshmi Khurana. How must security leaders prepare their organizations?
Wipro has developed a fraud detection model for improved risk management using big data analytics. Can CISOs leverage it to reduce risk, enhance process efficiency and refine fraud detection algorithms?
EdgeWave's Mike Walls, a former bomber pilot who led Navy red teams, says penetration testing is useful in analyzing bits and bytes but not the readiness of operations under attack from cyberspace. Red teams, he says, can analyze the impact on operations.
In assessing risk, computer security has three characteristics: confidentiality, integrity and availability. But not all of those traits help systems designers assess privacy risks. So NIST is developing a privacy risk management framework.
Mobile app-based ecommerce is surging forward in India's smartphone-saturated market. After Meru Cabs' data exposure earlier in May, security experts analyze legal liability, secure development & incident response.
In an application-driven economy, are security leaders paying enough attention to application-level security? OWASP's Dhruv Soi speaks on how to ensure security in the application development lifecycle.
When security succeeds, it is often unnoticed. That success might also make security investments hard to sustain, given its low profile in organizations. Gartner's Tom Scholtz discusses articulating security's business value.
The pharmaceutical industry is data-rich, and CISOs of the sector face a huge challenge in protecting its intellectual property. GlaxoSmithkline's Steve Williamson offers tips for securing the data lifecycle.