Organizations in the APAC region are not immune to the impact of the SolarWinds supply chain hack, so it's essential that they reassess their risk management practices and audit their suppliers, two security experts stress.
North Korean hackers have been "targeting security researchers working on vulnerability research and development at different companies and organizations" to trick them into installing backdoored software that gives attackers remote access to their systems, warns Google's Threat Analysis Group.
The Monetary Authority of Singapore has published a revised set of guidelines for technology risk management to help the country's financial institutions mitigate cybersecurity threats.
In defining an IAM strategy for the cloud, CISOs need to automate the processes of provisioning, de-provisioning, monitoring and auditing as well as implementing federated access and API integration, says Rushdhi Mohammad, information security officer at the Industrial Bank of Kuwait.
Because many attacks against enterprises' cloud implementations are automated, a good defense involves using predictive technology that can analyze behaviors, says Brandon Tan of Forcepoint.
Global messaging app WhatsApp's instant payment service went live in India on Dec.16. But despite its two-factor authentication being accepted by leading banks, there are concerns about potential security issues.
To enhance organizations' security postures in the year ahead, CISOs must strengthen authentication processes, increase the use of network segmentation tools and deploy effective threat intelligence capabilities, two CISOs recommend.
The Monetary Authority of Singapore has given non-bank financial institutions access to e-payment platforms Fast and Secure Transfers and PayNow systems, despite security concerns.
Enterprises should have an incident response plan with a continuous monitoring threat intelligence sharing mechanism to help protect critical infrastructure from nation-state attacks, says Jayesh Ranjan, principal secretary-IT, government of Telangana
Networks are fundamentally changing as a result of data being used across cloud environments. So security must be built into networks to improve mitigation of cyberthreats, says Nick Savvides, senior director of strategic business, APAC, at Forcepoint.
It's not yet clear what action the state of Kerala will take now that it has abruptly withdrawn Section 118A of the Kerala Police Act, which was intended to help prevent social media abuses, including attacks on women and children.
An enterprise's cross-functional groups responsible for the business growth and brand reputation should be held equally accountable for cybersecurity. That's the view of a CISO and a CTO who participated in a fireside chat at ISMG's recent Virtual Cybersecurity Summit.
India's urban cooperative banks need to take a holistic approach to build a security governance structure, opt for an ASP services model and map their business-critical risks to comply with the RBI's security posture guidelines, according to a panel of experts.
Adopting a "security by design" approach and weaving it into the digital transformation road map helps organizations defend against cyberthreats, says Reem AlShammari, CISO at Kuwait Oil Co., who also advocates threat information sharing.
In a bid to reduce rising impersonation and identity theft cases, the Monetary Authority of Singapore is proposing to require the use of enhanced identify verification during mobile and online banking transactions.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
