Highly targeted assets demand perfect security but can’t afford loss in performance. Critical systems are increasingly targeted because they contain the most valuable information. These systems cannot afford a moment of unscheduled downtime or performance degradation as they are the lifeblood of the organization....
European Union lawmakers have criticized the British government's updated privacy bill over concerns that it fails to adequately protect European citizens' fundamental rights. Lawmakers also heard from the Irish data authority on the status of its pending TikTok inquiry.
As many countries in APAC are coming out with their own privacy laws, the region is fast becoming the epicenter of data protection developments around the globe, said Raymund Liboro, former commissioner and chairman of the National Privacy Commission, Philippines.
Many small and medium-sized businesses are facing "generational trauma" in trying to comply with a variety of regulatory and other compliance issues as these requirements are being demanded by their larger business partners, insurers and others, says Tarah M. Wheeler, CEO of Red Queen Dynamics Inc.
With new legal, contractual and cybersecurity requirements, the regulatory landscape is constantly changing on both local and national fronts. As a result, compliance can become increasingly difficult, leaving organizations with a certain amount of risk, said James Shreve, partner, Thompson Coburn.
This whitepaper reviews the Zscaler architecture and how it helps companies and Department of Defense (DoD) suppliers comply with the DoD Cybersecurity Maturity Model Certification (CMMC) 2.0.
CMMC is a certification process developed by the DoD to ensure that contractors have a unified cybersecurity standard system...
Federal agents arrested the alleged administrator of the criminal underground forum BreachForums, tracing him to a small town in New York's Hudson Valley. FBI agents say Conor Brian Fitzpatrick, a resident of Peekskill, confessed to being "Pompompurin."
The software risk landscape has changed – and not for the better. Malicious actors constantly evolve their tactics, techniques, and procedures (TTPs) to find new ways of infiltrating or disrupting organizations, and the software supply chain is now firmly in the crosshairs. A surge of sophisticated and diverse...
Software supply chain security (SCS) is rapidly gaining unwelcome notoriety as high-impact breaches hit the headlines. Third-party software suppliers SolarWinds, Apache (Log4j), and Kaseya have had far more than fifteen minutes of fame, alerting businesses and governments to the extent of structural weaknesses in the...
Ninety-four percent of recent survey respondents are concerned that TLS 1.3 will break their existing security controls. With the ever-expanding amount of encrypted network traffic mandated, it’s important to understand how to balance user and customer privacy with security controls. Join experts from Cisco Security...
The transition to PCI DSS v4.0 is a major inflection point for the payments industry – not only does it restructure how risk is assessed, but it also provides a better foundation for meeting ongoing technical innovation. While organizations with mature programs may need comparatively little uplift, all organizations...
Federal officials recently froze the assets of Ethereum blockchain cryptocurrency mixer Tornado Cash, stating that civil and potentially criminal penalties await those who use the service. On this week's "Sound Off," crypto expert Ari Redbord explains why the sanctions are "exceptional."
They’re necessary contributors to the business ecosystem, but there’s risk associated with third-party remote access, including bad actors lurking around every access point.
Domain name registrars track domain name owners via "whois" data, which is a crucial tool for investigators combating cybercrime. But Kroll's Alan Brill says that since the EU General Data Protection Regulation went into effect, many registrars no longer publicly share such information, and that's a problem.
Supply chain risk must be part of an enterprisewide risk management program framework, says information security manager Matt Marciniak of financial service firm Quantile. Reducing risk requires an agile approach to supplier management, he says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
