The former CEO of Yahoo, which has had 3 billion records exposed in a 2013 data breach, testified at a Senate hearing that it's tough for any corporation to defend against nation-state backed cyberattacks. That led senators to grill Marissa Mayer about the security steps Yahoo had taken.
With only six months until the EU's General Data Protection Regulation is enforced, organizations across the world that handle Europeans' data are grappling with compliance challenges, including how long to retain PII, says Devender Kumar of Mphasis, who offers advice on effective strategies.
Fraudulent SWIFT money-moving attacks continue, as one of Nepal's largest private-sector commercial banks, NIC Asia Bank, says attackers tried to steal $4.4 million after hacking its SWIFT server. Most of the funds have since been recovered.
Equifax says four senior executives - including its CFO - did not know the company had suffered one of the worst breaches in history when they collectively sold about $1.8 million worth of shares. Equifax's board found that 12 days elapsed before the first of the four learned about the hack.
Thom Langford, CISO of Publicis Groupe, says all companies should consider two essential elements when crafting an incident response plan: strong legal representation and a communications plan that considers both internal and external messaging.
In May 2017, the Singapore Government cut direct access to the Internet from its internal systems. This is a policy that is already adopted by Korean banks, many U.S. and U.K. military establishments, as well as the Japanese government. This is to protect government-owned computer systems from potential cyber threats...
Cyber threats have become part of the new reality across industries and governments, and some organizations are responding to this growing threat by mandating internet separation - restricting internet access from corporate or government computers to protect against cyber threats. Fears around data loss compounded...
In a world where cyber threats have become the norm, organizations must equip themselves with solutions that prevent and isolate attacks. Today, many organizations are mandating Internet separation as a means of controlling these threats. While physical Internet separation or air gap networks is one possible approach,...
Organizations can reduce the impact of inevitable data breaches by properly training staff to handle all the key response steps, says Parag Deodhar, CISO for Asia Pacific at Axa Group, a multinational insurance firm.
The National Health Service in England should have been able to block the "unsophisticated" WannaCry ransomware outbreak, U.K. government auditors have found. Security experts say the findings should be studied by senior executives across all industries to "learn from the mistakes of others."
Is digital transformation an impending "disaster" - leaving more attack surfaces open to exploit and putting enterprises at further risk? Or is there a chance to rewrite how the security department operates? Former Burberry CISO John Meakin shares his views.
A look at President Donald Trump's pick for the Department of Homeland Security secretary, Kirstjen Nielsen, leads the latest edition of the ISMG Security Report. Also featured: Equifax's and TransUnion's problem with dubious code.
Developing safe and effective information sharing practices to foster greater interoperability presents big challenges. As information sharing becomes increasingly vital in building resilient cybersecurity, the need to put a strong, collaborative structure in place is critical.
Although there are many options for...
The RSA Conference returns to Abu Dhabi in November, and event organizers Linda Gray Martin and Britta Glade say this year's agenda is packed with new speakers and topics unique to this growing annual event.