The latest edition of the ISMG Security Report features an update on a congressional report that slams Equifax for lacking a strong cybersecurity culture. Also featured: A new study on the status of women in the cybersecurity industry and the use of Android phones as security keys.
Google's latest security feature enables the use of Android phones as a security key, eliminating the need for a separate token or hardware device. The free feature is potentially more appealing that Google's Titan security keys, which cost $50.
Facebook has corrected an internal security issue that allowed the company to store millions of user passwords in plaintext that were then available to employees through an internal search tool.
The National Internet Exchange of India, an autonomous body under the Ministry of Electronics and IT that maintains the .In registry and country code Top Level Domains, has switched to a new outsourcer for operations and maintenance. Some security experts are criticizing the move.
Adaptive authentication, which looks for deviations in users' patterns of behavior, can play an important role in enhancing security, says Dilip Panjwani, CISO and IT Controller at Mumbai-based LTI.
Identity and access management is more complicated when organizations rely on a cloud infrastructure, says Brandon Swafford, CISO at Waterbury, Connecticut-based Webster Bank, who describes the challenges in an interview.
As the requirements on IT infrastructure and IT business processes evolve, so has privileged access management. Credential vaulting, password rotation, controlled elevation and delegation of privileges, session establishment, and activity monitoring have been the focus for privileged access management (PAM) tools, but...
Security practitioners looking to deploy blockchain in their network to support authentication must look for an application that can be implemented easily and effectively, says Prasanna Lohar, head of IT at DCB Bank.
The State Bank of India, the nation's largest bank, is investigating an apparent data leak that reportedly exposed information on millions of its customers. Security experts are calling on all banks to improve their server management practices.
Researchers from Tenable Security claim they have found what is essentially a skeleton key for an ID and access control system that could open the doors for anyone, plus other less severe but nonetheless zero-day vulnerabilities.
"Self-sovereign identity" projects based on blockchain technology are likely to gain significant momentum in 2019, says analyst Avivah Litan of Gartner Research.
Credential abuse attacks and identity theft incidents are rising, with attackers leveraging botnets to launch coordinated campaigns with high success rates, says Aseem Ahmed of Akamai Technologies, who shares best practices for mitigating the threats.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
