In late 2023, the debut of ISO/IEC 42001 marked a major advance in AI standards, offering a systematic framework for AI management. Avani Desai of Schellman sees it as a "paradigm shift" that emphasizes managing AI-specific risks that are distinctly different from traditional concerns.
Security organizations in the APAC region need to adopt widely recognized frameworks consistently ensure digital trust and protect privacy, according to a panel of experts from the APAC region. Industry certifications are a good investment for improving security programs and business resilience.
Gary Hibberd, known as "The Professor of Communicating Cyber" at cybersecurity services provider Cyberfort Group, discusses the biggest changes made since 2013 to the ISO 27001 international standard for an information security management system, which helps organizations secure their data assets.
Being the CISO of a pharma sector means you are accountable for the decisions made, ensure that you make the best use of the funds, resources and skills, and are capable of translating business requirements into cyber solutions, says Agnidipta Sarkar, group CISO at Biocon, as he takes up the new role.
Often traditional compliance processes in place in the organisation cannot scale up to growing requirements and complexities. As a result, too much time is wasted on after-the-fact mitigation on audit findings. In a fast-paced environment, organisations would like to break free from reactive and manual solutions and...
CISOs are gaining additional discretionary powers to make risk-based decisions, especially as organizations implement the ISO 27035-3 incident response standard, says Khawaja Mohammad Ali, CISO of a large federal bank in Pakistan.
To battle against a surge in cybercrime during the COVID-19 pandemic, enterprises need to take several steps, including periodic vulnerability and risk assessment tests and regular audits, says Rajan Pant, founder of IT-SERT of Nepal. Pant also is calling on the government to take action.
Percona is an industry leader in providing best-of-breed enterprise-grade support, consulting, managed services, training and software for MySQL, MariaDB, MongoDB, PostgreSQL and other open source databases in on-premises and cloud environments. After noticing gaps across their third-party security and privacy...
One of biggest challenges of complying with Thailand's Personal Data Protection Act, which will go into effect in May, is managing the consent of customers, says Surachai Chatchalermpun, CISO with Krung Thai Bank, the nation's largest state bank.
"I don't think most organizations are prepared for the personal data protection and privacy bill that has been approved by the cabinet, as most people still confuse privacy and security and think that it is just an add-on to security," says Privacy Expert, Shivangi Nadkarni, CEO, Arrka Consulting.
What's the purpose of ISO 27701, the new privacy extension to the ISO 27001 information security management standard? Matthieu Grall, CISO and DPO at SodiFrance, a French IT services company, who participated in development of 27701, explains the standard and discusses "privacy by design" compliance issues.
The Cyber Security Agency of Singapore has come up with an operational technology and cybersecurity master plan aimed at building a secure and resilience ecosystem to protect critical infrastructure. But will implementation prove feasible?
Companies that want to continue doing business globally will need to take privacy much more seriously, especially in light of increasingly strict new laws, ranging from the California Consumer Privacy Act to the EU's GDPR, says privacy and security expert Michelle Robles.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.