Regulatory compliance and technology innovation are making security more complex, so organizations need to look beyond technical base measures for metrics, says SAI Global's Andrew Bissett.
Cybercrime is a business and, like any business, it's driven by profit. But how can organizations make credential theft less profitable at every stage of the criminal value chain, and, in doing so, lower their risk?
It's déjà vu "FBI vs. Apple" all over again, as Reuters reports that the Justice Department is seeking to compel Facebook to build a backdoor into its Messenger app to help the FBI monitor an MS-13 suspect's voice communications.
The best way to take a holistic approach to the current threat landscape is to define security issues as business problems and then put the problem before the solution - not the other way around, contends RSA CTO Zulfikar Ramzan.
While IT and OT integration has brought about new levels of operational efficiency, it has also introduced serious cyber risks that conventional IT security approaches might fail to address, says IBM Security's Paul Garvey.
Although cybersecurity plans sometimes clash with business goals, the role of security should be to enable the business and not necessarily lock everything down, says Andrew Woodward of Australia's Edith Cowan University.
Artificial intelligence and machine learning will have a significant impact on lowering the cost of securing an organization because it will reduce the need for advanced skillsets, predicts Rapid7's Richard Moseley.
As the HIPAA security rule turns 20, it's time for regulators to make updates reflecting the changing cyberthreat landscape and technological evolution that's happened over the past two decades, says security expert Tom Walsh.
But before India enacts a domestic data storage mandate, all the cost implications must be carefully considered. Legislators must study whether the benefits justify the hefty costs involved.
An analysis of the privacy issues Amazon will face as it dives deeper into the healthcare business leads the latest edition of the ISMG Security Report. Also featured: A preview of ISMG's Security Summit in New York Aug. 14-15.
Even though many organizations believe that supply chain cyber risk is a serious problem, very few organizations are vetting their suppliers, says CrowdStrike's Michael Sentonas.
Hubris has a new name: Bitfi. The cryptocurrency wallet-building company, backed by technology eccentric John McAfee, earned this year's not-so-coveted Pwnies Award for "Lamest Vendor Response" for how it mishandled security researchers' vulnerability disclosures. Bitfi has promised to do better.
Forty-eight percent of customers drop the products and services of organizations that have had a publicly-disclosed data breach. This is but one of the findings of the new 2018 Global State of Online Digital Trust study commissioned by CA Technologies. CA's David Duncan analyzes the results.
Espionage: Every nation does it. But for nation-state hacking that targets intellectual property or interference in political affairs, the U.S. has been using criminal indictments against individuals as a diplomatic way of saying: "We see what you're doing, now knock it off." But does it work?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.