Many cybersecurity tools are designed to block or allow specific activities based on prescribed rules, but with insider breaches continuing, enterprise protection also requires real-time reaction to actual user behavior, says Carl Leonard of Forcepoint.
Carelessness, a lack of security awareness, unclear data ownership and poor toolsets are root causes of insider breaches, says Tony Pepper, CEO of Egress, which recently surveyed CISOs and employees to trace the cause of insider breaches resulting from both intentional and unintentional loss.
The latest edition of the ISMG Security Report describes Apple's newly announced single sign-on function that's built with privacy in mind. Plus, a discussion of the "other" insider threat and an Infosecurity Europe conference recap.
Many corporate boards of directors in India have made progress in recognizing cybersecurity as a priority. But clearly, they still have a lot of work to do. Panelists at a recent ISMG summit in Bengaluru offer insights.
Google is notifying administrators and users of its business-oriented G Suite product that the company had been storing unhashed passwords for years because of a flaw in the platform. The company believes no customer data was leaked and that all passwords remained encrypted.
Nine men have been charged in connection with an alleged SIM card swapping scheme that led to the theft of $2.4 million in cryptocurrency, the U.S. Justice Department says. The scheme allegedly involved the bribing of employees of Verizon and AT&T.
WikiLeaks founder Julian Assange's hacker roots and nontraditional approach to journalism may prove damaging following his arrest on Thursday. He's been charged with one count of conspiracy, but U.S. prosecutors still have time to file more serous charges pending his extradition from the U.K.
Communication of cyber risks to executives using enterprise risk methodologies is imperative for improving incident prevention, according to Randy Trzeciak and Brett Tucker of Carnegie Mellon University, who offer tips.
The National Internet Exchange of India, an autonomous body under the Ministry of Electronics and IT that maintains the .In registry and country code Top Level Domains, has switched to a new outsourcer for operations and maintenance. Some security experts are criticizing the move.
Identity and access management is more complicated when organizations rely on a cloud infrastructure, says Brandon Swafford, CISO at Waterbury, Connecticut-based Webster Bank, who describes the challenges in an interview.