Industry analysts first coined the term Identity-as-a-Service, IDaaS in 2006. But today, the vast majority of IDaaS implementations still focus on the "A" - access management - leaving organizations to piece together the rest. IBM's Michael Bunyard discusses how to put "Identity" back in IDaaS.
U.S. consumers now own about 870 million IoT devices. In an interview, Al Pascual of Javelin Strategy & Research, discusses the challenges involved in securing the exploding IoT landscape.
Spain's central bank says its website was intermittently offline as it struggled to repel a distributed denial-of-service attack. The temporary disruption is a reminder "stresser/booter" DDoS-on-demand services remain inexpensive, easy to procure and often effective.
A previously unnamed U.S. energy company that agreed to a record $2.7 million settlement after it left 30,000 records about its information security assets exposed online for 70 days in violation of energy sector cybersecurity regulations has been named as California utility PG&E.
To comply with the EU's General Data Protection Regulations, organizations should implement several best practices, including the anonymization of data, says Sandeep Arora, former CEO at AXA Business Services, India, and co-founder of CyberImmersions Solutions.
T-Mobile has suffered a breach that may have exposed personal data for 2.3 million of its 77 million customers, and one security researcher says the hacker appears to be keen to sell the stolen data.
How is risk management evolving as a result of ubiquitous cybersecurity risks? Jennifer Bayuk, CEO of Decision Framework Systems, provides an overview.
In many organizations, overworked security analysts are trailing the bad guys in technology and knowledge, and this gap leads to increased risk, says Jeff Michael of Lastline.
The Srikrishna Committee's recommendation in its draft of a data protection bill that foreign companies be required to only store domestically certain "critical" data of Indians is impractical and will not help prevent breaches.
Security thought leaders have long called for organizations to shift from a conventional "peacetime" view of cybersecurity to more of a "wartime" mindset. Aetna CSO Jim Routh now says it's time for enterprises to shift from conventional to unconventional security controls.
A website that appeared to be part of a phishing campaign designed to gain access to the Democratic National Committee's voter database has turned out to be part of an uncoordinated security exercise. The false alarm has highlighted the benefit of actively monitoring for election interference.
Timing incident response actions correctly helps with rapid remediation and enables taking full control of the environment, says Mandiant's Steven D'sa.
Leading the latest edition of the ISMG Security Report: An analysis of why it may be too late to secure the 2018 U.S. midterm elections. Also: A close look at the Anthem breach lawsuit settlement and a report on ransomware recovery lessons learned.
Microsegmentation is an effective way for defenders to limit the amount of access an attacker has inside a data center and stop lateral movement, says Stanley Hsu of Illumio.
Many organizations don't have a full grasp of their digital footprints, which attackers analyze closely when plotting intrusions, says Hans Barre of RiskIQ.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.