The intensive discussion between the Supreme Court and the CEO of UIDAI on recent Aadhaar-related data leaks could result in the court recommending that the Ministry of Law and Justice make amendments to the Aadhaar Act and direct the UIDAI to build a far more robust security framework.
India's Haryana Power Corporation has confirmed that a hacker cryptolocked its billing system, demanding a ransom in exchange for the decryption key. The organization says it has refused to pay. The attack is a reminder that the power sector continues to be targeted by hackers.
Two out of three organizations say that finding qualified cybersecurity professionals is a struggle, a new study shows. And 80 percent of respondents do not feel adequately prepared to defend their organizations. Kathie Miley of Cybrary and Wade Baker of Cyentia Institute discuss how to bridge the cyber skills gap.
The unfolding story of Cambridge Analytica, which shows how personal information on millions of consumers was obtained via Facebook, demonstrates the degree to which our personal data can be weaponized against us.
There seems to be no end to the bad news about Indian government website vulnerabilities. What can the government do to better protect citizens' data? For starters, they should promptly pay attention to warnings from local security researchers.
The PCI Security Standards Council is offering 40 percent lower fees for participating organizations in nations with lower-income economies. "We want to encourage countries in Africa and South Asia to get engaged with us," Jeremy King, international director at PCI SSC, tells ISMG in an exclusive interview.
If you browsed the latest security headlines, you'd probably think the majority of data breaches were related to hackers, political activists, malware or phishing. While the latter two hint at it, the truth is that nearly half of all data breaches can be traced back to insiders in some capacity.
Those concerned about the security of India's Aadhaar biometric ID are pleased that the Supreme Court has ruled that linking Aadhaar numbers to bank accounts, payment cards and mobile phones cannot be mandatory until security issues are adequately addressed.
Although more organizations are adopting cloud access security broker technology, CASB policy templates and runbooks, as well as best practices, are still evolving, says Rohit Gupta, group vice president for cloud security products at Oracle Corp.
To prepare for compliance with the EU's GDPR, which will be enforced beginning in May, organizations must adopt a "privacy by design" approach, says Subhajit Deb, CISO at Dr. Reddy's Laboratories, an India headquartered pharmaceutical company that does business in 11 countries.
Australia's real-time payments platform, which launched last week, includes a feature designed to reduce fraud and erroneous payments. Ironically, the feature may also expose users to social engineering attacks.
As internet of things devices become increasingly common in the enterprise, CISOs must lead the way in making sure emerging security issues, including a higher risk of distributed denial-of-service attacks, are adequately addressed, says John Pescatore of the SANS Institute, which offers training for CISOs and others.
After suffering one of the worst data breaches in history, in which 145.5 million U.S. consumers' personal details were stolen, credit bureau Equifax has hired Jamil Farshchi to serve as its new CISO. Farshchi joins from Home Depot, which hired him after suffering a massive data breach.
Following the online attack against the opening ceremonies of the Olympic Winter Games in South Korea, some pundits were quick to guess that Russia was involved. But some attribution experts call the rush to attribute any cyberattack premature or even "irresponsible."