Understanding the difference between cybersecurity crisis management and security incident response could be critical to your organization's survival. In this blog, a CISO offers insights on creating an effective crisis management plan.
Ongoing talks between the U.S. and India regarding cybersecurity issues have yet to result in significant action by the Indian government. When will India start making progress in developing an effective cybersecurity model?
While the banking industry in India has achieved some security maturity, India Post will be starting from scratch as it launches India Post Payments Bank. But the new bank will have the opportunity to build security into its infrastructure and processes, rather than bolting it on later.
The latest edition of the ISMG Security Report leads off with an analysis of the PCI Security Standards Council's new requirements that are designed to help thwart attempts to defeat encryption in point-of-sale devices.
In a rare case of potential breach accountability, Verizon is reportedly demanding a $1 billion discount to acquire Yahoo as a result of the search giant's failure to more rapidly spot a data breach that compromised at least 500 million users' accounts.
The internet of things is being compromised by malware-wielding attackers exploiting default credentials baked into devices. What will it take for manufacturers to ship devices that are secure by default?
The Yahoo breach - and the theft of unencrypted security questions and answers - is a reminder to use unique passwords and security questions, store them using a password safe and take advantage of two-factor authentication whenever it's available.
In an in-depth interview, Rama Vedashree, the new CEO at the Data Security Council of India, describes efforts to grow the nation's cybersecurity industry, help states implement security policies and train public sector leaders on key issues.
Hillary Clinton and Donald Trump ventured into new territory for their first presidential debate: cybersecurity. It marked one of the few subjects on which both candidates broadly agreed, although the exchange was marked with sharp jabs and an interesting attribution theory from Trump.
As pressure to speed the development of applications intensifies, CISOs must be the "voice of reason," taking a leadership role in ensuring security issues are addressed early in app development process, says John Dickson, principal at Denim Group, a Texas-based security consultancy.
Security expert Sean Sullivan isn't surprised that the massive 2014 breach of Yahoo, which exposed at least 500 million account details, only recently came to light. Here's why, as well as what users must learn from this breach.
To improve security, The Insurance Regulatory and Development Authority of India is requiring insurance companies to stop using internet servers outside India and to store all critical customer data domestically. The authority also is requiring insurers to take stringent measures to safeguard indigenous servers.
A roundup of the just-concluded ISMG Fraud and Breach Prevention in Toronto leads the latest edition of the ISMG Security Report. Also, how one CISO gets his security message across to the board and the challenges CISOs face during their first 100 days on the job.
The handling of a recent data breach - the details of which are still unfolding - by Oakland, Calif.-based web services company Regpack provides a look into how the discovery and disclosure of a breach can turn into a real train wreck.