As CISOs in India scramble to deal with challenges related to the COVID-19 crisis, they're discovering effective strategies. For example, they're adopting the "zero trust" model for the remote workforce and devising ways to deal with the security issues raised by "shadow IT" and "free software."
In a globally connected world, security can no longer be about the network. It's about the users who access your systems and data. Yet 50% of organisations in Australia and New Zealand don't have a defined Zero Trust strategy.
Read this infographic to learn:
Where your organisation is on the Zero Trust Path;
What...
Because so many organizations and government agencies are functioning in silos, a key component to India's soon to be finalized cybersecurity policy is the creation of an interministerial task force to respond to growing threats, says Lt. Gen. (Retd) Rajesh Pant, national cybersecurity coordinator.
It's no exaggeration to say that, in the midst of the COVID-19 pandemic, we now have the largest-ever global remote workforce. And with it comes an expanded attack surface that requires extra attention. Phil Reitinger of the Global Cyber Alliance shares five tips for securing the remote workforce.
Zero trust is not a product or a destination, but rather a journey requiring organizations to practice good security hygiene, continuous monitoring and detection, as well as rapid incident response backed by high levels of automation, says Shehzad Merchant, chief technology officer of Gigamon.
Improvements in behavioral biometrics and analytics are changing the way many financial services firms approach authentication. And more companies also are taking a "zero trust" approach to improve identity and access management, according to two security experts interviewed at RSA 2020.
In None We Trust
The Zero Trust model of information security has become a fixture in both the strategies of enterprise security teams and the roadmaps of security solution developers, and for good reason. Perimeter-focused security architectures that default to high trust levels on the internal network continue to...
Amazon's Ring is mandating the use of two-factor authentication for all users, a move designed to help stop creepy takeovers of the web-connected home security cameras. A passcode will be sent to a user's email address or by SMS.
Dell Technologies has agreed to sell its RSA security division to private equity firm Symphony Technology Group in an all cash deal worth more than $2 billion, the companies announced Tuesday. The news comes on the eve of the annual RSA Conference in San Francisco, which starts Monday.
Twitter says it has fixed an API problem that would have allowed someone to match phone numbers en masse to corresponding accounts, which could potentially unmask anonymous users. The flaw could have been found and exploited by state-sponsored actors, the social media firm warns.
Apple previously scuttled plans to add end-to-end encryption to iCloud backups, Reuters reports, noting that such a move would have complicated law enforcement investigations. But the apparent olive branch hasn't caused the U.S. government to stop vilifying strong encryption and the technology giants that provide it.
One of biggest challenges of complying with Thailand's Personal Data Protection Act, which will go into effect in May, is managing the consent of customers, says Surachai Chatchalermpun, CISO with Krung Thai Bank, the nation's largest state bank.
Proof-of-concept code has been released to exploit a severe Citrix vulnerability present in tens of thousands of enterprises. Citrix says it's developing permanent patches but that enterprises should use its mitigation guidance. In the meantime, attackers are hunting for vulnerable machines.
Adopting the policies in NIST 800-171 brings multiple security-related benefits, including best practices for data access policies, reduced risk of data breaches and insider threats, and a scalable approach to protecting sensitive data.
An advanced persistent threat espionage campaign with suspected ties to the Chinese government quietly targeted businesses and governments in 10 countries for two years, bypassing two-factor authentication, according to a report by Fox-IT.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
