The proposed Personal Data Protection and Privacy Bill, which was tabled in the Indian Parliament, needs to guarantee the fundamental right of privacy and have a methodology to establish a secure data flow across the border, under Section 17 of the IT Act, said retired Justice B.N. Srikrishna.
Indian national cybersecurity coordinator and retired Lt. Gen. Rajesh Pant says Indian enterprises need to start investing in cybersecurity to respond to increasing cyberattacks since cyberspace is now borderless and interconnected with little attribution.
Small efforts result in big changes to address the skillset shortage. Samrat Bhatt, senior IT director at MatchMove, initiated a skills gap analysis, upskilled resources, drafted new processes and updated old ones to maximize returns. But the defining pillar is always people, Bhatt said.
The U.S. Securities and Exchange Commission and the state of New York have proposed new cybersecurity regulations. Fred Harris, managing director of Societe Generale, says it's a "watershed moment for the industry" and offers insights as to how financial institutions can manage these changes.
British outsourcing service provider Capita, which has major U.K. healthcare and military contracts, said an online attack disrupted internal access to Microsoft Office 365 applications, leading to service outages for multiple customers. The company hasn't said if ransomware was involved.
Days after Google suspended the popular budget e-commerce application Pinduoduo from its Play Store, researchers are alleging that the Chinese app can bypass phones' security and monitor activities of other apps, including accessing private messages and changing settings.
Security researchers have uncovered more evidence that the North Korean Lazarus Group is responsible for the software supply chain attack on 3CX, a voice and video calling desktop client used by major multinational companies. Tools and code samples match previous Lazarus hacks.
Ukrainian law enforcement busted a transnational group of scammers that used more than 100 phishing websites to defraud Europeans. The scammers embezzled nearly $4.4 million by fooling more than 1,000 victims into handing over payment card details, police said.
Hackers have used a modular toolkit called "AlienFox" to compromise email and web hosting services at 18 companies. Distributed mainly by Telegram, the toolkit scripts are readily available in open sources such as GitHub, leading to constant adaptation and variation in the wild.
Rules coming in April could require publicly traded companies to disclose a breach within four days of deeming it material as well as board member cybersecurity expertise. The SEC in March 2022 proposed a mandate that companies disclose "material" incidents within four business days of discovery.
The parent company of subprime lender TitleMax says hackers made off with the Social Security numbers and financial account information of up to nearly 5 million individuals. The company notified the FBI and "believes the incident has been contained." Hackers stole information over an 11-day period.
Three healthcare organizations joined the list of entities treating past use of tracking technologies in patient websites as a data breach reportable to federal authorities. The entities admitting such incidents are New York-Presbyterian Hospital, UC San Diego Health and Brooks Rehabilitation.
Every CISO's dream includes improved outcomes, maturity, increased return on security investments and a faster response to cyber incidents. Retired Commander Sanjeev Singh, CISO and data protection officer at Birlasoft, shares his secret of adopting XDR and realizing that dream.
Italian regulators announced Friday an effective ban on ChatGPT after determining that artificial intelligence firm OpenAI likely engaged in a massive illegal collection of personal data. The agency gave OpenAI until April 19 to address its concerns or potentially face fines.
Google says it spotted two "highly targeted" advanced spyware campaigns using zero-days in the Android and iOS operating systems and vulnerabilities in the Samsung Internet Browser. The U.S. Cybersecurity and Infrastructure Security Agency ordered agencies to patch many of the vulnerabilities.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.