Protecting "East-West" cloud traffic - the traffic between apps and virtual machines - is a significant challenge, but microsegmentation can help address it, says Raghu Raghuram of VMware.
Driven by digital transformation and regulatory and industry initiatives such as PSD2, 3D Secure 2.0, and Faster Payments, the need to provide strong authentication without impacting customers and transactions is a top business imperative.
To make it easier for you to evaluate the market (and not get distracted by...
Organizations can effectively rely on managed security services providers to take care of many tasks, but certain strategic security functions must be handled in-house, says Sid Deshpande, research director at Gartner.
The U.K.'s National Cyber Security Center incident response teams have investigated more than 1,000 significant incidents in the past two years, the majority of which trace to nation-state attackers, officials say.
The Pentagon is warning that a data breach at a third-party travel management service provider exposed records for an estimated 30,000 civilian and military personnel. The breach alert follows a recent GAO report warning of serious cybersecurity shortcomings in U.S. weapon systems.
The disagreements continue over Australia's efforts to pass legislation that would help law enforcement counter encryption. Technology companies and civil liberties organizations contend the latest draft of legislation would allow for too much secrecy and imperil privacy and security.
CISOs and other security practitioners are embracing the idea of a business-driven security model that takes a risk-oriented approach, says Rohit Ghai, president of RSA. "Cybersecurity conversations are becoming business conversations rather than technology conversations."
With so much focus on endpoint security, it's important not to overlook the importance of network-level security controls, says Lawrence Orans, research vice president at Gartner.
The notorious GandCrab ransomware-as-a-service gang has released the latest version of its crypto-locking malware, backed by crypter service and exploit toolkit partnerships. But the gang's marketing savvy belies shoddy code-development practices, security firm McAfee finds.
Many security experts in Asia are blasting Google for its lengthy delay in revealing that a bug in an API for its Google+ social networking service exposed personal details for about 500,000 accounts, calling it a breach of trust.
What can organizations do to thwart business email compromise attacks? In an interview, David Stubley, CEO of the consultancy 7 Elements, outlines several key steps. He'll be a featured speaker at Information Security Media Group's Security Summit: London, to be held Sept. 23.
Google blames a bug in an API for its Google+ social networking service for exposing personal details of about 500,000 users' accounts, but says it doesn't believe the information was misused. The company was forced to acknowledge the March incident after it was reported by The Wall Street Journal.
As more companies move away from passwords toward behavioral biometrics, they face new challenges, says Rajiv Dholakia, vice president, products at Nok Nok Labs. "There are no standards as such in this area on how the information is collected, how it's stored and how it's processed," he says.
Privacy and security practitioners wonder if Aadhaar data collected by private firms can actually be deleted in the next six months as directed by the Supreme Court of India, which recently determined that it's unconstitutional for companies to collect or ask for Aadhaar data from consumers.
Rapid increase in the frequency and sophistication of cyberattacks, adoption of new technologies and ever evolving regulatory requirements, continue to heighten security demands on organizations of all types. And many organizations are finding it difficult to create and maintain a robust cybersecurity program given...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
