The U.S. Securities and Exchange Commission has released revised guidance "to assist public companies in preparing disclosures about cybersecurity risks and incidents." It includes new prohibitions on trading in corporate shares after a breach has been discovered but before investors have been notified.
Leading the latest edition of the ISMG Security Report: The Department of Justice indicts Russians for allegedly running an industrialized troll factory designed to influence U.S. politics. Also, a feature in Australia's new real-time payment system could be abused by identity thieves.
Want to meddle with a democracy? Just use its social media outlets against it to amplify already existing social divisions. That's the quick take on the indictment recently unsealed by Special Counsel Robert Mueller that accuses Russians of running an "active measures" campaign against the United States.
After a U.S. indictment charged Russians with running a troll factory that interfered in U.S. elections, groups tracking online disinformation campaigns warn that Russian bots are now debating the school shooting in Parkland, Florida. The White House is facing questions over what it's doing to deter Moscow.
Authentication innovation is still in its infancy, and most companies are still combining more traditional passwords and PINs with cutting edge
biometrics or contextual decisioning methods. The combination brings new capabilities to multi-factor authentication, but doesn't necessarily produce the best possible...
The digital shift is increasing the need for more sophisticated privacy and data protection measures. Several major institutions have seen their information security compromised in recent years as cyberattacks and fraudulent activity show no sign of slowing down. With PSD2 regulations now in effect, companies are in...
As cloud computing services evolve, the cloud opens up entirely new ways for potential attacks. Cloud systems and images have operating system and component vulnerabilities just like those in the enterprise. For example, Heartbleed, Shellshock and other major bugs can affect cloud systems, and there are new issues to...
Intel faces 32 lawsuits filed over the trio of flaws in its CPUs known as Meltdown and Spectre, seeking damages for the security vulnerabilities as well as alleged insider trading. The flaws have also been cited in lawsuits against chipmakers AMD and ARM, as well as against Apple.
Companies in India are increasingly automating more SOC functions because they lack skilled staff, says Neri Zin, vice president, APAC, at Cyberbit. And many are turning to MSSPs for help.
As India's CISOs grapple with the challenge of improving the accuracy and speed of breach detection, some pioneers are beginning to use deception technology to track the movements of intruders.
Attackers recently snuck cryptomining code onto thousands of websites by inserting it into a third-party accessibility plug-in called Browsealoud. Web specifications designed to guard against these types of rogue actions by third-party code libraries already exist. Why aren't more sites using them?
Organizations in the Middle East and Central Asia are beginning to respond to the nuances of the evolving threat landscape in the region due to an explosion in its information and communications technology infrastructure, and this is changing the risk profile.
when addressing the advanced capabilities required to...
The top U.S. intelligence official has warned Congress that Russia will attempt to meddle in the this year's U.S. midterm elections, a repeat of the country's alleged 2016 U.S. presidential election interference.
As internet of things devices become increasingly common in the enterprise, CISOs must lead the way in making sure emerging security issues, including a higher risk of distributed denial-of-service attacks, are adequately addressed, says John Pescatore of the SANS Institute, which offers training for CISOs and others.
After two years of development in stealth mode, the Sheltered Harbor effort to get U.S. financial institutions to use a standard approach to account data backup is shifting into high gear, says Trey Maust, the new CEO of the initiative, which is backed by FS-ISAC.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.