In the wake of recent massive data breaches, such as the Equifax hack, a flood of stolen data is leading to a whole new wave of account takeover crimes, says Emma Mohan-Satta of Kaspersky Lab. How can organizations refine their defenses?
Thom Langford, CISO of Publicis Groupe, says all companies should consider two essential elements when crafting an incident response plan: strong legal representation and a communications plan that considers both internal and external messaging.
"Are we vulnerable to the attacks that are being reported in the media?" All CEOs and boards of directors should be asking that question of their information security team to ensure they don't suffer the same fate - especially when it comes to ransomware outbreaks, says David Stubley of 7 Elements.
Managing privileged access is a much bigger and more complex job today than it was even just a few years ago, says Scott Walker of Bomgar Corp., who offers insights on factors to consider.
Stephen Soble of Assured Enterprises discusses what was most likely overlooked at Equifax prior to its massive data breach - and how organizations can avoid missing this vulnerability again.
Social Security numbers, birthdates and other personal information are leaked daily in breaches around the world. That's why Frances Zelazny of BioCatch suggests a new means of digital identification.
As a digital forensics investigator, Vesta Matveeva of Russia's Group-IB has great insight into the latest cyberattack trends - and the attackers. What conclusions can we draw about how to bolster defenses in 2018?
Cross-channel fraud is a growing problem for banking institutions. But Rik Van Bruggen of Neo4J says that the use of graph technology can go far to help spot and respond to connected fraud patterns.
The growing use of mobile devices is changing the security landscape, and protection must extend to the device, the application, the connection channel and the network entry point, says Bimal Gandhi, CEO at Uniken Inc.
Europe's General Data Privacy Regulation, which will affect organizations worldwide, will force them to move from "static" to "continuous" compliance, says Peter Beardmore of RSA.
It's critical for entities to remember that major infrastructure cloud services providers have a very limited responsibility for their customers' data security, says Kevin Flynn of Skybox Security.
Organizations need to develop "a friendly business relationship" with law enforcement so they can share information about a data breach to help with the investigation, says Luis Cerritos of the Royal Canadian Mounted Police.
Organizations that must comply with Europe's GDPR need to identify gaps in their ability to meet various requirements, including making prompt breach notifications and gaining consumers' consent to store their data, says Sunil Chand of Grant Thornton.
All the key players of a company's management group, including the CISO, need to be involved in the decision about whether to invest in cyber insurance, says Greg Markell of Ridge Canada Cyber Solutions, a cyber insurer.
While India's cashless initiative is being spearheaded by the government, all development and design undertaken by all stakeholders needs a common testing process to plug the security and fraud gaps in the ecosystem, says DCB Bank's Prasanna Lohar.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
