Reporting security vulnerabilities to organizations with no disclosure policies can be fraught with tension. In the worst conflicts, security researchers could face lawsuits or even prosecution. Some experts say laws should provide a safe harbor for responsible security research.
As the risks to IT and OT converge, organizations must use "zero trust" to verify user identities and build effective monitoring capabilities to track the behavior of privileged users, say Kartik Shahani of Tenable and Rohan Vaidya of CyberArk.
According to this recent research, 99% of companies recognize security as important to their cloud native strategy. As companies
embrace cloud native technologies as part of their digital transformation, security is seen as a key factor to building successful platforms. The adoption of cloud native technologies has...
According to a panel of experts, protecting the Active Directory, a rich target for increasing ransomware attacks, will require organizations to audit privileged accounts and endpoints with continuous monitoring and an identity governance approach.
While there is no dearth of talent among Indian bug bounty hunters, hurdles such as lack of trust, payment disputes, cost, unethical practices and lack of regulatory laws deter the growth of the bug bounty programs in the country, according to some experts.
Now in its sixth year, the 2021 Open Source Security and Risk Analysis (OSSRA) report exposes vulnerabilities and license conflicts found in more than 1,500 codebases across 17 industries.
The report includes recommendations to help developers and consumers understand the software ecosystem they are a part of, as...
In a manufacturing setting where most employees are not IT savvy, building cybersecurity awareness is essential, says Mansi Thapar, global CISO and DPO, at Jaquar Group, an India-based manufacturer.
Today’s organizations need to rapidly build and deploy custom applications to address their digital transformation. Many discover that their AppSec programs just can’t keep up, however, resulting in costly post-development bug and vulnerability triage as well as delaying application deployment. To meet...
Vulnerability management is more than assessment scanning. It involves the understanding of risk and the integrating of people and processes to remediate the most sensitive assets in the network.
Explore this IDC Analyst Connection to delve deeper into:
State of device vulnerability management today
...
It is estimated that 60% of security professionals believe they are underfunded to carry out their work. This may arise from the fact that most cybersecurity teams are understaffed & underbudgeted, within the organisations. Building and delivering the contextualised information for leaders who assess the value of a...
The Australian Cyber Security Centre (ACSC) responded to 2,266 cyber security incidents at a rate of almost six per day from July 2019 to June 2020. These attacks not only disrupt the businesses but translate to costing the economy up to $29 billion per year which is 1.9% of Australia’s gross domestic product (GDP)....
The Australian Cyber Security Centre's (ACSC) inaugural cyber threat shows it responded to 2,266 cyber security incidents in 2019-20. Operating in a world, where pandemic has affected everything is challenging. This is especially true for industries like legal services where there is wealth of confidential data.
...
Aligning a vulnerability management program with a "zero trust" approach helps strengthen cybersecurity, says Kartik Shahani, country manager-India, Tenable.
In a recent research project on cyber risk management, 340 cybersecurity and IT professionals were surveyed. They were asked what their organization’s biggest vulnerability management challenge is. 42% of respondents indicated that their biggest vulnerability management challenge is tracking vulnerability and patch...
Is your team working constantly to discover and patch critical vulnerabilities across your global hybrid-IT landscape? Traditional vulnerability management solutions stop at only identifying vulnerabilities and don’t help with remediation. Security teams would prefer if they can automatically discover and categorize...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
