The National Internet Exchange of India, an autonomous body under the Ministry of Electronics and IT that maintains the .In registry and country code Top Level Domains, has switched to a new outsourcer for operations and maintenance. Some security experts are criticizing the move.
Recent data leaks, including the SBI incident that affected millions of customers, have once again stirred up a debate on the role of auditors in cybersecurity. But a bigger issue is the need to invest in appropriate security technologies and implement stronger policies and awareness programs.
With the general election approaching this spring to constitute the 17th Lok Sabha, cybersecurity leaders say India must be prepared to thwart foreign cyberthreats and protect electronic voting machines against hacking by using appropriate security measures.
The Reserve Bank of India intends to do away with the one-time password authentication process for online transactions. In a step in that direction, for the first time, it's allowing widespread tokenization of debit, credit and prepaid card transactions to enhance the safety of digital payments.
Forty-three states have reached a settlement with Neiman Marcus over its 2013 data breach, one of several breaches from that period blamed on in-memory malware. The retailer will pay $1.5 million and must use encryption and tokenization to protect card data.
Although the Reserve Bank of India mandated that banks complete the shift from magnetic stripe debit and credit cards to EMV chip-and-PIN cards by Jan. 1 to help reduce fraud, there's still plenty of work to be done.
Efforts to protect privacy must be carefully balanced against the need to practically implement advanced technologies, argues Jared Ragland, senior director for policy in APAC at BSA/The Software Alliance, an advocacy group for software companies.
Although CERT-In says the hacking of Indian websites declined dramatically this year, based on reports it has received, some security experts argue that many hacking and other cybercrime incidents are never reported.
Marriott's mega-breach underscores the challenges companies face in securing systems that come from acquisitions as well as simply storing too much consumer data for too long, computer security experts say. Meanwhile, the hotel giant has yet to answer many pressing data breach questions.
The fight against fraud in a cashless economy requires investments in technologies that can offer early warning signals, says Bharat Panchal, senior vice president and head of risk management at National Payment Corporation of India.
The Reserve Bank of India issued a notice to all cooperative banks advising them to apply caution while deploying third-party core banking applications and check for appropriate security standards. The move came after credential theft incidents at some banks. But will banks heed the advice?
Many merchants in Japan find it difficult to pass a PCI Data Security Standard audit because the PCI guidelines are changed too frequently, argues Yiochi Ueno, who serves as a Qualified Security Assessor who audits merchants.