"Data sovereignty is required for the growth of the country, and as data is the new oil, we would like to preserve it appropriately and in a secure manner within the country, which can be used for the betterment of the country," says Bharat Pancha of FIS Global, in support of data localization in India.
A persistent question over the past several years is which managed service providers were affected by APT10, a tenacious Chinese hacking group. But a Wall Street Journal investigation on Monday has revealed new companies affected by Cloud Hopper attacks.
While Congress is unlikely to pass major new national cybersecurity legislation in an election year, federal regulators and state attorneys general will be busy addressing evolving health data privacy and security issues in 2020, predicts attorney Marcus Christian of the law firm Mayer Brown.
"Zero Trust" security is rapidly transitioning from a marketing buzzword to a practical methodology for protecting today's global networks. Stan Lowe, global CISO of Zscaler, shares his 2020 vision for zero trust.
"I don't think most organizations are prepared for the personal data protection and privacy bill that has been approved by the cabinet, as most people still confuse privacy and security and think that it is just an add-on to security," says Privacy Expert, Shivangi Nadkarni, CEO, Arrka Consulting.
The cybersecurity outlook for 2020 and the new decade will be characterized by more advanced, targeted and coordinated attack vectors designed to exploit the cybersecurity skills shortage, along with congenitally poor security fundamentals and hygiene.
While CCPA has drawn the biggest headlines when it comes to new U.S. privacy laws, businesses and consumers should also take notice of New York's SHIELD Act, which goes into effect in March 2020. The law is expected to have impact on Wall Street firms and other financial institutions headquartered in the state.
Seattle-based smart home device maker Wyze says an error by a developer exposed a database to the internet over a three-week period earlier this month. The data included customer emails, nicknames of online cameras, WiFi SSIDs, device information and Alexa tokens.
Wanted: A new chief executive to assume command of Britain's growing National Cyber Security Center, part of GCHQ. As Ciaran Martin departs, the successful NCSC model he helped create is being widely emulated in many countries. But the U.S. remains a notable holdout.
Security leaders in enterprise energy organizations face the challenge of assessing the efficiency of their cybersecurity program, planning proactive risk mitigation, and communicating their posture across all levels of the organization from the Board of Directors to auditors and asset owners.
Read this case study...
Researchers at Positive Technologies say they discovered a vulnerability in enterprise software offerings from Citrix that potentially could put 80,000 companies in 158 countries at risk of a cyberattack.
It's important to look into the inherent risks of engaging with vendors before getting into assessing individual companies, says Devender Kumar, CISO at TMF Group, who discusses how to handle risks arising from third parties.
Because vendors were implicated in many of the largest health data breaches in 2019, it's more critical than ever for healthcare organizations to manage the security risks posed by their suppliers, says Erik Decker, CISO and chief privacy officer at the University of Chicago Medicine.
Apple and Google have stopped distributing a popular messaging app marketed to English and Arabic speakers called ToTok. The New York Times has reported that U.S. intelligence agencies believe ToTok was developed by the United Arab Emirates government to spy on its citizens. The government bans rival offerings.