Privileged access management is more critical as a result of the shift to telework during the COVID-19 pandemic and the ongoing movement of applications and data to the cloud, says Dr. Yask Sharma, CISO of a large national critical infrastructure organization in India, who outlines essential PAM components.
As CISOs in India scramble to deal with challenges related to the COVID-19 crisis, they're discovering effective strategies. For example, they're adopting the "zero trust" model for the remote workforce and devising ways to deal with the security issues raised by "shadow IT" and "free software."
Supermarket giant Morrisons is not liable for a data breach caused by a rogue employee, Britain's Supreme Court has ruled, bringing to a close the long-running case - the first in the country to have been filed by data breach victims.
Zoom has apologized for sharing large sets of user data by default with Facebook, blaming the social network's software development kit, which it has removed from its iOS app. With COVID-19 driving unprecedented levels of remote working, video conferencing software is under the privacy and security microscope.
The Reserve Bank of India's plans to create a self-regulatory organization by April to help oversee the digital payments system could help reduce the complexity of RBI's efforts to help ensure payments security, some security experts say.
Who's surprised Chinese military hackers allegedly hacked Equifax? For a foreign power that continues to attempt to amass personal information on its adversaries, targeting a business that gets rich by buying and selling Americans' personal data remains an obvious play.
Iowa prosecutors have dropped all charges against two penetration testers who were contracted to test the electronic and physical security of three judicial facilities, only to be arrested for trespassing. The case highlights how a lack of communication before penetration tests can have serious consequences.
One of biggest challenges of complying with Thailand's Personal Data Protection Act, which will go into effect in May, is managing the consent of customers, says Surachai Chatchalermpun, CISO with Krung Thai Bank, the nation's largest state bank.
"I don't think most organizations are prepared for the personal data protection and privacy bill that has been approved by the cabinet, as most people still confuse privacy and security and think that it is just an add-on to security," says Privacy Expert, Shivangi Nadkarni, CEO, Arrka Consulting.
Wanted: A new chief executive to assume command of Britain's growing National Cyber Security Center, part of GCHQ. As Ciaran Martin departs, the successful NCSC model he helped create is being widely emulated in many countries. But the U.S. remains a notable holdout.
Starting Jan. 1, State Bank of India will no longer accept magnetic stripe debit card transactions and will accept only EMV chip-based cards in compliance with an RBI mandate, which is designed to help prevent card fraud, including skimming and cloning.
One of the largest fines to date for violating the EU's General Data Protection Regulation has been announced by Germany's federal privacy and data protection watchdog, the BfDI, against 1 & 1 Telecommunications, in part for inadequate authentication mechanisms. The company plans to appeal.
While there is little doubt that cybersecurity audits provide an additional layer of assurance, security practitioners often question their effectiveness. So, what are the ways to ensure the relevance of these audits?
An audit from the U.S. Energy Department's Inspector General finds that the agency is prone to making the same cybersecurity mistakes year-after-year. This includes exposing critical infrastructure, including nuclear facilities, to outside hacking and attacks.
To help security practitioners address their cybersecurity challenges, ISMG is hosting a Cybersecurity Summit on Nov. 21 in Mumbai, best practices in tackling cybersecurity issues. Among the speakers: Loknatha Behera, Kerala's state police chief, and former Supreme Court Justice B. N. Srikrishna.