Mobile app-based ecommerce is surging forward in India's smartphone-saturated market. After Meru Cabs' data exposure earlier in May, security experts analyze legal liability, secure development & incident response.
In an application-driven economy, are security leaders paying enough attention to application-level security? OWASP's Dhruv Soi speaks on how to ensure security in the application development lifecycle.
Gartner's John Girard boils down the mobile security challenge to three topics: the number of devices, diversity of capabilities and the complexity of management. How does he advise CISOs to tackle these challenges?
When security succeeds, it is often unnoticed. That success might also make security investments hard to sustain, given its low profile in organizations. Gartner's Tom Scholtz discusses articulating security's business value.
Wanted: Hackers for hire. Or in British government parlance: "Committed and responsible individuals who have the potential to carry out computer network operations to keep the U.K. safe." Ready to apply?
Mumbai-based Meru Cabs, which offers online and mobile-app cab bookings, has been inadvertently exposing customer data to the Internet. How did the exposure occur, and what is Meru doing to address the flaw?
Is there a governance structure that can protect your network and customer data against future attacks? Oman Insurance's Bhatia discusses how security and business alignment is critical to data security.
Laws rarely, if ever, keep up with technology, but even if they could, the consequences could prove more harmful than the benefits. That was evident at a House hearing that addressed default encryption of mobile devices.
High-profile security breaches globally have had a cascading effect on Indian organizations. Intel Security's Chris Young discusses how Indian security practitioners must shift to a resilient security model.
For years, security leaders have struggled to find the balance between ensuring strong security and maintaining customer convenience. Benjamin Wyrick of VASCO Data Security says mobility may be the answer.
As financial institutions update their defenses in light of new types attacks - from scams to network-penetrating cyber-attacks - they need to ensure they factor in all of the ways that their systems and employees might be targeted or manipulated.
Psychologically speaking, nothing beats the power of a well-timed deadline. And love it or hate it, Google's 90-day "Project Zero" deadline for fixing flaws - before they get publicly disclosed - has rewritten bug-patching rules.