As organizations detect more breaches, incident responders are increasingly overloaded, says Darktrace's Dave Palmer, who recommends organizations adopt strategies for "surgically interrupting the bad" while maintaining normal business processes and productivity.
Cybersecurity insurers, faced with growing demand, are looking for new ways to better measure their risks, says Aleksandr Yampolskiy, CEO of SecurityScorecard. So some are moving toward more carefully scrutinizing the cybersecurity postures of their potential clients.
One of the key lessons offered at ISMG's Fraud & Breach Prevention Summit, held June 12-13 in Bengaluru, was the need for security practitioners to have a better perception of threats and risks so they can build successful detection and defense mechanisms.
Nearly three weeks after human resources software vendor PageUp discovered malware on its system, the tally of what data was exposed remains unclear, although successful job applicants appear to have been hardest hit.
When June arrives in the United Kingdom, that means it's time for the annual Infosecurity Europe conference in London. Here are visual highlights from this year's event, which featured 240 sessions, 400 exhibitors and an estimated 19,500 attendees.
The U.K.'s Dixons Carphone is investigating a data breach that resulted in the suspected exposure of 5.9 million payment cards and nonfinancial information for 1.2 million customers. The incident could become the first U.K. breach to fall under the EU's General Data Protection Regulation.
PageUp, an HR software developer in Australia with clients worldwide, is warning that malware-wielding attackers may have accessed a raft of personal data stored in its systems. The breach may be the largest to have hit Australia since its mandatory data breach notification law went into effect in February.
The entire approach toward Aadhaar security needs to change to address problems on the users' end, rather than focus on the UIDAI's core database, contends Na. Vijayashankar, a cyber law expert. He'll be a featured speaker at ISMG's Fraud and Breach Prevention Summit in Bengaluru.
The Department of Homeland Security has issued two more alerts about cyber vulnerabilities in certain medical devices. The stream of recent advisories is helping to draw more attention to the importance of addressing device security. But healthcare providers face the challenge of tracking and mitigating all risks.
ISMG's Fraud and Breach Prevention Summit in Bengaluru on June 12 and 13 will offer insights from leading CISOs and other experts on hot topics, including artificial intelligence, endpoint detection and response, blockchain and GDPR compliance.
While some payment companies are strongly protesting the Reserve Bank of India's mandate that they store all data locally by October 15, portraying compliance as costly and impractical, others support the move as a way to ensure data is protected.
Many merchants in Japan find it difficult to pass a PCI Data Security Standard audit because the PCI guidelines are changed too frequently, argues Yiochi Ueno, who serves as a Qualified Security Assessor who audits merchants.