Organizations need to take a well-considered, structured approach to integrating IoT into existing information risk management processes to address security, Gartner's Ganesh Ramamoorthy explains in an in-depth interview.
Kudos to the breached business - in this case, kiosk manufacturer Avanti Markets - that quickly alerts victims and gives them actionable information for protecting themselves. Unfortunately, not all breached businesses are so forthright, as some recent data leaks demonstrate.
Ransomware attacks are increasingly using multiple proven techniques to spread quickly and achieve the maximum impact before being thwarted. They are going to get bigger and target other platforms in the future, warns Justin Peters at Sophos APAC.
The working group set up by the ministry of finance has released its recommendations for shaping the computer emergency response team in the financial sector, prescribing an exhaustive cybersecurity framework to help organizations prevent breach incidents.
Publicis Groupe CISO Thom Langford discusses how best to measure your organization's true risk appetite and the business value of blending storytelling techniques into your security awareness programs.
Former U.S. CISO Gregory Touhill says the federal government must rethink how it hardens its workforce to prevent cyberattackers from succeeding. Organizations, he says, should regularly conduct cybersecurity exercises to help build their cyber defense.
Bad security habits of consumers whose use of apps is skyrocketing is leading to increased risks for businesses as they ramp up their use of apps as well, says Neil Wu Becker, a global vice president at A10 networks, who emphasizes the need to enforce best practices.
To encourage individuals to improve their security practices, begin by not blaming them. That was one takeaway from security experts at the Infosecurity Europe conference, who offered practical tips for changing user behavior and creating a culture of security.
Infosecurity Europe 2017 in London drew an estimated 18,000 attendees. Here are 13 visual highlights from the annual information security conference, ranging from tchotchkes and keynotes to 19th century architecture and live hacks of internet-connected devices.
The identity of the individual or group behind the global WannaCry ransomware campaign remains unclear. But whoever wrote the ransom notes appears to have been fluent in Chinese and pretty good at written English, according to a linguistic analysis from security firm Flashpoint.
A focus on breach prevention and protecting the perimeter is outdated, so organizations need to shift to a focus on resiliency, says security thought leader Vishak Raman, former senior regional director for India and SAARC at FireEye.
To help ensure that data is properly protected, the Ministry of Electronics and information Technology has mandated that all cloud service providers that handle government data store it on servers in India and not in other countries.