The healthcare sector has had plenty of significant data breaches so far this year. What can be learned from organizations' experiences? Here are three key lessons.
To help security practitioners address their cybersecurity challenges, ISMG is hosting a Cybersecurity Summit on Nov. 21 in Mumbai, best practices in tackling cybersecurity issues. Among the speakers: Loknatha Behera, Kerala's state police chief, and former Supreme Court Justice B. N. Srikrishna.
Despite organizations enduring decades of security policies, programs, plans, metrics and awareness training, CISOs still complain that too many employees are failing at the cybersecurity basics, says Virtually Informed's Sarb Sembhi.
What's the best way to spring your citizens from foreign jail if they've been detained on U.S. hacking charges? That's a question that continues to plague Russia, including in the ongoing case against Aleksey Burkov, who's been charged with being part of a $20 million payment fraud scheme.
The U.S. National Security Agency is the latest intelligence agency to warn that unpatched flaws in three vendors' VPN servers are being actively exploited by nation-state attackers. Security experts say such alerts, which are rare, are a clear sign that serious damage is being caused.
"Cyberattacks are one of the unfortunate realities of doing business today," reads gaming company Zynga's data breach notification, thus breaking the first rule of crisis management: Own your mistakes. Hacker Gnosticplayers claims the company was still storing passwords using outdated SHA1.
Account takeover (ATO) attacks result in billions of dollars of fraud and damage to brand reputation each year. These are the costs and risks associated with ATO.
Given the massive impact of the Equifax data breach, is the recently announced proposed settlement fair? One consumer advocate calls the money to be paid out by the consumer reporting agency the equivalent of a "parking ticket." Here's an analysis of the settlement's terms.
Software vulnerabilities sometimes have an uncanny knack of revealing themselves, even when a bug hunter is looking someplace else. Sam Curry's probing eventually revealed a cross-site scripting flaw in a Tesla service, which netted him a $10,000 bounty.
For years, security leaders focused primarily on malicious insiders - those who intend to do harm to an organization. But CISOs are increasingly concerned about the accidental insider. And Anne-Marie Scollay of Axiom Law has a program targeting this growing threat.
Many corporate boards of directors in India have made progress in recognizing cybersecurity as a priority. But clearly, they still have a lot of work to do. Panelists at a recent ISMG summit in Bengaluru offer insights.
Despite multiple government agencies being formed to fight cybercrime, efforts need to be made for better coordination between them, said Lt Gen (retd) Rajesh Pant, the newly appointed national cybersecurity coordinator, PM Office, Government of India.
At this week's Information Security Media Group Fraud & Breach Summit in Bengaluru, India, national cybersecurity coordinator Lt. Gen. (retired) Rajesh Pant spoke about the challenges facing the country over the coming years.
Multiple flaws - all serious, exploitable and some already being actively exploited - came to light last week. Big names - including Cisco, Facebook, Intel and Microsoft - build the software and hardware at risk. And fixes for some of the flaws are not yet available. Is this cybersecurity's new normal?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.
