Aetna will move from passwords to continuous behavioral authentication next year on its consumer mobile and web applications for better security and end-user experience, says Jim Routh, the health insurer's CISO.
Freedom of Information requests sent to 430 U.K. local government councils by Barracuda Networks found that at least 27 percent of councils have suffered ransomware outbreaks. Thankfully, almost none have paid ransoms, and good backup practices appear widespread.
Oil & Natural Gas Corp. is augmenting its ISOC to serve its enterprise wide network, SCADA and business systems to enable detection of threats in real time, says A.S. Rao, CISO. "We have gone in for a hybrid model to build required skills to completely operationalize the ISoC," he says
Given the current threat environment, it's urgent that organizations add technical experts to their boards of directors to help ensure the development of effective cybersecurity strategies, says Art Coviello, retired chairman of RSA.
What advice does the new CISO of fast-food giant McDonald's, who has served as CISO at two other major corporations, have for how to communicate with the board of directors? Tim Youngblood offers insights in this exclusive interview.
In the latest edition of the ISMG Security Report: a look at the former Equifax chief information security officer and whether her lack of academic credentials in IT or IT security is relevant to the massive breach at the credit reporting agency.
Pressure continues to mount on credit reporting bureau Equifax over its massive data breach. In its wake, Equifax announced that its CIO and CSO would "retire" immediately and said that the Apache Struts flaw exploited by attackers was known to the security team.
In the move to a cashless economy in India and elsewhere, improving user authentication is critical, but users are demanding ease of use, says Singapore-based Tom Wills, director at Ontrack Advisory. He describes the roles that biometrics and artificial intelligence will play.
In an in-depth interview, Pavan Duggal, advocate, Supreme Court, spells out the specific steps he believes the government needs to take now that the Supreme Court has declared privacy as a fundamental right.
Although there are many options for threat information sharing, there are not enough initiatives that are properly codified and defined so that enterprises can easily share relevant information with a business context in a structured and timely manner, says Avinash Prasad of Tata Communications.
Two Russian hackers, members of a group called "Shaltay-Boltai" - Humpty Dumpty in Russian - that stole and sold high-level Russian officials' emails, have been sentenced to serve three years in prison. The case against them may tie to a high-profile Russian treason investigation.
Cory Mazzola, a cybersecurity leader at Las Vegas Sands Corp., says recruiting security pros amid a talent shortage requires putting aside expectations about degrees and backgrounds. Instead, he says companies need to be willing to develop new skills in their new hires.
Given the rise in organized cybercrime and increased online data leakage, Maharashtra Police officials are empowering officers through appropriate training, says Balsing Rajput, superintendent of police, cyber.
Password security guidance: Do block users from picking commonly used passwords. But to avoid a usability nightmare, don't block users from picking any password that's ever been seen in a data breach, security experts advise.