The way the U.S. federal government funds information technology served as a major contributor to last year's breach of computers at the Office of Personnel Management that exposed 21.5 million records, says Federal Chief Information Officer Tony Scott.
While the push for security in regulated industries is compliance driven, it's essential for organizations to also develop security strategies based on business risks, says A. Shiju Rawther, head of infrastructure and security operations at a leading credit-rating bureau in India.
To keep up with emerging threats, banks and other organizations in Saudi Arabia and throughout the region must develop much more mature incident response functions, says Mohammed Almozaiyn, who heads incident response for a leading Saudi bank.
The surge in data breaches and the pervasiveness of malware, especially ransomware, has led to a surge in security technology startup firms, which makes it much tougher for CISOs to choose the right business partners in the overcrowded marketplace, argues Raimund Genes, CTO at Trend Micro.
Many organizations take months or years to discover they've been victimized by breaches because they lack experienced cybersecurity personnel, says employment researcher David Foote. The "maturing of the workforce" will take considerable time, he says in an interview.
Indian organisations are easy prey for Pakistani hackers who are defacing their websites and sometimes also blocking transactions. But law enforcement is finding it challenging to crack down on foreign hackers because of uncertainty over which Indian laws apply.
Agari's John Wilson doesn't just fight email fraud schemes - he also is the occasional target. What have the fraudsters inadvertently taught him about their latest tactics? And how can these lessons help organizations to improve their defenses? Find out in this video interview.
The Equation Group leak revealed a zero-day flaw in Cisco's firewall software - a patch is being prepped - as well as a vulnerability in Fortinet's software that's since been patched. Has the U.S. government long known about the flaws?
Sam Lodhi, director at niche services firm IBRS, speaks about adapting biological cybernetics to help management understand information security risk better and how cybernetics can be applied to other verticals.
SWIFT screwed up. That's the takeaway from a new report into the Brussels-based cooperative, which alleges that the organization overlooked serious concerns relating to smaller banks' security and the risks they posed to the health of its entire network.
Vikrant Arora, CISO of NYC Health & Hospitals, offers the four most important questions a board must ask the CISO to get a good understanding of how the organization is addressing top cybersecurity concerns.
It's easy to look at the payments landscape and see only the flaws. But payment card security has come a long way in the past 10 years, thanks in large part to the PCI Data Security Standard. How will card security be refined in the coming decade?
Ransomware and extortion are among the threats that have successfully transitioned from an original B2C business model to targeting enterprises. Trend Mirco's Myla Pilao shares insight on this and other attack trends in Asia.
To facilitate faster decision-making, better cost control and increased transparency, many organizations now task a single executive to oversee all security, privacy and risk functions, says ADP's Roland Cloutier.