Latest

►

Business Continuity Management / Disaster Recovery

Covid19: Remote Workforce Security Strategies

Suparna Goswami  •  March 27, 2020

In an in-depth interview, two cybersecurity experts at Akamai Technologies India discuss ensuring security for at-home workers during the COVID-19 crisis and offer business continuity insights.

Electronic Healthcare Records

Coalition Formed to Address COVID-19 Crisis

Marianne Kolbasuk McGee  •  March 27, 2020

More than two dozen healthcare organizations and technology firms have formed a coalition to help address the COVID-19 crisis by using secure information sharing and data analysis. But observers warn the group must devote enough attention to privacy and security issues.

Business Continuity Management / Disaster Recovery

Analysis: Russia's COVID-19 Disinformation Campaign

Nick Holland  •  March 27, 2020

The latest edition of the ISMG Security Report analyzes how and why Russia is spreading disinformation about the COVID-19 pandemic. Plus: the latest CCPA regulation updates; a CISO's tips on securely managing a remote workforce.

Cybercrime

Tupperware Website Hit by Card Skimmer

Ishita Chigilli Palli  •  March 26, 2020

Tupperware, known for its colorful array of food storage containers, is the latest company to have its website hit with a card skimmer that siphons off payment card details at checkout, according to the security firm Malwarebytes. Malicious JavaScript hid in the online checkout payment form.

Governance & Risk Management

Microsoft to Pause Non-Essential Software Updates

Mathew J. Schwartz  •  March 26, 2020

Microsoft has announced that it will pause all non-essential updates for Windows, while both Google and Microsoft have said their Chrome and Edge browsers will, for now, receive only stability and security updates. The moves come as IT teams are continuing to respond to the ongoing fallout of the COVID-19 pandemic.

Cybercrime

Newly Discovered APT Group Targets Middle East Firms: Report

Apurva Venkat  •  March 26, 2020

A newly discovered advanced persistent threat group is targeting industrial firms in the Middle East with a new type of backdoor Trojan, according to the security firm Kaspersky.

►

Cloud Security

Establishing 'Zero Trust' Security in the Cloud

Varun Haran  •  March 26, 2020

At a time when individuals are accessing information in the cloud from anywhere, it's important to establish trust with the user, says Brijesh Miglani of Forcepoint.

►

Governance & Risk Management

Moving From Cyber Secure to Cyber Immune

Varun Haran  •  March 26, 2020

Although most companies acknowledge the importance of securing their perimeters and endpoints, many are still reactive in their approach to security, says Dipesh Kaura of Kaspersky, who advocates a "security by design" approach.

►

Application Security

Application Security: Essential Steps

Varun Haran  •  March 26, 2020

Organizations need to go far beyond addressing the OWASP Top 10 security risks to make an application truly secure, says Rajesh Jain of Cloudflare.

►

DevSecOps

Getting Ready for DevSecOps

Varun Haran  •  March 26, 2020

Developers need to be the primary stakeholdersof any DevSecOps process, says Nitin Kumar Dang of Checkmarx, who offers strategic insights.

Cybercrime

The Ecommerce Surge: Guarding Against Fraud

Nick Holland  •  March 26, 2020

As more consumers shift to online shopping during the COVID-19 pandemic, retailers must ramp up their efforts to guard against ecommerce payment fraud, says Toby McFarlane, a cybersecurity expert at CMSPI, a payments consultancy.

Endpoint Security

The Best of RSA Conference 2020

Information Security Media Group  •  March 25, 2020

At RSA Conference 2020 in San Francisco, Information Security Media Group's editorial team conducted more than 130 video interviews with industry thought leaders. Here are the highlights.