The latest edition of the ISMG Security Report sizes up progress made so far on identity management and the work yet to be done. Also featured: how security concerns are holding back IoT projects and the privacy issues raised by recording videoconferences.
Worries over ransomware and malware are slowing down enterprise IoT deployments, which is a reflection of the reputational and customer relationship risks at stake, according to a new survey. Here's what enterprises need to keep in mind when selecting security technology for IoT.
Not all data breaches are what they might seem, and not all leakers are who they might claim to be. Take the doxing of the Minneapolis Police Department, supposedly by Anonymous hacktivists: The leaked employee information was almost certainly culled from old breaches. So who did it, and why?
A "zero trust" framework can help organizations better define their access control strategies and ramp up authentication, says Vishal Salvi, global CISO and head of cybersecurity at Infosys Ltd., a multinational outsourcing company.
The world has experienced an unprecedented business disruption that instantly created the largest remote workforce - and largest attack surface - in history. How do you validate users and access in this new dynamic workforce? RSA's Steve Schlarman and Ben Smith preview an upcoming series of virtual roundtables.
The remote workforce brings more flexibility. But it also comes with unique challenges such as VPN congestion, a greater attack surface and a lack of visibility for security. How can you help remote workers to be both productive and cybersecure? Menlo Security's Kowsik Guruswamy offers advice.
Last week, security researcher Bill Demirkapi said that Trend Micro used a trick to get one of its drivers to pass Microsoft's approval process. Trend Micro has withdrawn the driver and says it's working with Microsoft on incompatibility issues that are unrelated to the researcher's findings.
The identity and access management strategy for the remote workforce should ensure contextual authentication to establish the credentials of the users, apply risk-based authentication for measuring user risk profiles, and establish a multifactor authentication mechanism, a panel of experts says.
Ransomware, wire transfer fraud, destructive attacks: In recent months, the financial sector has seen these and other online attacks surge by 238% as criminals continue to exploit the pandemic, warns Tom Kellermann of VMware Carbon Black, who shares findings from his firm's third "Modern Bank Heists" report.
Britain is reconsidering whether Huawei's technology will be used its national 5G rollout as a result of increased White House sanctions against the Chinese telecommunications giant, which could result in Huawei having to source semiconductors from less reliable sources.
Shadow IT is a growing concerns during the work-from-home shift because endpoint security is not as well developed as network security, says Vikram Mehta, an information security specialist at MakeMyTrip, who offers risk mitigation insights.
Don't forget to lock down online shared code repositories, as Mercedes-Benz parent company Daimler AG learned the hard way after a researcher was able to access nearly 9 GB of software development documentation from a misconfigured GitLab repository.
As ransomware gangs attempt to boost their illicit profits, the RagnarLocker ransomware gang has brought a new tactic to bear: installing a full virtual machine on victims' systems to hide their crypto-locking malware while it forcibly encrypts files, security firm Sophos warns.
Australian shipping giant Toll Group recently suffered its second ransomware outbreak of the year, with Thomas Knudsen, the company's managing director, branding the latest attack as being "serious and regrettable." But was it preventable?
Although FBI technicians were able to gain access to data in two iPhones belonging to a Saudi national who killed three U.S. sailors at a military base in Pensacola, Florida, the Justice Department continues to criticize Apple's refusal to offer law enforcement a backdoor to its encrypted devices.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.