Cybercrime continues to be incredibly lucrative. Yet many of the techniques being wielded by connected criminals aren't new, said security expert Mikko Hypponen of F-Secure in a keynote speech at this week's Infosec Europe conference in London.
Akamai warns of a rash of less sophisticated attempts to extort companies by threatening to strike with distributed denial-of-service attacks, which can be expensive for organizations to defend against.
Many organizations still fail to practice smart web security, warns penetration testing expert Ilia Kolochenko, who notes that 23 percent of all websites still use SSL version 3, despite it leaving them at risk from POODLE and BEAST attacks.
The third edition of ISMG's Data Breach and Fraud Prevention Summit in Asia took off June 8 in Mumbai. Here are some highlights and first impressions from the day-long event, featuring key industry thought leaders.
Demonstrating the return on security investment and getting management buy-in remain some of the less glamorous, but very real challenges faced by Indian CISOs, says Shivkumar Pandey of the Bombay Stock Exchange.
Insider fraud is one of the biggest challenges facing Indian security practitioners, yet they struggle to respond to insider crimes, says Berjes Shroff, CISO of Godrej Infotech, and a speaker at the ISMG Data Breach & Fraud Prevention Summit Asia in Mumbai.
This ISMG Security Report features a discussion of the impact on the global financial services industry of the SWIFT-related theft of $81 million from Bangladesh's central bank and similar thefts. You'll also hear reports on making IT systems more trustable and national governments' spending on cybersecurity.
NIST plans next year to clarify certain provisions in its cybersecurity framework. "Just to be clear, we're not headed toward a version 2.0 right now," Program Manager Matt Barrett explains in an interview. "We're headed to something that's more like a 1.1."
ISMG's upcoming Data Breach & Fraud Prevention Summit Asia 2016 in Mumbai will focus on the latest fraud techniques and technologies, as industry thought leaders take us through new approaches to tackle breaches as well as today's top schemes and solutions to stop them.
The Hong Kong Monetary Authority plans to raise the cybersecurity of its banking system through a new, three-pronged approach. But critics say the regulator needs to come up with clear security mandates to ensure a cybersecure ecosystem.
Europe's biggest annual information security conference returns to London this week. Here's my pick of the top Infosec Europe sessions, with topics ranging from cybercrime and incident response to EU regulations and the Internet of Things.
Narayan Neelakantan, outgoing CISO at the National Stock Exchange of India, is concerned that the lack of capacity in incident response is going to haunt Indian organizations in the near future. He shares insight on IR maturity and the imminent need.
The Reserve Bank of India has issued new cybersecurity guidelines to scheduled banks, directing them to devise cybersecurity policies distinct from their institutions' existing IT or IS security policies.
Security is moving fast, but is still playing a catch-up game with technology. In this scenario, age-old paradigms need to be revised to remain relevant, says Oracle's security lead for APAC, Chris Pickett