A veteran security researcher has become entangled in a conflict with Chinese drone manufacturer DJI over his security vulnerability report, which initially qualified for the manufacturer's bug bounty program. The researcher says communications broke down after he refused to sign a legal agreement.
CIOs and CISOs must guard against making security technology decisions based on the latest threat trends hyped by vendors, focusing instead on their specific business needs, says T.S. Lim of CA Technologies.
India's Ministry of Electronics and Information Technology, or MeitY, plans to create a "challenge grant" program to support cybersecurity startup companies in an effort to encourage domestic development of innovative technologies.
Kaspersky Lab says it "inadvertently" scooped up classified U.S. documents and code from an NSA analyst's home computer, but suggests it wasn't the conduit by which the material ended up in Russian hands. It claims that the computer was riddled with malware.
A report on new White House rules on when to disclose cybersecurity vulnerabilities to software vendors leads the latest edition of the ISMG Security Report. Also, storing passcodes in clothing.
Businesses need to find more ways of incentivizing good researchers to find flaws in technology before bad actors discover them, says Rafael Narezzi, CIO of financial services firm TS Lombard. For every bug hunter with good intentions, how many more are developing weaponized exploits for sale on darknet markets?
Since last year, North Korean hackers have been targeting businesses in the financial services, aerospace and telecommunications sectors by exploiting a remote administration tool, or RAT, according to an alert issued Tuesday by the United States Computer Emergency Response Team.
Because the insurance industry has undergone massive changes, it needs to take steps to ensure cybersecurity is keeping pace, says Satyanandan Atyam, CISO at India's Bharti Axa General Insurance.
With the aim of protecting data privacy, the government of Singapore is considering taking steps to greatly reduce the use of the National Registration Identity Card numbers for verifying consumers' identities.
A top DHS cybersecurity official says she has seen no conclusive evidence that Russian-owned Kaspersky Lab's security software had been exploited to breach federal information systems. Jeanette Manfra told a House panel most agencies have complied with a directive to stop using Kaspersky software.
Threat-centric security frameworks need to be supplemented with an approach based on user behavior, which is becoming a critical parameter in understanding organizations' risk postures, Forcepoint's Maheshwaran S says in an in-depth interview.
The PCI Security Standards Council is creating a payments software framework, including two new standards that can evolve as the software rapidly changes, Troy Leach, the council's CTO, explains in this in-depth interview.
India is expected to announce in the coming months the formation of a cyber defense agency that would focus on protecting critical infrastructure, especially government and defense networks, from cyberattacks.
All U.S. publicly traded companies should review how they internally disseminate breach information and expect to see revised cybersecurity guidance, says William Hinman, the director of corporation finance for the U.S. Securities and Exchange Commission.
A report on the head of Equifax contending that his company - not individual consumers - owns the personally identifiable information the credit reporting agency markets to lenders leads the latest version of the ISMG Security Report. Also, a preview of the ISMG Healthcare Security Summit.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.