As more organizations undergo resource and cost pressures, 86% of managed security services customers are deciding to consolidate security tools and outsource their security requirements, according to the OpenText Cybersecurity 2023 Global Managed Security Survey.
Malaysia's Securities Commission on Tuesday released new cybersecurity guidelines calling for stronger oversight and management of technology risks by investment and capital markets firms. The commission expects the new guidelines to go into effect in Q3 2024.
A Tennessee-based cardiac care clinic is notifying more than 170,000 patients and others that hackers may have stolen their sensitive personal and medical information in a cyberattack detected in April. The Karakurt cybercrime group claimed credit for the hack a month later.
Human Factor Security expert Robin Lennon Bylenga advised that in building an internal threat management program, it is imperative to not send mixed messages to the broader workforce. It's wise to conduct an assessment of human risk - not just IT risk, she said.
Synthetic ID fraud has moved beyond business-to-consumers to business-to-business fraud as more bad actors are opening fraudulent commercial accounts at financial institutions, said Dori Buckethal, vice president of risk and fraud solutions at Thomson Reuters.
Security is about more than technology, said Paul Watts, a distinguished analyst at the Information Security Forum. It's also about people and process, he said, with the ultimate goal of adding value to what the business is trying to do. Watts discussed how security leaders can achieve this goal.
Organizations struggle with governing the data that goes into and informs large language models since it's in documents rather than spreadsheets or SQL databases, said BigID CEO Dimitri Sirota. Companies need a more effective governance framework for managing unstructured data, Sirota said.
Fears that cyber insurance coverage drives companies into paying ransomware demands more easily than not appear unfounded, concludes a British think tank study that also suggests insurers should do more to enact corporate discipline. Cyber insurance has been dogged by accusations of moral hazard.
A malware downloader is spoofing Italian organizations, including the tax agency, to deliver a banking Trojan to target Italian companies, said researchers. Proofpoint callsthe downloader WikiLoader; it ultimately leads to the Ursnif banking Trojan.
The shifting of information to data warehouses such as Snowflake and Databricks has created oversight challenges around access and ownership, said Immuta CEO Matthew Carroll. Customers should be able to scan and analyze where their cloud data lives and identify and fix flaws or abnormalities.
Today's CISO must have close communication with the C-suite, understand the business needs of the organization as well as its objectives and risks, and to be able to articulately translate those business objectives into technology, said Dion Alexopoulos, head of security at Camelot.
Ukraine blocked an illicit money laundering network operating across the country that made use of sanctioned Russian payment systems and cryptocurrency exchanges to convert Russian rubles into Ukrainian hryvnia. The "black money exchanges" network processed more than $4 million monthly.
We have moved from cybersecurity strategy to cyber resilience strategy, said Fene Osakwe, a board member of the Forbes Technology Council. As a result, he said, we still start with identifying assets, but we keep going until we achieve recovery.
The number of data security incidents affecting Singapore's government sector remained stable in the 12-month period ending March 2023, and the number of medium-severity incidents marginally declined. Government officials said investments in security technology and culture are starting to pay off.
The rapid pace of API development has created major risk for companies given the amount of data that's being exposed, said Salt Security CEO Roey Eliyahu. The security industry hasn't adapted quickly to address these problems since it's still used to relatively static APIs that were easy to guard.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.