Australia's large online medical booking platform, HealthEngine, has become embroiled in a privacy controversy after it reportedly passed personal medical details to a personal injury law firm. HealthEngine maintains it obtained users' consent, but the revelation appears to have caught many by surprise.
To help prevent fraud, more organizations are moving toward the use of behavioral biometrics for authentication, says Tamaghna Basu of NeoEYED, who explains how the technology works.
Europe's General Data Protection Regulation is reshaping the way organizations handle data. That's going to have an impact on the sharing of threat intelligence. But the Anti-Phishing Working Group hopes the law will provide legal clarity that will make more organizations comfortable with sharing threat data.
The EU's GDPR is already having an impact on how organizations approach data breach detection and remediation, leading many to rely more strongly on security orchestration and automation, says Allen Rogers of IBM Resilient.
Organizations are increasingly turning to devices and the cloud to foster better collaboration and access to essential data. But as they do so, "the number one blocker for enabling digital transformation is security," warns BlackBerry's Florian Bienvenu.
Organizations are increasingly tapping behavioral analytics to help incident responders "correlate data from multiple sources and save time in the response workflow" - in other words, to more quickly detect and mitigate breaches, says Nick Bilogorskiy at Juniper Networks.
To better secure all internet-connected devices inside an industrial enterprise, operational technology and information technology groups are increasingly collaborating, says Tripwire's Tim Erlin.
Attackers continue to shift their tactics to help evade improvements in defenses, says Rick McElroy, security strategist for Carbon Black. Recent trends include fileless attacks, shifting from PowerShell to WMI, plus cryptojacking and credential harvesting.
To increase the effectiveness of security information and event management tools, while lowering the rate of false positives, organizations need to bring in more context about user behavior, says Derek Lin of Exabeam.
Michael Jones of Domain Tools says that studying domain ownership information gives organizations "contextual data around domains that may be attacking them," thus allowing them to better block attacks, avoid malicious sites and combat phishing campaigns.
Leading the latest edition of the ISMG Security Report: A preview of next week's Fraud and Breach Summit in Chicago, which will feature keynoter Brett Johnson, a former cybercriminal who now advises organizations on fighting crime.
As India gears up to use artificial intelligence to boost its defense capabilities and improve security in various sectors, it inevitably will face challenges.
Three key challenges facing security practitioners worldwide are visibility, metrics and orchestration, says Vishal Salvi, CISO for India's tech powerhouse Infosys. The threat landscape, rather than compliance, is driving security decisions, he says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.