Why do we continue to be so stupid about how we use passwords? A review of 2015 data breaches finds that it's not just users of infidelity websites who remain reckless with their password choices.
According to sources in the industry and community, organizations are regularly getting breached and held to ransom in India. What's the story, and why are these organizations choosing to remain silent about these attacks?
Common mistakes enterprises make while prescribing a security or information assurance policy may result in big security flaws. CISOs must define security policies that are practical and enforceable, evolved through consensus with the business.
The New York Attorney General's settlement with taxi-hailing platform Uber - over alleged customer data privacy violations and a delayed data breach notification - provides a best practice security template for any organization that handles customer data.
As security leaders accept that breaches will happen despite perimeter defense and counter measures, incident response becomes an important evolution in an organization's security posture. Arbor's Jeff Buhl discusses the Asian stance and maturity.
Qatar's national cybersecurity agenda is designed to ensure that security policies help businesses strike the right balance between security and economic growth, says Khalid Al Hashmi, a top official in the Ministry of Information and Communications Technology.
As the US government enacts its Cybersecurity Information Sharing Act, the question becomes: Is India ready for such legislation? What bottlenecks await, and how effectively are public and private players engaged to tackle info-sharing challenges?
In the wake of Juniper Networks finding "unauthorized code" in its firewall firmware that could be used to remotely access devices and encrypted communications, Cisco is reviewing its own code for signs of tampering. Will other vendors follow suit?
A panel of experts at the DSCI summit discusses confusion over cybersecurity and privacy policy, and how to protect data against misuse. What are the key legislative challenges, and how will they be tackled in 2016?
In the largest monetary award obtained by the FTC in an enforcement action, LifeLock has agreed to pay $100 million to settle a case that, in part, stemmed from the identity protection company failing to establish and maintain an information security program to protect customers' personally identifiable information.
Europe looks set to pass sweeping new data protection rules, which would give consumers more control over how their personal information gets used and require organizations to notify authorities whenever they suffer a data breach.
After years of failing to enact cyberthreat information-sharing legislation, Congress is poised to vote on a measure this week that would incentivize businesses to share voluntarily threat data with the federal government and with each other.
New guidance for cyber-resilience, vendor management and breach notification are expected for New York state banks in early 2016. And the tone set by these guidelines may have a ripple effect, influencing the actions of federal banking regulators.
A former U.S. State Department employee has pleaded guilty to running a "sextortion" scheme from the U.S. Embassy in London that was designed to compel young women to share sexually explicit photographs, according to the FBI.
President Obama's remarks urging "high-tech and law enforcement leaders to make it harder for terrorists to use technology to escape from justice" are being interpreted by some to mean that government and Silicon Valley should collaborate to create a backdoor to circumvent encryption on devices used by terrorists.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.