To adequately protect their data, organizations need to go far beyond traditional controls and implement a "data-centric security" approach, says Informatica's Robert Shields, who describes the essential elements of the strategy.
The National Institute of Standards and Technology has issued a Guide to Application Whitelisting that provides step-by-step instructions on deploying automated application whitelisting to help prevent malware from accessing IT systems.
FBI Director James Comey's declaration that the Obama administration will not pursue legislation to require vendors to create a backdoor that would permit law enforcement to circumvent encryption on mobile devices isn't the end of the matter.
To build a resilient and secure enterprise, security leaders must take a risk-based approach and build the capabilities to understand the risk appetite of the organisation, says Gartner's Tom Scholtz.
For years, information security experts have been warning users to create complex, unique passwords, and organizations to secure them properly. But an analysis of 12 million cracked Ashley Madison passwords shows how much we're still failing.
The act of prevention is dead. The new mandate for CISOs is to quickly detect anomalous behavior in the networks to be able to respond quickly to breaches and combat threats, says RSA's director, Kartik Shahani.
The human element has been referred to as the weakest link in the security chain. Do advances in applying analytics to human behavior hold the key to reducing risks?
A burgeoning security infrastructure means the headache of management, enforcement and optimization. How do you efficiently administrate it? How do you plan policy enforcement at scale? Juniper's Paul shares insight.
Statements issued by the United States and China give a different take on cybersecurity talks scheduled to take place next week between presidents Barack Obama and Xi Jingling.
With enterprises increasingly concerned about advanced persistent threats, ISMG speaks to experts for recommendations on building APT resilience in their organizations - both immediate and long-term.
Because of commercial and governmental pressure to increase the use of electronic banking, cybersecurity risk is now the biggest challenge facing Singapore's financial institutions, says Lena NG of Clifford Chance.
Beyond APT30, another advanced threat group appears to be at work in India and the SEA region, targeting critical information assets. However, APT resiliency is not yet a part of the security lexicon, experts say.
Security is a busy sector: Symantec jettisoned Veritas, Zscaler became a "unicorn" after its most recent funding round, and we have other M&A news from Cisco, Fidelity National Information Services and Proofpoint.
Thou shalt not reverse engineer Oracle's products. That was the stunning diktat issued by Oracle CSO Mary Ann Davidson in a blog post that some are reading as a declaration of war against the security research community.
Nothing says "you really screwed up" like receiving the Pwnie Award for "Most Epic Fail" at the annual Black Hat conference. Hence it's no surprise that in the wake of its mega breach, the win goes to the U.S. Office of Personnel Management.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.