Multifactor authentication and privilege-based controls are among the forms of identity and access management that can help security leaders address key vulnerabilities in their organizations, says Charanjit Singh Sodhi of Normura Wholesale, who offers advice.
As enterprises improve defense of their networks and data centers, cybercriminals increasingly are shifting their efforts to targeting privileged credentials. It's time, then, to take an identity-centric approach to security, says Aneesh Dhawan of Microsoft.
To improve enterprise visibility, network and security teams need to align and evolve the way they architect networks, says Gigamon's Ian Farquhar, who shares insights on how to enhance network visibility.
A batch of documents meant to be kept under court seal lays bare Facebook's strategic brokering of access to user data to reward partners and punish potential rivals. The material also demonstrates Facebook's views at the time on privacy and the risks of leaking data.
Hampered by insufficient tools and skills, many organizations are now investing in managed detection and response solutions. What questions should they ask when selecting a partner? Sharda Tickoo of Trend Micro shares insights.
Israel-based Yehuda Lindell, a cryptography professor, describes how to use secure multiparty computation technology to protect cryptographic keys and describes other potential security applications.
Thousands of emails from four senior aides within the National Republican Congressional Committee were exposed after their accounts were compromised for several months earlier this year, Politico reports. Few details have been released about the incident, which was investigated by Crowdstrike.
To combat cyberattacks, more nations must not only hold nation-state attackers accountable, but also better cooperate by backing each other's attribution, said Estonian politician Marina Kaljurand, who chairs the Global Commission on the Stability of Cyberspace, in her opening keynote speech at Black Hat Europe 2018.
A severe vulnerability in Kubernetes, the popular open-source software for managing Linux applications deployed within containers, could allow an attacker to remotely steal data or crash production applications. Microsoft and Red Hat have issued guidance and patches; they recommend immediate updating.
A failure to patch systems and slipups that lead to insider threats are two major causes of breaches in the healthcare sector that need to be urgently addressed, says Anahi Santiago of Christiana Care Health System.
"Smart cities" projects face huge cybersecurity challenges as they adopt advanced technologies, including IoT systems, says Adnan Baykal of the Global Cyber Alliance.
Blockchain, ID and access management, OT security and boards' roles in cybersecurity were among the hottest topics topics discussed at Information Security Media Group's Security Summit in Mumbai on Nov. 29.
Next to corporate communications that claim that "your security is important to us," any website post titled "security update" portends bad news. So too for question-and-answer site Quora, which says a hack exposed 100 million users' personal details, including hashed passwords and private content.
The Black Hat Europe information security conference returns to London, featuring 40 research-rich sessions covering diverse topics, including politically motivated cyberattacks, recovering passwords from keyboards thanks to thermal emanations, hacking Microsoft Edge and detecting "deep fakes."
Marriott's mega-breach underscores the challenges companies face in securing systems that come from acquisitions as well as simply storing too much consumer data for too long, computer security experts say. Meanwhile, the hotel giant has yet to answer many pressing data breach questions.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.