Organizations are increasingly turning to devices and the cloud to foster better collaboration and access to essential data. But as they do so, "the number one blocker for enabling digital transformation is security," warns BlackBerry's Florian Bienvenu.
To better secure all internet-connected devices inside an industrial enterprise, operational technology and information technology groups are increasingly collaborating, says Tripwire's Tim Erlin.
To increase the effectiveness of security information and event management tools, while lowering the rate of false positives, organizations need to bring in more context about user behavior, says Derek Lin of Exabeam.
Leading the latest edition of the ISMG Security Report: A preview of next week's Fraud and Breach Summit in Chicago, which will feature keynoter Brett Johnson, a former cybercriminal who now advises organizations on fighting crime.
As India gears up to use artificial intelligence to boost its defense capabilities and improve security in various sectors, it inevitably will face challenges.
Just one click: That's all it takes for a victim to inadvertently grant attackers access to their email account via a third-party application. Here's how to spot signs of OAuth-related hacking and how to defend against it.
Recent failures of IT systems at some major airports and banks are a reminder that as an organization launches a digital transformation project, or seeks to move more of its processes to the cloud, those efforts won't necessarily proceed smoothly or securely, says Skybox Security's Justin Coker.
For attackers, "credential stuffing" - using stolen usernames and passwords to log into any site for which a user reused their credentials - is the gift that keeps on giving, says security researcher Troy Hunt. Here's how organizations can mitigate the threat.
Government regulation is key to minimizing the misuse of cryptocurrencies for cybercrime, says Brett Johnson, a former cybercriminal who now consults on crime prevention. But regulating cryptocurrencies is no easy task, he acknowledges. Johnson will keynote ISMG's Fraud and Breach Prevention Summit in Chicago.
Human resources software developer PageUp says it doesn't appear that personal data exposed in a malware attack was actually removed from its systems. But it has also found authentication error logs that recorded incorrect login attempts from before 2007.
GDPR requires organizations to "have a governance model in terms of access and control and accountability," says Matt Lock of Varonis, who describes essential steps.
As organizations detect more breaches, incident responders are increasingly overloaded, says Darktrace's Dave Palmer, who recommends organizations adopt strategies for "surgically interrupting the bad" while maintaining normal business processes and productivity.
Cyber extortion group Rex Mundi has been shut down following the arrest of seven suspects in France and a French national in Thailand, police say. Investigators began pursuing the group last year after it stole customer data from a British firm and demanded $770,000 to not publicly release it.
Incident response challenge: How to deliver actionable information to security analysts to enable them to better triage? "The quicker you can detect and respond to an incident, the more you're likely to be able to contain and minimize the risk associate with it," says IBM's Mike Spradbery.
Running a security operations center today remains a "challenging operation," not only when it comes to the required technology, but also people and processes, says Cyberproof's Adrian Bisaz, who describes how SOCs must evolve.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.