With the increased emphasis on detection and response, practitioners may be beginning to dilute the fundamentals of security, neglecting the need to first protect and defend, says Brijesh Datta, CISO at Reliance Jio Infocomm.
The latest ISMG Security Report leads off with a look at the growing industry of mobile spyware designed exclusively for governments, but often misused to track citizens and activists. Also, Australia's push to get allies to adopt tools to counter encryption.
When asked, "What's your container strategy?" the majority of CISOs will respond by asking: "What's a container?" So says Tenable's Gavin Millard, who sees ongoing confusion about how containers can help organizations not only move to the cloud but stay secure, provided they're correctly managed.
Rapid patching and adoption of updated software has long been a "must do" security imperative. But as WannaCry demonstrated, many organizations have yet to master the patch-management challenge, says Jack Huffard, president and COO of Tenable.
What factors are security leaders weighing today when making decisions about investments to protect their organizations tomorrow? Neustar's Joseph Loveless comments on results of ISMG's new Strategic Cybersecurity Investments Study.
Some security practitioners in India are questioning the value of the government setting up a CERT for the financial sector as well as a second Cyber Coordination Centre in Delhi to help deal with the changing cyber threat environment.
A former Qualys customer for more than a decade, Mark Butler is now the company's CISO. And one of his jobs is to help spread the word to other security leaders about the vendor's vulnerability management solutions.
Defense starts with awareness. And Dr. Paul Vixie of Farsight Security says awareness begins with tactical observations that can be gleaned from scanning Internet traffic. Vixie details how real-time contextual data can bolster security.
Members of Parliament in Britain have had their remote email access suspended following an apparent brute-force hack attempt aimed at exploiting weak passwords to gain access to their accounts. Officials say fewer than 90 email accounts appear to have been breached.
Worried about the use of encryption by terrorists, Australia plans to lobby its key signal intelligence partners at a meeting in Canada for the creation of new legal powers that would allow access to scrambled communications. But Australia says it doesn't want backdoors. So what does it want?
Opportunistic attackers may have breached some Parliament email accounts by brute-force guessing their way into accounts with weak passwords. But such a breach is hardly the "cyberattack" some are making it out to be.
Health insurer Anthem has agreed to a proposed $115 million deal to settle a class action lawsuit over a 2015 cyberattack that resulted in data breach affecting nearly 78.9 million individuals. If approved, lawyers say it would be the largest data breach settlement ever.
The Mirai botnet is just the most high-profile example of the new weaponization of DDoS. Attacks are stronger than ever, and multilayer defenses are needed to prevent disruption and distraction, says Darren Anstee of Arbor Networks.
Security leaders face more threats than they'd like, but with fewer security personnel than they need. Aaron Miller of Palo Alto Networks discusses the case for new automated security solutions.
Tata Communication's Avinash Prasad clears up misconceptions about the emerging security-as-a-service model and describes the role it can play, especially at organizations growing through mergers and acquisitions.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.