Next year, the Singapore parliament will consider a cybersecurity bill that was revised after government officials reviewed numerous public comments on a draft version. The purpose of the bill is to establish a framework for the oversight and maintenance of cybersecurity in the government and the private sector.
Compliance should be an ongoing operational business process designed to derive efficiency, scalability and insight, Sam O'Brien, RSA's GRC business lead for Asia-Pacific and Japan.
In the annals of bad bugs for 2017, Apple's High Sierra fiasco could be No. 1. How does one of the world's most well-resourced software developers miss a glaring issue posted in one of its own forums?
As data protection breaches have become daily headline news and everyone becomes increasingly sensitive about privacy, the regulatory regime is getting tougher. Data protection laws in Europe are more important than ever before - especially as the enforcement deadline of the EU GDPR looms.
RBI's recent move to mandate that all banks must use Aadhaar as the primary form of authentication for anyone accessing their bank account is stirring a debate about the long-term role of the authentication mechanism and associated data security issues.
Are you an accused Russian hacker who's been detained on foreign soil at the request of U.S. authorities? Bad news: While Mother Russia will go to court to try to bring you home, your odds of resisting U.S. extradition don't look good.
Commander Mukesh Saini, IT security head at Essel Group, an Indian conglomerate, explains why it's so important for all organizations to designate at least one "digital evidence first responder" to help preserve evidence in fraud and breach incidents that could be used in court.
Every new cybersecurity regulation includes at least some emphasis on improving vendor risk management. But what happens when vendors balk at the extra degree of scrutiny required? Moffitt Cancer Center's Dave Summitt describes his risk-based approach to business associates.
As the GDPR's enforcement date nears, North American healthcare organizations are scrambling to ensure their data protection policies and practices are up to snuff. Mitch Parker of Indiana University Health System offers his prescription for GDPR compliance.
Give crooks credit for topicality: They remain loathe to miss a trick. Indeed, hardly any time elapsed after Uber came clean about the year-old breach it had concealed before crack teams of social engineers unleashed appropriately themed phishing messages designed to bamboozle the masses.
With a rise in incidents of omnichannel financial fraud globally, financial institutions need to enhance their ability to detect fraud - while also reducing technical complexity. Maxim Shifrin of IBM Trusteer discusses new solutions.
Move over Equifax. There's a massive new data breach notification in town. And Uber is still struggling to come clean about why it waited for one year to notify data breach victims and regulators.
HealthcareInfoSecurity Executive Editor Marianne Kolbasuk McGee reflects on the just-concluded Healthcare Security Summit in New York in the latest edition of the ISMG Security Report. Also, PCI Security Standards Council CTO Troy Leach addresses ransomware risks.
The PCI Security Standards Council is creating a payments software framework, including two new standards that can evolve as the software rapidly changes, Troy Leach, the council's CTO, explains in this in-depth interview.
With only six months until the EU's General Data Protection Regulation is enforced, organizations across the world that handle Europeans' data are grappling with compliance challenges, including how long to retain PII, says Devender Kumar of Mphasis, who offers advice on effective strategies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.