Implementing trusted digital IDs will create benefits for end users as well as service providers, says Nick Mothershaw, chair and executive director at the Open Identity Exchange. But widespread international adoption of such IDs will take time to achieve, he acknowledges.
Many ethical hackers and other security professionals, such as penetration testers, have weaponized cloud platforms to host online attack infrastructure or have used the platforms to conduct reconnaissance, according security researchers at Texas Tech University.
Emerging passwordless security standards elevated consumer and consumer-like experience expectations, and ballooning costs have moved to eliminate passwords from a theoretical concept to a real possibility.
Read this guide to:
Explore the case for going passwordless for both customer and employee authentication;
Organisations want their dev teams to roll out great new experiences that attract and retain customers while improving their lifetime value. However, today's end users are trained by the Googles, Amazons, and Facebooks of the world to disengage from experiences that aren't technologically advanced, frictionless,...
It is important to have contextual authentication in place to manage privileged as well as less privileged accounts in an organization, says Avinash Tiwari, CISO and head, information security, at Pidilite Industries, a large manufacturing firm.
Addressing digital payment security challenges requires having good identity verification capabilities as well as a strong authentication process that's friction-free for consumers, says Singapore-based Gautam Aggarwal, senior vice president and regional chief technology officer, Asia Pacific, at Mastercard.
Even after being notified that their personal data has been compromised in a breach, only about a third of users change their passwords - and most are not strong or unique, according to a study by researchers at Carnegie Mellon University, who call for changes in breach notification procedures.
The massive shift to remote working as a result of the COVID-19 pandemic means more organizations are adopting the "zero trust" model, taking such steps as implementing proper access controls, monitoring user behavior and building data governance policies.
Mphasis, the IT service management company, has made many adjustments to its risk management strategy - including wider use of multifactor authentication - as a result of more staff members working from home, says Sethu S. Raman, senior vice president and chief risk officer.
Security experts and law enforcement officials have long argued that paying ransoms doesn't pay. For starters, it directly funds the cybercrime ecosystem and makes it attractive for criminals to keep launching ransomware attacks.
Enterprises have long used Virtual Private Networks to promote connectivity and security. But as the gatekeeper to internal resources, VPNs can be a target for attackers looking to gain access to sensitive data. It's essential organisations take steps to secure VPNs to protect against unauthorized access and data...
To deal with the problem of "shadow IT" during the COVID-19 pandemic, organizations should put in place redefined compliance and governance policies, take a multilayered security approach and adopt a security framework to prioritize risks, a panel of three experts advises.
Implementing a "zero trust" approach to security boils down to this: "You have to have one entry to access enterprise applications," says Durga Durga Prasad Dube, global CISO at Reliance Industries, an Mumbai-based multinational conglomerate.
As e-commerce explodes during the global CIVD-19 pandemic, transaction authentication is more critical for fraud prevention, says Phil Dunkelberger of Nok Nok Labs, who discusses the latest fraud trends.
Singapore's open banking effort has expanded the attack surface, and the only effective defense is to enhance threat intelligence sharing among banks, retailers and third parties, says Tom Wills, a Singapore-based cybersecurity practitioner who is a consultant for financial institutions.