Addressing digital payment security challenges requires having good identity verification capabilities as well as a strong authentication process that's friction-free for consumers, says Singapore-based Gautam Aggarwal, senior vice president and regional chief technology officer, Asia Pacific, at Mastercard.
With 82 per cent of CISOs feeling burnt out, what's going on in the cyber industry to cause this? And what can be done to stop CISO burnout? The Cybersecurity special report, published in The Times, explores the cybersecurity industry from C-suite roles to cyber threats while working from home. It looks at the...
Even after being notified that their personal data has been compromised in a breach, only about a third of users change their passwords - and most are not strong or unique, according to a study by researchers at Carnegie Mellon University, who call for changes in breach notification procedures.
The massive shift to remote working as a result of the COVID-19 pandemic means more organizations are adopting the "zero trust" model, taking such steps as implementing proper access controls, monitoring user behavior and building data governance policies.
Mphasis, the IT service management company, has made many adjustments to its risk management strategy - including wider use of multifactor authentication - as a result of more staff members working from home, says Sethu S. Raman, senior vice president and chief risk officer.
Bil Harmer, CISO and Chief Evangelist at SecureAuth and Dan Dunstedter, Data Security/HIPAA Security Officer of Phelps Health, discuss why security teams need to increase the level of protection used to secure valuable and highly sensitive information and how they have implemented the highest level of authentication...
Security experts and law enforcement officials have long argued that paying ransoms doesn't pay. For starters, it directly funds the cybercrime ecosystem and makes it attractive for criminals to keep launching ransomware attacks.
Enterprises have long used Virtual Private Networks to promote connectivity and security. But as the gatekeeper to internal resources, VPNs can be a target for attackers looking to gain access to sensitive data. It's essential organisations take steps to secure VPNs to protect against unauthorised access and data...
To deal with the problem of "shadow IT" during the COVID-19 pandemic, organizations should put in place redefined compliance and governance policies, take a multilayered security approach and adopt a security framework to prioritize risks, a panel of three experts advises.
Implementing a "zero trust" approach to security boils down to this: "You have to have one entry to access enterprise applications," says Durga Durga Prasad Dube, global CISO at Reliance Industries, an Mumbai-based multinational conglomerate.
As e-commerce explodes during the global CIVD-19 pandemic, transaction authentication is more critical for fraud prevention, says Phil Dunkelberger of Nok Nok Labs, who discusses the latest fraud trends.
Singapore's open banking effort has expanded the attack surface, and the only effective defense is to enhance threat intelligence sharing among banks, retailers and third parties, says Tom Wills, a Singapore-based cybersecurity practitioner who is a consultant for financial institutions.
To ensure business continuity, companies that support India's critical infrastructure need to validate the functioning of the security controls and other tools deployed to support the remote workforce during the COVID-19 pandemic, says Mumbai-based Shivkumar Pandey, group CISO at the Bombay Stock Exchange.
Privileged access management is more critical as a result of the shift to telework during the COVID-19 pandemic and the ongoing movement of applications and data to the cloud, says Dr. Yask Sharma, CISO of a large national critical infrastructure organization in India, who outlines essential PAM components.
As CISOs in India scramble to deal with challenges related to the COVID-19 crisis, they're discovering effective strategies. For example, they're adopting the "zero trust" model for the remote workforce and devising ways to deal with the security issues raised by "shadow IT" and "free software."