After initial protests, Google, Facebook, Amazon and Microsoft, along with major payment firms, have indicated they plan to comply with the Reserve Bank of India's payment data localization mandate and meet the Oct. 15 deadline. Security experts analyze the impact of the data storage shift.
Ride-hailing platform Uber Technologies has reached a $148 million settlement agreement with the attorneys general of all 50 states and the District of Columbia over its failure to report a massive 2016 data breach in a timely manner, as well as its inadequate information security practices.
In harmony with a wave of global privacy and security legislation, Canada has its own new breach notification requirements going into effect on Nov. 1. Attorney Ruth Promislow says these standards will force organizations to shift from a reactive to a proactive approach to incident response.
Ryan Duquette, an independent forensics examiner who formerly was a criminal investigator in law enforcement, offers insights on public/private partnerships and how investigators can work better with enterprises in the event of a breach.
Privacy advocates are praising the India Supreme Court's ruling that private entities can no longer require the use of Aadhaar data for authentication, but they're pressing for swift passage of a new data protection law.
A national cybersecurity strategy document released by the White House last week - along with comments from a top Trump administration official that the U.S. would step up its offensive cyber measures - are getting mixed reviews from cybersecurity experts.
At RSA Conference 2018 Asia Pacific & Japan, Information Security Media Group conducted dozens of video interviews with industry thought leaders. Here are the highlights.
WhatsApp has agreed to appoint a grievance officer for India who will handle complaints about fake news. The nation's government had demanded the action in the wake of recent mob violence triggered by fake news spread on the social media platform. But will the appointment have a significant impact?
Scan4You, a notorious cornerstone of the cybercrime-as-a-service economy that allowed malware developers to more easily create code to bypass anti-virus defenses, has been dismantled, and its Latvian technical administrator has been slammed with a 14-year U.S. prison sentence.
In Australia, it can take as few as 15 minutes to steal someone's phone number, a type of attack known as SIM hijacking. Such attacks are rising, but mobile operators have no plans to change the authentication required around number porting, which can be set in motion online with minimal personal information.
IoT devices are increasingly becoming a way to pay for goods and services, shifting the "internet of things" to the "internet of transactions." Gord Jamieson of Visa Canada discusses steps the card network is taking to ensure these payments are secure.
Organizations in all sectors need a framework for proving the effectiveness of security controls through the various stages of the threat lifecyle, says Chris Strand of Carbon Black.
Twitter has fixed a bug that sometimes sent a user's direct messages not only to the specified recipient, but also to unrelated external developers. The social networking service is notifying more than 3 million affected users and has requested that unintended recipients delete the messages.
Email fraud threats have evolved from attackers targeting networks to them focusing on specific individuals within an organization. What can enterprises do to halt these attacks before they reach the inbox? Denis Ryan of Proofpoint shares defensive tactics.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.