CISOs face the continuing challenge of how to clearly communicate information security risk to the board and senior management. But now they can take advantage of a free metrics framework designed to help evaluate an organization's cybersecurity readiness. Phil Cracknell of ClubCISO describes the effort.
"Inertia and clumsiness" at the Federal Reserve Bank of New York nearly led to one of the biggest cyber-heists in history - resulting in $81 million being stolen from the central bank of Bangladesh - being even worse, according to a new report.
MacKeeper squared off with a 14-year-old over four videos he posted that criticized the anti-virus firm's marketing practices, warning the teenager that his parents could face steep legal fees and civil fines for alleged slander and libel.
France's data protection watchdog has slammed Microsoft Windows 10 for collecting excessive amounts of personal data and failing to use strong security controls. Under the country's data protection laws, Microsoft may now face up to $1.7 million in fines.
The 2016 RSA Conference Asia Pacific & Japan, to be held July 20-22 in Singapore, will offer a security road map, imparting lessons to practitioners to help them navigate through cybersecurity complexities. Here's a preview of some of the top session.
Businesses on both sides of the Atlantic are lauding the new U.S.-EU Privacy Shield, which gives them a legal way to handle Europeans' personal data. But privacy rights groups have criticized the agreement for falling short of the EU's own privacy protections.
In the on-prem world, companies needed experts for each major area of IT provenance: hardware, networking, systems administration, security, operating systems, virtualization, workload balancing, data integration, data cleansing and quality, and then all the function-specific applications that drive everyday business...
As the PCI Council turns 10, this year, Indian banks say compliance with the PCI Data Security Standard remains a priority, in spite of the market's push for more cardless payments.
The release this week by the PCI Security Standards Council of a new PCI compliance resource for small merchants is being lauded by the banking and payments community. But how effective will the resource be at actually convincing merchants to move forward with PCI compliance?
After any significant breach, many parties - ranging from customers, clients, business partners and government agencies - will demand clarity as to how and what data was stolen.
The Federal Trade Commission, for example, acts to ensure that any given organization is not negligent or reckless with private...
A new EU law will impose minimum cybersecurity measures on organizations as well as require enterprises across multiple sectors - including the likes of Amazon and Google - to report security breaches to authorities.
Forget the 2015 mega-breach, an ongoing FTC probe or multiple class-action lawsuits: A new leadership team wants to reboot infidelity-focused online dating website Ashley Madison, promising that this time they'll get security and privacy right.
Members of Congress have sent a letter to federal regulators saying that because ransomware attacks are "different" from other breaches in the healthcare sector, there's a need for new recommendations in upcoming government guidance.
In the first HIPAA enforcement action against a business associate, federal regulators have smacked a nonprofit organization with a $650,000 penalty following an investigation into a 2014 security incident affecting just 412 patients.
Ten years after the launch of the PCI Data Security Standards Council, the key to ensuring ongoing compliance with the PCI Data Security Standard is winning CEO buy-in worldwide, says Stephen Orfei, general manager of the council.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.