Enterprise security leaders largely understand the business problems posed by a lack of privileged access management. But understanding and overcoming the obstacles to deploying a successful PAM rollout? That's the real challenge, says Alex Mosher of CA Technologies.
MeitY has issued draft rules to develop a security framework for prepaid payment instruments following the government's drive toward cashless transaction. Security leaders offer suggestions on the essential security controls.
Password manager LastPass has deployed a server-side fix to repair a vulnerability that could have allowed an attacker to steal a victim's passwords. It's the latest finding from Tavis Ormandy of Google's Project Zero, who's since reported another flaw in LastPass.
RBI has mandated that all banks migrate to Aadhaar-based biometric authentication for electronic payment transactions by June 30. But some information security experts question whether the the technology can handle the potential volume of transactions.
A coding error by Cloudflare exposed data relating to more than 2,500 Singapore websites owned by various organizations in private and public sectors. SingCERT has issued a related security advisory with mitigation steps, but do such alerts prompt action?
The technology and know-how exists to build a hack-proof computer, but doing so won't be easy, says Howard Shrobe, principal research scientist at the Massachusetts Institute of Technology's Computer Science and Artificial Intelligence Laboratory.
The Russian government appears to be doubling down on its information warfare success to date, publicly confirming that it has a "cyber army" designed to wage psychological operations and propaganda campaigns. While there are defenses, too few are using them.
If you run a website today, you need to implement ongoing security tactics to combat the modern attacker who are adapting to your defenses with primary motivation of hijacking data . What are the effective ways of doing this and how can your organization benefit from a web application firewall?
Attackers are increasingly targeting mobile channels, driving banks to seek better ways of verifying the authenticity and integrity of not just users, but also mobile devices and transactions, says John Gunn of cybersecurity technology firm Vasco Data Security.
The present government's move to demonetize currency has given an increased impetus to cashless and electronic transactions in the country. With digitization occurring across all spheres of life,
the common citizen is being increasingly incentivized to go digital with their financial transactions, which can...
With the current demonetization move and the emphasis on cashless transactions in India, the chances of cyber risk to the payments infrastructure are higher ever before. What then will be India's
stance going forward and how do business and practitioners need to respond to this risk? country like India and what are...
With more data being moved out of on-premise environments, data needs to be classified and secured to an appropriate level to prevent it from being compromised. This embraces the practice of assessing the risk of data loss, mitigating those risks and applying adequate resources towards securing the data, both...
A report on passage by the House of Representatives of a bill aimed at toughening insider threat defenses at the Department of Homeland Security leads the latest edition of the ISMG Security Report. Also, analyzing the use of blockchain technology to secure healthcare data.
Facebook is aiming to make account recovery and password resets more secure with a new, updated approach that eliminates outdated weaknesses such as emailed reset links, SMS messages and security questions.
Yet another study reveals that millions of people are picking weak passwords, with "123456" remaining our collective favorite. Rules requiring stronger passwords and not forcing passwords to expire both could help boost security.