At the first of three Congressional hearings slated this week to examine the Equifax mega-breach, one Republican said of the company's delay in detecting the breach: "It's like the guards of Fort Knox forgot to lock the doors and failed to notice the thieves were emptying the vaults."
The latest edition of the ISMG Security Report is devoted to a special report on how enterprises around the world should prepare for the European Union's General Data Protection Regulation, which starts being enforced in May.
Haryana has launched its own cybersecurity framework. But some security practitioners question whether it's really necessary, given the national policy in place. And they point to a lack of detail in the state policy, such as the failure to spell out penalties to be imposed if a firm fails to protect data.
Equifax is facing increased scrutiny from Congress, including a bill that would mandate free credit freezes for consumers, on demand. But a true fix would require Congress to give U.S. government consumer watchdogs more power.
In an in-depth interview, Pavan Duggal, advocate, Supreme Court, spells out the specific steps he believes the government needs to take now that the Supreme Court has declared privacy as a fundamental right.
If the Equifax breach turns out like every other massive data breach we've seen for more than a decade, after a big brouhaha - from Congress, state attorneys general, consumer rights groups and class-action lawsuits - nothing will change, because that would require Congress to give Americans more privacy rights.
A landmark ruling by the Supreme Court of India finds that citizens have a fundamental right to privacy. Experts weigh in on court's verdict and its implications on information security and Aadhaar ecosystem.
The telecom sector in India has repeatedly been targeted by malware attacks, raising serious concerns about vulnerabilities in one of the largest local business sectors. As a result, some security experts are calling for stronger enforcement of regulations and more frequent security audits.
Mobile apps in India seeking blanket access to phone users' information have come under the lens of TRAI. Security practitioners believe the data privacy dilemma combined with shortcomings in the privacy laws are resulting in such privacy violations.
Australia's mandatory data breach notification law, which goes into effect next February, brings a host of new requirements. Gordon Hughes, an attorney and data protection expert, discusses what organizations need to be aware of ahead of its implementation.
A discussion on the latest happenings in the darknet marketplace leads the latest edition of the ISMG Security Report. Also, getting to the bottom of Russia's Democratic Party hack could be the ultimate goal of a lawsuit filed against the Donald Trump presidential campaign.
Who are the top security analytics (SA) providers, and what sets them apart? Forrester researched, analyzed and scored the 11 most significant SA vendors to help organizations evaluate their offerings.
Download this whitepaper and learn:
Who the top four leaders in the market are;
Why security and risk (S&R)...
For public sector agencies caught between the prohibitive cost of a formal security operations center (SOC) and the wholly inadequate protection from an informal SOC, there is a solution: building a SOC that automates as much of the work as possible.
Download this whitepaper and learn:
How automation can help a...
A public sector agency that makes use of security intelligence and analytics takes the burden off its OPSEC team. Powerful machine analytics can make associations among traces of evidence and identify security events much more quickly and efficiently than humans can. Automation enables you to respond to an incident in...