In this edition of the ISMG Security Report, former federal CISO Gregory Touhill explains why a zero-trust security model is essential, and Ron Ross of NIST describes initiatives to protect critical infrastructure from IoT vulnerabilities.
Altered data can be just as damaging as lost or stolen data. Diana Kelley of Microsoft outlines key steps for how enterprises can improve how they maintain data integrity.
Don't rush to blame the printing outage at newspapers owned by Tribune Publishing on anything more than an organization failing to block a malware outbreak. And even if it does prove to be a Ryuk ransomware attack, there's no proof yet that any particular nation-state is behind the campaign, experts warn.
Personal information for 1,000 North Korean defectors, including their names and addresses, has been stolen via a malware attack, officials in South Korea warn. They've traced the leak to a malware infection at a refugee resettlement center, and say police continue to investigate.
Digital steganography is the practice of hiding information in plain sight, especially inside other data or images. And a new toolset, which debuted earlier this month at the Black Hat Europe conference, suggests steganography is going to get much more difficult to spot.
In an increasingly complex world of interconnected information systems and devices, more must be done to protect critical infrastructure, says Ron Ross of the National Institute of Standards and Technology.
Efforts to protect privacy must be carefully balanced against the need to practically implement advanced technologies, argues Jared Ragland, senior director for policy in APAC at BSA/The Software Alliance, an advocacy group for software companies.
Hardware authentication and user behavior analytics are among top promising security technologies that Michael Prakhye, CISO at Adventist HealthCare, will closely examine in the year ahead.
How are cybercrime syndicates launching attacks that leverage IoT devices? Eddie Doyle of Check Point Software Technologies offers insights on the latest attack strategies and how to counter them.
Facebook violated consumer protection law by failing to protect personal data that consumers thought they'd locked down, the District of Columbia alleges in a new lawsuit. Plus, Facebook is disputing a New York Times report that it ignored privacy settings and shared data with large companies without consent.
As India's Parliament prepares to finalize a privacy and data protection law in the weeks ahead, there's still no consensus among security practitioners about what approach the legislation should take. But the government should ensure all companies comply with clearly defined standards - or face punishment.
Twitter says that an unspecified number of its users may have been targeted by state-sponsored hackers seeking to unmask their identity. Separately, Trend Micro says Twitter has blocked an account that was posting image memes designed to remotely control malware-infected PCs.
DigiCert just conducted a global study of how organizations across sectors are approaching IoT security. What are some of the best practices of the organizations that emphasize securing connected devices? Mike Nelson of DigiCert shares the findings.
As India moves from 4G to 5G mobile networks, it must be prepared to address new security challenges, says Chet Babla, a vice president at Arm, a chip and device manufacturer.
Super Micro Computer says a third-party audit of its recent and older motherboards has not turned up evidence of a spying chip as alleged in an explosive report two months ago by Bloomberg BusinessWeek. Bloomberg, however, has stood by its story despite no physical example of the malicious chip turning up.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.