Every application should be protected the same way no matter where it resides, rather than focusing on a "perimeter" approach, says Doug Copley of Duo Security, who describes a "zero trust" approach.
As businesses change their key strategies, they must ensure they mitigate new risks that emerge, says Chris Testa of Cybereason. This must go beyond a defense-in-depth approach to include a plan for what to do when an inevitable intrusion occurs, he says.
With the increase in vulnerabilities in operational technology infrastructure, it's important to deploy unidirectional hardware gateways to restrict entry into OT networks, says Ajit Jha of L&T Technology Services.
Stolen data is one thing - the consequences are obvious. But what if data is not stolen or leaked, but rather altered? What could be the damage? Diana Kelley of Microsoft discusses the emerging topic of data integrity and how to preserve it.
Organizations in India must strive to quickly comply with the EU's GDPR, which is becoming a global standard, and also draft its own national privacy regulations, says Sanjay Sahay, additional director general, cyber, Karnataka Police.
Australian medical booking platform HealthEngine offered AU$25 (US$19) gift vouchers to dental patients who sent photos of their treatment invoices to the company, which it positioned to patients as "invaluable" research. Privacy experts say the company may have fallen afoul of Australian privacy guidelines.
A new initiative by the Cyber Readiness Institute aims to promote best cybersecurity and vendor risk management practices to smaller enterprises. RiskRecon founder and CEO Kelly White offers his perspective on converting standards to practices.
At the advent of real-time payments, it's more critical than ever for organizations to quickly authenticate users and transactions. And David Vergara of OneSpan says emerging tools build upon legacy technologies to ensure trusted identity with minimal friction.
Leading the latest edition of the ISMG Security Report: CipherTrace CEO Dave Jevans discusses recent research on cryptocurrency money laundering and whether regulation is possible. Plus, California passes a new privacy law.
The single largest challenge that an organization faces in complying with a privacy framework is in mapping their personal identifiable information, says Shivangi Nadkarni, CEO at Arrka Consulting.
Patch management problem: Organizations must identify and fix all new vulnerabilities in their software and hardware as quickly as possible. Unfortunately, on average, attackers keep exploiting flaws faster than they're being patched, says Tenable's Gavin Millard.
In the age of GDPR, more organizations are looking to data classification - including more automated techniques for doing so - as a way to not only help them protect their crown jewels, but in the case of a breach quickly identify what went missing, says Digital Guardian's Tony Themelis.
The Virtual ID system that can be used in lieu of Aadhaar number for identity verification is now operational across banks and enterprises. However, UIDAI has extended its migration deadline to Aug. 31 to enable all organizations to be ready. Experts weigh in on the enterprise readiness for Virtual Aadhaar.
The difficulty in hiring new information security personnel and need to combat the ever-rising number of threats is driving many organizations to seek increased incident response automation, and in many cases to get it by working with managed security service providers, says AlienVault's Mike LaPeters.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.