How can information security professionals set priorities for addressing emerging risks? Verizon's Ashish Thapar shares insights for Asian practitioners from the 2016 Verizon Data Breach Investigation Report.
The Verizon 2016 Data Breach Investigations report finds malware, ransomware and phishing attacks are more common than ever and creating even more damage. Organizations are continuing to get exploited via vulnerabilities that are months or even years old, forensics expert Laurance Dine explains in this interview.
The most important lesson from the lawsuit electronic health records vendor Epic Systems filed against Tata Consultancy Services is that data security controls must extend beyond protecting personally identifiable information to include intellectual property, attorney Ron Raether explains in this audio report.
Qatar National Bank has suffered a massive breach involving 1.4 GB of sensitive internal files being dumped online by unknown attackers. Experts say customers' records, access credentials and payment card data have been exposed.
Like last year's breach of the online dating site Ashley Madison - tagline: "Life is Short. Have an Affair." - this year's release of the "Panama Papers" is holding individuals accountable for actions which, if not always illegal, in many cases appear to have at least been unethical.
Cybersecurity could become a $35 billion industry in India by 2025, creating more than 1 million jobs, says Indian IT trade association Nasscom. But until the government, academia and industry get on the same page, delivering on that vision will be difficult.
Amidst emerging technologies, CISOs must prepare to deal with a new set of challenges. And security should become a board agenda, says Vijay Subramanyam, partner with KPMG's IT Risk Consulting Practice.
Epic Systems' successful lawsuit against India's Tata Consultancy Services raises many security questions. For example, why did Epic find out about the allegedly inappropriate downloading of trade secrets from an external whistleblower, rather than as a result of internal detection efforts?
What could be worse than a ransomware infection? How about getting infected by "torture ransomware" that uses a sadistic puppet to taunt you, slowly deleting your encrypted files while increasing the ransom demand until you pay?
Attackers have been exploiting JBoss application servers to install remote-control web shells as part of a campaign that targets enterprises with network-hopping SamSam (a.k.a. Samas) ransomware, researchers at Cisco Talos warn.
Even with the exponential increase in what technology can achieve in fighting security threats and fraud, a recent discussion with practitioners suggests that insider risk remains the biggest issue giving practitioners sleepless nights.