Many organizations still fail to practice smart web security, warns penetration testing expert Ilia Kolochenko, who notes that 23 percent of all websites still use SSL version 3, despite it leaving them at risk from POODLE and BEAST attacks.
The third edition of ISMG's Data Breach and Fraud Prevention Summit in Asia took off June 8 in Mumbai. Here are some highlights and first impressions from the day-long event, featuring key industry thought leaders.
Demonstrating the return on security investment and getting management buy-in remain some of the less glamorous, but very real challenges faced by Indian CISOs, says Shivkumar Pandey of the Bombay Stock Exchange.
Insider fraud is one of the biggest challenges facing Indian security practitioners, yet they struggle to respond to insider crimes, says Berjes Shroff, CISO of Godrej Infotech, and a speaker at the ISMG Data Breach & Fraud Prevention Summit Asia in Mumbai.
ISMG's upcoming Data Breach & Fraud Prevention Summit Asia 2016 in Mumbai will focus on the latest fraud techniques and technologies, as industry thought leaders take us through new approaches to tackle breaches as well as today's top schemes and solutions to stop them.
TeamViewer is strengthening the security of its remote access application after an uptick in account takeovers that the company says is the result of hackers reusing account credentials from recent data breaches.
Narayan Neelakantan, outgoing CISO at the National Stock Exchange of India, is concerned that the lack of capacity in incident response is going to haunt Indian organizations in the near future. He shares insight on IR maturity and the imminent need.
Asking how many different technologies consumers will tolerate when it comes to paying for their goods and services is a bit like asking how many more superheroes moviegoers will countenance in the latest "Avengers" film.
Is SWIFT now playing good cop/bad cop? While it initially promised to not police the financial services industry, it's now considering training auditors and suspending banks found to have poor information security practices.
A federal judge has cleared the way for a class-action lawsuit filed by card issuers against Home Depot over the retailer's massive 2014 payments breach to proceed. In making the ruling, the judge noted that the banks' allegations regarding the retailer's security negligence appear to have merit.
MySpace has confirmed it is resetting millions of accounts affected by the release of 360 million usernames, email addresses and passwords. According to one expert, more of these types of big breach announcements may be coming.
IBM's Vaidyanathan Iyer says security practitioners need new tactics to bridge the skills gap and fight emerging threats. He suggests the use of analytics and machine learning would easily help fill the gap in detecting threats.
A Bangladesh probe says that an insider may have assisted attackers in perpetrating the $81 million cyber heist against Bangladesh Bank. SWIFT has unveiled new security measures to help other banks, but security experts say more will be needed.