A vulnerability in a government-run website designed to assist employees in linking to their Provident Fund retirement accounts with their Aadhaar numbers was targeted by hackers, reportedly exposing data on millions.
Cybersecurity and fraud prevention functions need to start working more closely together to share and leverage cross-functional knowledge that can help improve security, says Michael Thelander of iovation.
The Ashley Madison breach of 2015 quickly became one the most famous of the high-profile hacks. Three years later, CISO Matthew Maglieri discusses the breach recovery and what he refers to as "cybersecurity in a world of discretion."
Security still remains an afterthought when many organizations are adding new technologies to provide a differentiated customer experience, says Anna Convery of Radware, who recommends a change in approach.
Twitter has apologized after it discovered that it had been inadvertently storing users' passwords in plaintext in an internal log, potentially putting them at risk. Twitter has blamed a bug for the fault and recommends all users change their passwords immediately.
As attackers get increasingly sophisticated in reverse-engineering applications, it is imperative that enterprises secure trusted applications that are reaching back into the datacenter from beyond the perimeter, says Rusty Carter of Arxan Technologies.
Over 55 percent of people will reuse passwords despite acknowledging the risks, says Amber Steel of LastPass. In the enterprise context, this bad behavior needs to be addressed without burdening employees with policies which could impact productivity, she says.