Critical infrastructure, including electricity grids and telecommunications networks, is under attack. Optiv's Brian Wrozek discusses the challenges CISOs face in dealing with increasingly connected industrial devices.
Some security practitioners are lauding government's efforts to leverage blockchain for its various projects. In the latest move, the government's cybersecurity chief ordered the Indian Institute of Technology- Kanpur to develop a new blockchain architecture that can be used for e-governance.
Payments are getting faster, and so is payments fraud. A robust fraud management strategy focusing on strong authentication, customer education and scalable responses can be instrumental in minimizing payment fraud risk.
Equifax says it continues to field queries from U.S. lawmakers about the full extent of its massive 2017 data breach, which occurred after an attacker exploited its unpatched Apache Struts web application. Research finds that many more organizations are using unpatched Struts applications.
A remote code execution vulnerability revealed in late March in the Drupal content management system is now being used on a large scale for mining the virtual currency monero, a researcher says. At least 400 websites have been infected, and the total number is likely far higher, security experts warn.
Security leaders need to align business goals and risks to be able to gain buy-in for security initiatives, which is the only way to achieve a cultural change in the organization, says Sameer Ratolikar, CISO of India's HDFC Bank.
You're the new kid on the cybersecurity block. You believe you have a unique solution to address an unresolved challenge in the security stack, and beta customers are bullish on your company's potential. We asked: "So what?" What makes these companies different? See startups deliver their quick pitch.
Security vendor ProtectWise says a series of operating mistakes has allowed it to gain insight into a group, believed to be affiliated with Chinese intelligence, that specializes in stealing code-signing certificates. The certificates allow for the signing of malware that's unlikely to raise security alarms.
Privacy regulations, user satisfaction concerns and the need to prevent data breaches are driving more organizations that must authenticate users to find "a better way of ensuring that people are who they are when they are accessing critical information," says Tony Smales, CEO of Forticode.