Managing third-party risks must start with due diligence activities, and technology can play an important role, says Julian Colborne-Baber, forensic partner at Deloitte in the U.K.
Critical steps when implementing a privileged access management program include auditing of activities performed by administrators and continuous monitoring of user activity, says Sujit Christy, group CISO at John Keells Holdings, a conglomerate based in Sri Lanka.
The Office of the Comptroller of the Currency has fined Morgan Stanley $60 million for the investment bank's failure to properly oversee the decommissioning of several data centers, putting customer data at risk of exposure.
Using intrusive technologies to check staff behavior in an effort to fight against supply chain fraud is ineffective, says Richard Dailly, managing director in Hong Kong at the security firm Kroll, who explains why.
The world of third-party risk management is rapidly changing. Each day, organizations like yours face new security, privacy, and compliance threats when working with third parties. The good news is there are world-class teams around the world that are paving the way with new best practices for the next generation of...
A hybrid workforce, heightened insider risk, 5G concerns over the expanded attack surface - these are the "more" that people reference when they talk about "doing more with less" in 2021. A CEO/CISO panel discusses how security leaders prioritize budget allocations for these concerns.
Jeanette Manfra served under three presidents as one of the top U.S. government cybersecurity leaders. Now in her new role with Google Cloud, she draws upon her public sector experience to help agencies in their cloud adoption.
Qualcomm is prepping patches for its Snapdragon Digital Signal Processor, used in an estimated 1 billion or more Android devices, after researchers at Check Point counted 400 flaws that attackers could exploit to take control of devices and steal all data they store.
Your organisation likely has some means for managing third-party risk, but you probably suspect that there remain untapped opportunities to incrementally improve your program. While there is no one right Third-Party Risk Management, there is a model right for you, and incorporating best practices into your processes...
The "zero trust" model can play a critical role in mitigating emerging threats. That's why Information Security Media Group will host on Aug. 4 a virtual cybersecurity summit for Southeast Asia on applying the model.
The "zero trust" model can play a critical role in mitigating emerging threats. That's why Information Security Media Group will host on July 27 a virtual cybersecurity summit for India on applying the model.
Security teams are dealing with more vulnerabilities than they can handle. Spreading these limited resources too thin can quickly lead to inefficiency and burnout. Don't waste precious time remediating vulnerabilities that pose little to no risk.
With risk-based vulnerability management, you'll know exactly which...
Britain's U-turn on Huawei, announcing that it will now ban the manufacturer's gear from its 5G networks, highlights this as yet unresolved problem: Years of underinvestment and policy failures have left Britain and its allies with no inexpensive, trusted alternative.
As the risks to IT and OT converge, organizations must ramp up their threat intelligence information sharing mechanisms and build a more comprehensive cybersecurity policy, says Singapore-based John Lee, managing director of GRF Asia, a federation for building global resilience.
Roger Sels of BlackBerry assesses cybersecurity risk and sees two forms of chaos - cyber and endpoint. He also sees enterprises trying to defend automated attacks at human speed, which makes him ask: Isn't it time we rebooted our approach to cybersecurity risk prevention?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.
