When a company plans to make an acquisition, it should conduct a "compromise assessment" to assess whether the organization being purchased has had an undiscovered breach, says Steve Ledzian, CTO for Asia Pacific at FireEye.
Many third-party risk programs address information technology but not operational technology, says Dawn Cappelli of Rockwell Automation, who discusses why OT security should be a priority.
The National Internet Exchange of India, an autonomous body under the Ministry of Electronics and IT that maintains the .In registry and country code Top Level Domains, has switched to a new outsourcer for operations and maintenance. Some security experts are criticizing the move.
According to some researchers, up to 61 percent of recent data breaches were a result of a third-party vulnerability. Matan Or-El, CEO of Panorays, discusses the weakest links of supply chain security and how to strengthen them with automated tools.
The risks posed to enterprises managing third parties have evolved. Increasing reliance on third-party vendors, new privacy regulations, shifting cybersecurity threats, and frequent data breaches have upended the third-party risk landscape. As a result, modern risk solutions must adapt to solve both security and...
CISOs need to work with partners in other departments to help ensure the success of major security projects, says John Pescatore, the director of the SANS Institute, who spoke at RSA Conference 2019.
Five years ago, rating the cybersecurity posture of organizations to help reduce risk and improve their security posture was a new idea. Since then, the concept has been expanded to include everything from threat management to cyber insurance premiums, says Sam Kassoumeh, COO of SecurityScorecard.
More than ever before, companies are investing heavily in their organization's security. But as the threat landscape changes, how do you know that these investments in security are paying off - and how can you determine that you are investing the appropriate amount of security spending in the areas that matter most to...
What are some of the hottest issues that will be discussed at this year's RSA Conference, to be held March 4-8 in San Francisco? Britta Glade, content director for the world's largest data security event, says DevSecOps - as well as third-party risk and cloud-related issues - are emerging as key themes.
With such a wide breadth of responsibility, how can small and mid-sized financial institutions counter sophisticated cyberthreats, provide monitoring and incident response needed for compliance?
If you are a security or risk leader, you know that even with a formal third-party risk program in place, you are not effectively keeping track of all of your third parties.
Software Applications are one of the more challenging types of log sources you will integrate into your enterprise logging strategy, but they are also one of the most important.
The more awareness you have into what's happening in your environment, the more calculated actions you can take to mitigate risk.
Download...
The Reserve Bank of India intends to do away with the one-time password authentication process for online transactions. In a step in that direction, for the first time, it's allowing widespread tokenization of debit, credit and prepaid card transactions to enhance the safety of digital payments.
An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA. Regulatory experts analyze the implications of the case.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.