Global messaging app WhatsApp's instant payment service went live in India on Dec.16. But despite its two-factor authentication being accepted by leading banks, there are concerns about potential security issues.
To enhance organizations' security postures in the year ahead, CISOs must strengthen authentication processes, increase the use of network segmentation tools and deploy effective threat intelligence capabilities, two CISOs recommend.
An investigation at the U.S. Treasury Department has found that it suffered a "significant" breach as a result of the SolarWinds Orion supply chain attack, a top Democrat on the Senate Finance Committee reports. Meanwhile President-elect Joe Biden said of the attack: "I promise you, there will be a response."
Hackers who infiltrated government and business networks via a stealthy backdoor added to SolarWinds' Orion software appear to have focused on only the most high-value targets, leading to about 50 organizations being "genuinely impacted," says FireEye CEO Kevin Mandia.
Enterprises should have an incident response plan with a continuous monitoring threat intelligence sharing mechanism to help protect critical infrastructure from nation-state attacks, says Jayesh Ranjan, principal secretary-IT, government of Telangana
Networks are fundamentally changing as a result of data being used across cloud environments. So security must be built into networks to improve mitigation of cyberthreats, says Nick Savvides, senior director of strategic business, APAC, at Forcepoint.
It's not yet clear what action the state of Kerala will take now that it has abruptly withdrawn Section 118A of the Kerala Police Act, which was intended to help prevent social media abuses, including attacks on women and children.
An enterprise's cross-functional groups responsible for the business growth and brand reputation should be held equally accountable for cybersecurity. That's the view of a CISO and a CTO who participated in a fireside chat at ISMG's recent Virtual Cybersecurity Summit.
India's urban cooperative banks need to take a holistic approach to build a security governance structure, opt for an ASP services model and map their business-critical risks to comply with the RBI's security posture guidelines, according to a panel of experts.
Adopting a "security by design" approach and weaving it into the digital transformation road map helps organizations defend against cyberthreats, says Reem AlShammari, CISO at Kuwait Oil Co., who also advocates threat information sharing.
In a bid to reduce rising impersonation and identity theft cases, the Monetary Authority of Singapore is proposing to require the use of enhanced identify verification during mobile and online banking transactions.
An IAM strategy for remote workforces should ensure that key stakeholders are aligned in listing key applications, infrastructure is mapped and risk- and role-based authentication for measuring user risk profiles are applied, says UAE-based Mustapha Huneyd, director of customer security at Ericsson.
The year 2021 will see an increase in third-party risks, the evolution of MSSPs, and maturity in identity governance as enterprises in the Middle East region take a fast track approach to the 'cloud-first' strategy, according to a panel of experts.
Payments companies must secure their APIs and enhance their authentication standards in line with The Reserve Bank of India's guidelines to make QR codes interoperable and boost the electronic payments ecosystem.