As the Indian government pushes ahead with ambitious IT projects, such as Digital India, a key foundation is security-enabled digital assets, J.A. Chowdary, an adviser for information technology for the government of Tamil Nadu, said Thursday at ISMG's Cybersecurity Summit in Mumbai.
Ransomware attacks have taken an unwelcome turn: The Maze gang reportedly has begun leaking a victim's files to create pressure to pay a ransom. Security experts say they're not surprised by this development, but note that given the different skills required, such tactics may not become widespread.
Twitter users no longer have to supply a phone number in order to use two-step verification for authentication. The move will better protect accounts from SIM hijacking attempts and also means users don't have to sacrifice some of their privacy to enable a security feature.
This edition of the ISMG Security Report features an analysis of the very latest ransomware trends. Also featured: Discussions of Microsoft's move to DNS over HTTPS and strategies for tackling IoT security challenges.
Dopplepaymer ransomware, despite ongoing rumors, is not being spread via the Teams collaboration platform or BlueKeep remote desktop protocol flaws, Microsoft says. But it warns that the damaging crypto-locking code is being spread via stolen Active Directory administrator credentials.
Microsoft has outlined its plans for supporting the encryption of Domain Name System queries, which allows for more private internet browsing. The first step will be to upgrade connections to DNS over HTTPS, but allow admins to control DNS settings.
Multinational companies that must comply with widely varying privacy laws around the world should focus on a broad privacy strategy rather than a compliance strategy, says Vishal Salvi, CISO at Infosys.
Andy Bates, executive director of the Global Cyber Alliance, shares his insights on key cybersecurity and fraud challenges facing UK organizations in the year ahead, with an emphasis on:
How defenders and defenses must adapt
While IoT devices are entering enterprises at a rapid pace, the security practices around them are as much as 20 years behind those for enterprise computing, says Sean Peasley of Deloitte, who outlines steps organizations can take to ensure safe IoT computing.
To help security practitioners address their cybersecurity challenges, ISMG is hosting a Cybersecurity Summit on Nov. 21 in Mumbai, best practices in tackling cybersecurity issues. Among the speakers: Loknatha Behera, Kerala's state police chief, and former Supreme Court Justice B. N. Srikrishna.
As the level of cyber-risk faced by organizations of all shapes and sizes grows every year, security ratings services have emerged as important tools to help companies assess the level of risk imposed by their vendors as well as quantify their own security performance.
However, as the market matures and new...
The Australian Parliament's computer network was compromised in January after politicians browsed a legitimate website that was compromised. The watering-hole style attack resulted in a small amount of non-sensitive data being revealed, according to the leader of the Senate.
Why try to hack Silicon Valley firms if you can buy off their employees instead? Such allegations are at the heart of a criminal complaint unsealed last week by the Justice Department, charging former Twitter employees with being Saudi agents. Experts say tech firms must hunt for employees gone rogue.
India may soon have a single authority or agency responsible for the entire spectrum of cyber defensive operations. This is a good step that was long overdue. But the real test lies in actual implementation of the plan.
The latest edition of the ISMG Security Report offers an in-depth analysis of whether Instagram is doing enough to protect the contact information of minors. Plus: Compliance updates on GDPR and PCI DSS.