Australia's mandatory data breach notification law, which goes into effect next February, brings a host of new requirements. Gordon Hughes, an attorney and data protection expert, discusses what organizations need to be aware of ahead of its implementation.
By 2020, organizations will be spending $100 billion annually on cybersecurity products and services. But are they securing the assets that matter most to their enterprises? RSA's Peter Beardmore discusses the emerging concept of business-driven security.
It's boom time for the ransomware business as criminals continue to make easy cryptocurrency paydays via crypto-locking attacks. AlienVault's Javvad Malik and Chris Doman detail how crowdsourced threat intelligence can help in the fight against this threat.
Organizations rely on a variety of outside firms to deliver security services. But how can they get the most value? Catherine Buhler, CISO of BlueScope Steel, shares how she challenges managed security services providers.
Millions of connected devices already have been potentially compromised - inside and outside of the enterprise. Phil Marshall of Tolaga Research is concerned about when and how attackers will take advantage of these in the next big IoT strike.
AusCERT is one of the oldest CERT's in the world, and Phil Cole says the independent organization is now laser-focused on helping enterprises across sectors to fundamentally improve their strategies and solutions for incident response.
Demands by politicians that people must be willing to surrender their privacy rights to help security services battle cybercrime are shorthand for governments having significantly underinvested in the required resources, says information security expert Brian Honan.
As the global threat landscape shifts, so does Kaspersky Lab. Moving from its traditional cybersecurity focus, Kaspersky now is honing in on fraud prevention. Emma Mohan-Satta describes this shift and what it means for security and anti-fraud leaders.
Multifactor authentication is essential to securing mobile payments as part of a multilayered defense, says Michael Lynch of Inauth, who explains a fraud-fighting strategy.
The recent WannaCry ransomware campaign has led to more healthcare organizations paying closer attention to cybersecurity and the latest threats, says Lee Kim of the Healthcare Information and Management Systems Society.
In light of the sophisticated phishing campaigns by Pawn Storm and other groups, organizations must devise new ways to fight these threats, says Jon Clay of Trend Micro.
Although it's important to work with law enforcement after a data breach, organizations need to be careful about what information they share, says attorney Ruth Promislow, partner at Bennett Jones LLP.
As healthcare organizations build patient portals, they must address user authentication and a variety of other security issues, much like those involved in online banking, says Erik Devine, chief security officer at Riverside Healthcare in Illinois.
Analytics can play a critical role in cracking down on identity fraud, says Shaked Vax, Trusteer products strategist at IBM Security, who explains how to use the latest tools to identify network intruders.
Healthcare organizations that rely too heavily on HIPAA compliance are coming up short when it comes to security, says Jennings Aske, an attorney who's CISO at New York-Presbyterian. A far better approach, he says, is to rely on the NIST cybersecurity framework or other comprehensive frameworks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
