Vendor risk management is becoming more critical as companies rely more on partners who have access to payment card data and other sensitive information, says Ramon Lipparoni, IT integration manager at ComAir, a South African airline. One critical step, he says, is conducting impromptu vendor audits.
Organizations in the Middle East and Central Asia are beginning to respond to the nuances of the evolving threat landscape in the region, says Tata Communication' Avinash Prasad in this exclusive interview.
A recent incident involving an Indiana hospital that publicly admitted to paying a $55,000 ransom to unlock data following a ransomware attack - despite having backup systems - highlights the need to test data recovery plans.
Most of the criminal activity targeting today's enterprises originates at the endpoint, and the majority of modern breaches use known threats or vulnerabilities for which a patch already exists. For this reason, endpoint visibility must be complete and continuous.
As data breaches increase in scale and frequency, businesses must ensure an effective, swift and well-orchestrated response. To help them, ISMG on Wednesday and Thursday will host a Fraud and Breach Prevention Summit in Mumbai offering insights from 20 leading CISOs and many other experts.
Every new cybersecurity regulation includes at least some emphasis on improving vendor risk management. But what happens when vendors balk at the extra degree of scrutiny required? Moffitt Cancer Center's Dave Summitt describes his risk-based approach to business associates.
The United Kingdom might be greater than the sum of its parts. But when it came to the WannaCry outbreak, some parts of the United Kingdom did less great than others. Here's how the governments and health boards of Scotland, Northern Ireland and Wales are responding.
Equifax is facing increased scrutiny from Congress, including a bill that would mandate free credit freezes for consumers, on demand. But a true fix would require Congress to give U.S. government consumer watchdogs more power.
Carbon Black rolled with the punches last week after it was accused of exposing customer data via a bug in one of its endpoint detection products. It turned out there was no bug. But the company has gone back and uncovered a bug that did expose customer data, albeit on a small scale.
Security comes to Las Vegas this week in the form of Black Hat USA 2017. Hot sessions range from an analysis of power grid malware and "cyber fear as a service" to details of two major hacker takedowns and how the world's two largest ransomware families cash out their attacks.
In the wake of the reported FBI probe into Moscow-based Kaspersky Lab, here's a question: Could a government compel a domestic cybersecurity firm to ignore state-sponsored malware, or even add backdoors to its software or hardware products, without getting caught?
Health insurer Anthem has agreed to a proposed $115 million deal to settle a class action lawsuit over a 2015 cyberattack that resulted in data breach affecting nearly 78.9 million individuals. If approved, lawyers say it would be the largest data breach settlement ever.
The back story behind the ransom attack that led to the unauthorized early release of the Netflix series "Orange Is the New Black" is a cautionary tale in dealing with cyber extortionists such as The Dark Overlord.
Hackers can breach air-gapped voting machines and tallying systems in an attempt to alter ballots to sway the outcome of an election, a Senate panel has learned. Also, at the hearing, DHS discloses that Russian hackers targeted 21 state election systems before the 2016 election.