Glen Hymers, CISO and head of data protection at the U.K.-based charity Save the Children International, says adapting to a cloud-first environment requires extensive security measures, including automated monitoring.
The Cyber Risk Institute this week is releasing a new version of its "Cyber Profile" risk assessment framework for the financial services industry that includes expanded information on third-party risk and cloud security. Institute founder, Josh Magri, describes the updates.
Attackers have been actively exploiting a flaw in Rackspace's hosted email service to send phishing emails, bearing legitimate and validated domain names, as part of business email compromise scams, warns IT security testing consultancy 7 Elements. Rackspace tells customers it plans to fix the problem soon.
A hybrid workforce, heightened insider risk, 5G concerns over the expanded attack surface - these are the "more" that people reference when they talk about "doing more with less" in 2021. A CEO/CISO panel discusses how security leaders prioritize budget allocations for these concerns.
Cybercriminals are continuing to take advantage of unsecured Amazon S3 buckets, with RiskIQ researchers recently finding card skimming code and redirects to a long-running malvertising campaign infecting several websites.
Addressing digital payment security challenges requires having good identity verification capabilities as well as a strong authentication process that's friction-free for consumers, says Singapore-based Gautam Aggarwal, senior vice president and regional chief technology officer, Asia Pacific, at Mastercard.
Organizations in India need to ramp up their authentication efforts in light of a 40% increase in cashless transactions since the start of the COVID-19 pandemic, which has led to increases in attempted fraud, security experts say.
The Reserve Bank of India's plans to create a self-regulatory organization by April to help oversee the digital payments system could help reduce the complexity of RBI's efforts to help ensure payments security, some security experts say.
MasterCard will acquire security startup RiskRecon for an undisclosed sum, the two companies announced Monday. The deal will allow MasterCard to offer third-party risk assessment to its business customers and consumers.
The Capital One data breach is in early stages of remediation. Art Coviello, former chair of RSA, which was breached in 2011, shares first-hand insight on steps the breached institution and its CEO should be taking now.
The Reserve Bank of India intends to do away with the one-time password authentication process for online transactions. In a step in that direction, for the first time, it's allowing widespread tokenization of debit, credit and prepaid card transactions to enhance the safety of digital payments.
An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA. Regulatory experts analyze the implications of the case.
Compliance regulations such as SWIFT and GDPR can be challenging to understand and implement. Many of these regulations have cybersecurity requirements that are focused on protecting critical banking infrastructure with aggressive timelines - and without disrupting the very business-critical systems you're trying to...
Lawsuits that card issuers have filed against Target to help recoup expenses associated with the retailer's breach aren't likely to reap big rewards, two legal experts say. But they are sending a strong message.