A new standard from the PCI Data Security Standards Council could help ease the way for smaller merchants worldwide, especially in developing nations, to move to cashless payments using a variety of devices, says Troy Leach, CTO for the council, who spoke last week at a conference in South Africa.
Al Pascual of Javelin Strategy and Research discusses a new report that shows that while crypto wallets may be considered to be at the sharp end of payments innovation, the security vulnerabilities they face are much the same as those that already exist in digital banking and payments.
Developing nations that are moving to digital payments, especially for the unbanked, need to keep in mind security lessons already learned in other markets, including Europe, says Steve Marshall, founder at Risk-X, a U.K.-based audit and risk assessment consulting firm.
The technology and operating models for identity and access management have evolved with time, but the way many enterprises approach IAM has not. How can security leaders modernize their IAM strategy in this era of unprecedented complexity? Patrick Wardrop of IBM Security shares insights.
Leading the latest edition of the ISMG Security Report: The Trump administration sanctions Russian organizations and individuals over U.S. election interference, the NotPetya campaign and energy sector hacks. Also featured: A deep dive into the use of so-called active defense.
Security operations center, or SOCs, will not lose their relevance even as Cyber SOCs become more common because both have strengths and weaknesses, says Shiju Rawther, head of technology infrastructure and security operations at a credit bureau in India.
With modern agile development practices, such as DevOps, the time for development has been significantly reduced. So security can no longer be just a step in the process; it needs to be a continuous part of the development lifecycle, says CA Technologies' Ayman Sayed.
As more data moves to the cloud, and cyberattacks multiply, organizations need to adopt an alternate paradigm of security, says Nikhil V. Bagalkotkar, a virtualization specialist at Citrix, who describes a new approach.
Leading the latest edition of the ISMG Security Report: America's top general says the U.S. response to Russian election interference isn't as well coordinated as it needs to be, and Pennsylvania sues Uber for failing to notify data breach victims in a timely manner.
Too many organizations lack an effective strategy for using the latest security technologies to protect their data centers, says Sridhar Pinnapureddy, founder and CEO at CtrlS Datacenter, Asia's largest Tier 4 data center.
Although more organizations are adopting cloud access security broker technology, CASB policy templates and runbooks, as well as best practices, are still evolving, says Rohit Gupta, group vice president for cloud security products at Oracle Corp.
Leading the latest edition of the ISMG Security Report: President Trump has not authorized the National Security Agency to go after Russian election hackers at the source. Also, 23,000 digital certificates get revoked after their private keys get leaked, and an analysis of deception technologies.
To prepare for compliance with the EU's GDPR, which will be enforced beginning in May, organizations must adopt a "privacy by design" approach, says Subhajit Deb, CISO at Dr. Reddy's Laboratories, an India headquartered pharmaceutical company that does business in 11 countries.
Despite the millions of dollars companies invest in cybersecurity programs, advanced persistent attackers constantly devise new means of breaking into corporate environments. How can deception technology offer a new alternative? Ofer Israeli of Illusive Networks explains.
Interest in deception technology is growing because it can play a valuable role in improving intrusion detection, says Anton Chuvakin of Gartner, who explains the intricacies of the emerging technology in an in-depth interview.