Many CEOs and boards of directors are failing their companies by not truly understanding their cybersecurity risks, says Steve Durbin of the Information Security Forum. He stresses that senior leaders must ensure their organizations provide adequate funding to manage risks.
The recent data breach at U.K.-based telecom company TalkTalk illustrates that breach risk mitigation is a critical issue worldwide. PCI's Jeremy King, who will be a featured speaker at ISMG's Fraud Summit London on Oct. 27, explains why European data security is getting more scrutiny.
Although cybesercurity awareness is growing in India, the nation is not making all the right moves, says Dinesh Bareja of the OpenSecurity Alliance and India Watch. Even as threats evolve and multiply, old challenges remain and are making themselves more keenly felt, he argues.
Dr. A S Ramasastri, IDRBT's director, says the enterprise security leader's office needs to be strengthened and empowered to tackle new threats and growing cyber espionage with an appropriate risk-based strategy.
The information security field has done a poor job of attracting and retaining women, contends Jo Stewart-Rattray, international director of ISACA, who emphasizes the need for mentoring as well as salary equity.
Potomac Institute's Melissa Hathaway suggests that Modi's Digital India should define security strategy in economic terms, and should include best practices from different nations to build a resilient cyber defense.
Trend Micro's Q2 Security roundup report indicates that existing attack vectors are getting starker, even as cybercrime is getting more commoditized. Myla Pilao shares key insight on the landscape in the region.
In the wake of the Oct. 1 EMV fraud liability shift date, U.S. merchants can expect to pay for counterfeit fraud losses previously absorbed by European issuers, says Jeremy King of the PCI Council. Longer-term, he expects European banks will experience more fraud as U.S. POS and card security leapfrogs other markets.
As a result of Experian's data breach, 15 million T-Mobile subscribers are at risk from phishing attacks and fraud. But it's not clear what more T-Mobile can do to protect breach victims, says security specialist Mark James.
Gartner research director Craig Lawson discusses three waves of threat intelligence services that can be leveraged by enterprises in building a threat detection model, while emphasizing what is driving the third wave.
Cybercrimnals are now using the Dyre and Dridex banking Trojans to gather massive amounts of data about individuals and companies that could enable them to track patterns of behavior, which might later help them evade intrusion detection, says Fox-IT's Eward Driehuis.
The commoditization of attack infrastructure and services in the cyber-criminal underground, and the low cost and ease of launching targeted attacks, are growing concerns that require new defense strategies, says Trend Micro's Raimund Genes.
In addition to having a dedicated individual or team responsible for privacy matters, organizations must ensure their information security and IT staffs are knowledgeable about data privacy issues, says Trevor Hughes, CEO of the International Association of Privacy Professionals.
PCI Council General Manager Stephen Orfei says the migration to EMV in the United States will facilitate faster adoption of contactless mobile payments. That's why mobile will be a hot topic at the PCI Council's annual North America Community Meeting this week.