How far does an organization's risk surface extend, and who are the custodians of all that data? A new research report aims to answer those questions. In a joint interview, Kelly White, of RiskRecon and Wade Baker of the Cyentia Institute offer an analysis.
Two third-party Facebook application developers exposed users' personal information by leaving the data exposed without a password in unsecured Amazon Web Services S3 buckets, researchers from UpGuard say. One data set contained 540 million unsecured records, the report found.
An essential component of protecting payment information is devaluing the data that is transmitted so it's of no use to hackers, says Lance Johnson, executive director of the PCI Standards Security Council.
The National Internet Exchange of India, an autonomous body under the Ministry of Electronics and IT that maintains the .In registry and country code Top Level Domains, has switched to a new outsourcer for operations and maintenance. Some security experts are criticizing the move.
Organizations may have great cybersecurity intentions, but translating those desires into a robust security reality is often challenging, says Ratinder Ahuja, CEO of ShieldX Networks. That's why he advocates automation to ensure intention equals reality.
In an exclusive interview, IBM Security GM Mary O'Brien talks with ISMG about her first year in this role, addressing the skills crisis, application security, the cloud and how to defend against cyberattacks.
Too many organizations continue to approach security with a "perimeter defense" mindset despite enterprise networks long having moved past on-premises data centers to myriad cloud services, says Ajay Arora of Vera Security.