Alphabet's Google has purchased stand-alone security orchestration, automation and response vendor Siemplify for about $500 million in cash, to bolster the threat detection and response capabilities built into Google's Chronicle security analytics platform.
The U.S. Federal Trade Commission reports that impostor scams were the #1 type of fraud reported by consumers last year, with losses to American consumers nearly $30B. UK Finance reported an increase in authorized push payment fraud last year with loss of more than £479M, and top UK bank Barclays reported a 20%...
The Southeast Asian region will see a spike in multifaceted extortion with more public breaches, along with an increase in ransomware-as-a-service operations in 2022, says Singapore-based Yihao Lim, principal intelligence adviser at Mandiant Threat Intelligence.
It is particularly challenging for financial institutions to catch authorized push payment fraud. But behavioral metrics can play a big role in detecting these incidents, says Steve Ledford of The Clearing House.
As employees connect to servers each morning via VPN to download the valuable corporate data that they need for the day, compliance and security are easily jeopardized. As soon as the employee disconnects from the VPN, corporate oversight goes blind, and compliance can't be maintained.
There are precautions and...
Changes in work environments, including the transition to remote working, have led to an increase in demand for assessing and managing insider risk. Security and risk management leaders should evaluate how insider threat solutions can support their security objectives without alienating their workforce due to privacy...
What's needed to make a shift from traditional IAM to CIAM? To start, an organization needs to look at fraud detection solutions and risk-based authentication technologies such as device intelligence and behavioral biometrics, says David Britton of Experian.
Adopting a "security by design" approach and weaving it into the digital transformation road map helps organizations defend against cyberthreats, says Reem AlShammari, CISO at Kuwait Oil Co., who also advocates threat information sharing.
This whitepaper provides guidance and clarity on the following: it explains important distinctions and advises on how to assess a potential
vendor; it provides valuable insight into data-breach trends; it offers an easy-to-follow nine-step process for implementing and executing a data protection strategy in a manner...
An organization has successfully implemented a "zero trust" framework when it can achieve context-aware resolution of a risk, says Dr. Siva Sivasubramanian, CISO of SingTel Optus, an Australian telecommunications firm.
The key components of an effective "zero trust" architecture include multifactor authentication, network segmentation and a defense-in-depth approach, says Dr. Erdal Ozkaya, regional CISO and managing director at Standard Chartered Bank in the United Arab Emirates.
European banks are not ready to meet the Dec. 31 deadline to comply with the PSD2 regulation, which requires strong customer authentication when providing API access to banking platforms, says Dr. Steven J. Murdoch, a principal research fellow at University College of London.
When implementing a cybersecurity risk framework, enterprises should use a structured approach to identity and evaluate and manage the risks posed by increased digital transactions during the pandemic, says Dmitry Chernetsky, global presales expert, Kaspersky-APAC.
Security teams need to respond to new threats by adding new analytic capabilities to their SOC, giving them more insight into potential threats.
They need tools that allow security professionals to automate certain processes so they can focus on the real alerts -- that is, the real threats. It's time to build a...