The need for PCI-DSS compliance is being embraced in Southeast Asia and the Middle East, with adoption of PCI standards increasing dramatically over the last five years, says Dharshan Shanthamurthy, CEO of SISA Information Security, who shares insights about why PCI adoption is likely to continue to grow.
Ukraine's central bank has confirmed that one of the country's banks fell victim to a fraudulent SWIFT heist in April. This latest such attack revelation should spur all SWIFT-using banks to assume they've been hacked, until proven otherwise.
As many as 250,000 credentials for Remote Desktop Protocol servers around the world may have been offered for sale on the now-shuttered xDedic cybercrime marketplace. So what can organizations do to mitigate related risks and avoid a major network intrusion?
Comodo made no new friends last week when it claimed that a nonprofit project, Let's Encrypt, stole its business model. Now, the digital certificate giant says it will not pursue applications aimed at securing trademarks using the phrase "Let's Encrypt."
In the wake of a majority of British voters opting to leave the European Union, the U.K. Information Commissioner's Office argues that the country should still comply with the EU's data privacy rules. But will politics get in the way?
Reacting to strong complaints from retailers, three major card brands have finally taken steps toward reducing the amount of counterfeit fraud chargebacks to U.S. merchants, which began as a result of the EMV fraud liability shift last October. But was the action by the brands bold enough?
In the event of a "Brexit" - British exit - from the European Union following this week's referendum, the U.K. would likely still have to comply with EU data protection laws, but also face cybercrime-related policing and prosecution challenges.
A report that the Russian government hacked into Democratic National Committee systems has security experts warning that just because malware was found on a hacked network, that doesn't mean a specific individual, group or nation-state was involved.
The annual Infosec Europe conference in London included a number of information security highs and lows, from hackers in hoodies and Guy Fawkes masks to free ice cream and Mikko Hypponen revealing that he too has been pwned.
Europe's biggest annual information security conference returns to London this week. Here's my pick of the top Infosec Europe sessions, with topics ranging from cybercrime and incident response to EU regulations and the Internet of Things.
In the wake of reports that 65 million stolen credentials from micro-blogging platform Tumblr have surfaced online, following 117 million LinkedIn credentials, it's clear that 2016 is fast becoming the year of what one security expert dubs "historical mega breaches."
Since California passed its pioneering data breach notification law in 2003, many other states and some countries have followed suit. Here's a closer look at the status of breach notification requirements in four regions.
The U.S. Congress delves into the issue of whether CISOs should report to CIOs, a topic that leads the Friday, May 27, 2016, edition of the ISMG Security Report, an on-demand audio report offered every Tuesday and Friday.
The business of executive email hacking is booming, with hundreds of millions of dollars lost in fraudulent wire transfers. But businesses can improve their processes to avoid inadvertently transferring funds to fraudsters, according to one expert.