With enterprises now taking to the cloud in the APAC region, it's important to learn security lessons from western counterparts, says Cloud Security Alliance CEO Jim Reavis. He offers insights on dealing with risks and legacy IT.
Attackers could abuse flaws in Android's Stagefright media library to seize control of almost 950 million devices, just by sending a text, a security researcher warns. But will most devices ever see related fixes?
Visa's Eduardo Perez says one of the key merchant vulnerabilities his company is most concerned about is weak remote-access controls for point-of-sale systems and devices. He offers risk mitigation advice in this exclusive interview.
RSA Conference Asia Pacific and Japan, which wrapped up last week, was a successful reflection of this region's hottest security topics. Here are some of my own observations, as well as feedback from the attendees.
Security expert Alan Woodward is warning that enterprises should ditch RC4 after researchers demonstrated practical attacks that demolish the crypto that's widely used in enterprise WiFi devices and for TLS.
Virtualization and related developments bring significant changes to the architecture of today's data centers. At RSA Conference Asia Pacific & Japan, Cisco's Munawar Hossain defines these changes and outlines the new challenges.
RSA Conference Asia Pacific & Japan kicked off in Singapore with some power-packed keynote sessions by security leaders. Here are some of my first impressions about the tone set for the event and the days to follow.
The Ashley Madison dating website hack and threatened data release is a perfect illustration of the perils - and promise - of our Internet-connected, hacktivist age, whether it comes to online dating or the Internet of Things.
By now, organizations are well acquainted with DDoS. But do they understand the attacks' key components and how to mitigate them? Akamai's Matt Mosher shares the questions to ask when purchasing DDoS mitigation.
Misusing data access privileges can pose a threat to the integrity of an organization's IT systems and the privacy of individuals. But gray areas exist, and it's not always clear cut when "unofficially" accessing protected data means users are abusing their privileges.
As more enterprises adopt software-defined networking, hackers are finding the emerging technology to be a new route to penetrate organizations. Anthony Lim of (ISC)Â² recommends ways to secure SDNs against attacks.
With so much stolen PII available to fraudsters, it's time for banks and others to move to more sophisticated forms of authentication of customers' identities. Knowledge-based authentication is no longer reliable.
After jumping by 33 percent in 2014, the number of Americans who consider themselves IT security professionals has remained flat for the first half of 2015, according to an examination of federal government employment data. That's bad news for employers seeking IT security pros to hire.