-
Incident non-disclosure amounts to hiding facts from shareholders
It’s time Indian regulators recognize security incidents as a business risk, and make it mandatory for organizations to disclose risks and incidents.Opinion
-
RSA SecurID breach: Executives attempt to repair tarnished image
While the RSA SecurID breach cost EMC’s security division more than $60 million, executives admit it could take years to restore its tarnished image.News | 16 Jan 2012
-
Emerging 2012 security trends demand information security policy changes
2012 security trends involving cookies, fines, devices and threats will demand more skills -- and a little finesse -- from security professionals.News | 29 Dec 2011
-
Preparing for latest security attacks means planning for failure
Any security defence may, at some point, fail. Experts at RSA Europe said security pros must be agile to dodge the latest security attacks.News | 21 Oct 2011
-
The IT (Amendment) Act 2008 Guide: Mapping India’s infosec revolution
Starting with the establishment of the Information technology (Amendment) Act 2008, we chart the timeline of how Indian infosec has seen regulation.Tutorial
-
Freeze frames from Securitybyte 2011 Day 2
As Day 2 of Securitybyte 2011 clears the way for two more days of action-packed workshops, we take a look at today’s highlights.News | 07 Sep 2011
-
Securitybyte 2011 v2.0 Day 1: Photo feature
The second edition of Securitybyte 2011 is being held from September 6 – 9, 2011 in Bangalore. Vignettes from Day 1 of the international infosec conference.News | 06 Sep 2011
-
Top incident response steps: Incident response team responsibilities
Do you know the proper incident response steps to handle a breach? Expert Davy Winder covers how to manage incident response team responsibilities.Tip
-
Insider threats a major concern for India Inc: DSCI-PwC study
50% of surveyed IT/BPO cos feel insider fraud perpetrators don’t belong to core IT departments; believe current employees are primary insider threats.News | 29 Jun 2011
-
ICASI publishes new vulnerability reporting framework
A new Common Vulnerability Framework sets a standard so organizations can share vulnerability information in a common readable format.News | 23 May 2011
- VIEW MORE ON : Incident response management best practices
-
CEH certification gains credence in IT security domain
CEH certification is much sought after in the IT security domain today. Here’s how you can obtain CEH certification and why you should attempt do so.Feature
-
Information security budgets: Five steps to obtain management buy-in
Getting management to approve security budgets is difficult. Here are guidelines to help you prepare and present information security budgets effectively.Tip
-
PCI Council urges P2P encryption for mobile payments
A PCI Council guidance document requires merchants to use a validated PIN entry device or secure card reader to accept payments using mobile devices.News | 16 May 2012
-
Android security model doing best to enable mobile malware spread
At Information Security Decisions 2012, Dan Guido put the mobile malware focus on the Android security model and Google’s mobile app vetting process.News | 16 May 2012
-
POS terminal security: Best practices for point of sale environments
Securing point of sale (POS) environments can be tricky. Shobitha Hariharan and Nitin Bhatnagar share comprehensive POS terminal security best practices.Tip
-
PCI virtualization compliance still a challenge
No black and white when it comes to PCI compliance in virtualized environments, experts say.News | 09 May 2012
-
11 security audit essentials
IT security audit tools automate the IT security audit process, making it more efficient and effective. Here are 11 must-have IT security audit tools.Photo Story
-
Essar’s WAN encryption strategy to secure data in motion: In focus
Indian conglomerate Essar puts WAN encryption in place using Cisco’s GET VPN to protect data flows between remote locations. A closer look.Case study
-
6 point SIEM solution evaluation checklist
With SIEM solutions gaining steam in India, Satish Jagu of Genpact shares concise tips based on the lessons from his SIEM implementation experiences.Tip
-
5 data loss prevention tool implementation mantras
Even as data loss prevention tools gain momentum, successful implementations call for a few prerequisites. Manish Dave, group CISO, Essar shares tips.Tip
- VIEW MORE ON : Enterprise risk management strategies
-
Vodafone India’s PCI DSS compliance journey: A dissection
With Vodafone India’s PCI DSS compliance journey in its third iteration, we share practical PCI DSS tips and ground realities from the telecom major.Feature
-
IDFC’s information security awareness week tastes success with ‘Mr Gobo’
Financial major IDFC set out to craft its information security awareness initiative with a portal that led users via a ‘Mafia don’s den’. Step in for more.News | 08 Feb 2012
-
Funding, carelessness, hurdles to secure networks: Dr Whitfield Diffie
Cryptographic pioneer Dr. Whitfield Diffie spoke at SecurityByte 2011 in Bengaluru, where SearchSecurity caught up with him. Here’s what he had to say.News | 15 Sep 2011
-
Map your data classification policy to controls effectively: How-to
Data classification policy plays an important role in control implementation and effectiveness. We take a look at the involved parameters.Tip
-
Pitch for security investment planning: How-to
Security investment planning for a scalable future-proof business infrastructure can be tricky. Here’s how you can prepare the business case.Tip
-
Three mobile device security policy lookouts from ISF
Advice from Information Security Forum (ISF) on how to draft a comprehensive mobile device security policy, given the evolving mobile device environment.Tip
-
Leveraging ISO 27005 standard’s risk assessment capabilities
In this first of a series of articles on risk assessment standards, we look at the latest in the ISO stable; ISO 27005’s risk assessment capabilities.Tip
-
Security awareness training mantras from Central Bank of India
Get insights into Central Bank of India’s comprehensive information security awareness training programs.Tip
-
Mature data loss prevention: 8 questions to ask your vendor
To determine if a data loss prevention (DLP) solution truly meet your organization’s needs, there are certain clarifications you always require.Tip
-
Implement ISMS and sustain it, with these tips
ISMS implementation for obtaining ISO 27001 certification is only half the job. Going forward, these best practices are critical to sustain the ISMS.Tip
- VIEW MORE ON : Information security policies & end-user awareness
-
Information security budgets: Five steps to obtain management buy-in
Getting management to approve security budgets is difficult. Here are guidelines to help you prepare and present information security budgets effectively.Tip
-
PCI Council urges P2P encryption for mobile payments
A PCI Council guidance document requires merchants to use a validated PIN entry device or secure card reader to accept payments using mobile devices.News | 16 May 2012
-
Android security model doing best to enable mobile malware spread
At Information Security Decisions 2012, Dan Guido put the mobile malware focus on the Android security model and Google’s mobile app vetting process.News | 16 May 2012
-
POS terminal security: Best practices for point of sale environments
Securing point of sale (POS) environments can be tricky. Shobitha Hariharan and Nitin Bhatnagar share comprehensive POS terminal security best practices.Tip
-
PCI virtualization compliance still a challenge
No black and white when it comes to PCI compliance in virtualized environments, experts say.News | 09 May 2012
-
BYOD security policy, not MDM, at heart of smartphone security
Effective security policies, not a mobile device management platform, will solve corporate mobile device security issues, according to a security expert.News | 13 Apr 2012
-
HDFC Bank’s enterprise security framework up close
Indian BFSI major HDFC Bank’s enterprise security framework is based on its ‘4 pillars of information security’. Join us as we gain insights from HDFC Bank.Tip
-
Vodafone India’s PCI DSS compliance journey: A dissection
With Vodafone India’s PCI DSS compliance journey in its third iteration, we share practical PCI DSS tips and ground realities from the telecom major.Feature
-
Industry is doomed by automation, misguided IT security strategy, experts warn
Blunt experts at InfoSec World said enterprise IT security strategy often misses the mark, but some attendees suggested the experts are out of touch.News | 04 Apr 2012
-
India Inc guns for SIEM tools as maturity, viability drive growth
SIEM tool adoption in India is rising, spurred by growth in maturity of both SIEMs and organizations. We take a broad status check of the Indian SIEM space.Feature
- VIEW MORE ON : Business compliance management
-
CEH certification gains credence in IT security domain
CEH certification is much sought after in the IT security domain today. Here’s how you can obtain CEH certification and why you should attempt do so.Feature
-
Cybersecurity career experts: Mobile app security skills hot in 2012
The increase in smartphones and other mobile devices has fueled demand for IT security pros with mobile app security and networking skills, say several cybersecurity career experts.News | 28 Dec 2011
-
(ISC)2 at a crossroads: CISSP value vs. security industry growth
Should the (ISC)2 look to grow the pool of CISSPs to meet demand, or boost CISSP value for those who already have it? Eric B. Parizo looks at both sides.Opinion
-
CEH certification in a nutshell: A Tutorial
CEH certification is valued in top organizations worldwide. Find out how you can obtain CEH certification in India and boost your career prospectsTutorial
-
Network Intelligence India Pvt. Ltd. (NII Consulting)
Network Intelligence India Pvt. Ltd. (NII Consulting) is an Indian provider of information security services and products.Definition
-
MS-CLIS at IIIT Allahabad: Evaluation of the post grad course in infosec
With numerous infosec certs to choose from, we look at how the master’s in information security and cyber law (MS-CLIS) at IIIT Allahabad is differentCareer Guide
-
nullcon Dwitiya - The inside gyan on nullcon 2011
Join us as we catch up with the who’s who of elite Indian whitehats at nullcon 2011 in Goa. Here’s an exclusive view of nullcon Day Zero’s top sessions.Conference coverage
-
Five CISO skills for the evolving business environment
Today, the CISO has to transition from being a compliance officer and become a business facilitator for survival. What are the new skills that CISOs need?Tip
-
Crack CISSP exam with these tips
Here are some guidelines to help you sail through the Certified Information Systems Security Professional (CISSP) exam and obtain the CISSP certification.Tip
-
Career networking strategies: Alternatives to infosec certification
Certification isn't the only way to set yourself apart in the eyes of potential employers. Learn networking strategies to get your name in front of the right people.Tip
- VIEW MORE ON : Information security certifications and training