This is a fundamental principle of the data privacy jurisprudence that the organization cannot disclose personal information without having prior consent of the data subject unless it is required by law. Global data privacy laws imbibed this principl
All Posts (2199)
Social Media has been the buzz word recently. While I am writing this post, there are more than 500 million active users accessing Facebook and 50% of active users log on to Facebook at least once a day from their office, home , coffee-shop , school,
Gone are the days when Open Source software (OSS) was only being used in educational institutions like universities, research organizations etc. Today most organizations use open source for a variety of reasons such as accelerating time-to-Market, re
Why do we need a CISO Handbook?
- There is no single consolidated source of comprehensive and precise operational knowledge that a CISO would need.
- CISOs need to browse through a sea of information to find what is relevant to them.
- CISOs feel the nee
Writing not only functional but secure applications is not a new concept or idea that has taken the Industry by storm. However, many Government and Commercial Organizations are still not adhering to or requiring their Organizations to adopt, implemen
You must have heard about recent breach at LinkedIn, which led to exposure of 6.5 million hashed passwords available for download at hacker site. Many of such passwords were decoded and published on an un-authorized website. Feds are involved in inve
There is a common misconception that cyber criminals and hacktivists only target large enterprises to reap a bumper. The reality is actually very different, recently published surveys reveal that
- 84% of Small and Medium Businesses had a security breac
Our dependence on E-services has increased tremendously. All such services have the usernames and Passwords. This is main gateway for entry in to systems. Apart from that, transactional passwords. Even the password with secured and digital certified
1. Run Time Application Security Protection (RASP)
Today applications mostly rely on external protection like IPS (Intrusion Prevention Systems), WAF (Web Application Firewall)etc and there is a great scope for a lot of these security features bei
A common question is why should we get a third party penetration testing company? Why not choose a team from your current technical group to handle the network security test? For one, security audits like traditional financial audits are better done
What is SAST?
SAST or Static Application Security Testing is the process of testing the source code, binary or byte code of an application. In SAST you do not need a running system.
What is DAST?
DAST or Dynamic Application Security Testing is the proc
Safe Penetration Testing – 3 Myths and the Facts behind them
Penetration testing vendors will often make promises and assurances that they can test your Web Applications safely and comprehensively in your production environment. So when performing P
The legal terms have specific meanings and connotations. Leave aside the specific jargon; there is ambiguity about the very basic terms, like law, rules and regulations. In this post I have made an attempt to unravel some of these basic terms.
Statut
Our special webinar by CISO Platform and WebSense, was a great success with over 120 CISO's registering for the webinar.
Key Areas Covered
- Which are the most commonly used data security controls?
- What are the best practices for an effective Data S
APT (Advanced Persistent Threats) is the talk of the town. There is too much of noise and confusion. Everybody wants to make money. Quite a few uses FUD (Fear Uncertainty and Doubt) to sell their products. I wanted to highlight the APT secrets which
Static Application Security Testing (SAST)
SAST or Static Application Security Testing is the process of testing the source code, binary or byte code of an application. In SAST you do not need a running system.
Pros
• SAST can pin point the code where
IT arena is like a security battle ground, where internet is fundamentally open considering the major far-ends like social media, mobility, cloud, virtualisation etc which leads to targeted attacks.
On any given day; any organisation can suffer irrepa
Jayantha Prabhu,CTO , Essar Group, talks to CISO Platform on the Top Security Trends that he feels, will define the future.
What do you think are the top technologies that will define the future?
As I see it, broadly the following technologies will
Is there anything common to Magic and Hacking? Is there a hacker in a magician? Is there a magician in a hacker?
In my personal journey, I adopted Magic first and later got acquainted with Hacking when I met my co-founder and started working on a prod
CISO Platform
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
Join CISO Community Share Your Knowledge (Post A Blog)