Apple Pay created plenty of buzz when it launched last year. Since then Google and Samsung have followed suit with their own payment app alternatives. But choosing to become part of these brands’ payment ecosystems can be more costly than many financial institutions realize. There are important factors to consider before these banks and businesses should effectively give over control of their customer. Financial institutions that sign on with Apple Pay give up a portion of interchange, as well as important control of customer data, branding and other opportunities to streamline and offer value-added banking services. Apple Pay with its…
Author: ISBuzz Team
Dr Nithin Thomas, founder and CEO of security start-up SQR Systems commented on the following announcement that the ETFS LSE Cyber Security UCITS fund (ISPY), the first dedicated investment fund for security, has floated on the London Stock Exchange. [su_note note_color=”#ffffcc” text_color=”#00000″]Dr Nithin Thomas, Founder and CEO of cybersecurity Firm SQR Systems : “The float of the first dedicated cyber security fund in the UK this morning is excellent news for the sector. The strategic importance of cybersecurity for the country is enormous, and a dedicated fund listed on LSE is a step in the right direction. I hope we…
Security blogger Brian Krebs has reported that multiple sources in the banking industry say they have traced a pattern of credit card fraud that suggests hackers have compromised point-of-sale registers in gift shops and restaurants at a large number of Hilton Hotel and franchise properties across the United States. Hilton says it is investigating the claims. Mark Bower, global director of product management, enterprise data security for HP Data Security commented on the hilton hotel breach. [su_note note_color=”#ffffcc” text_color=”#00000″]Mark Bower, Global Director of Product Management, Enterprise Data Security for HP Data Security: “Once again we see that resorts and hospitality…
Technology vendors like to discuss the business value of our solutions, but we are often less keen to discuss deployment technicalities (this is mostly true for marketing folks like me). However, because the enterprise IT environment is undergoing a major transformation driven by Cloud and mobility, we need to reevaluate some of our core assumptions about enterprise architecture and best practices. Historically, the enterprise network was physically bound to specific locations like the corporate headquarters, a branch office and a datacenter. When deploying a security solution to protect it all, the natural point for a layer of security was at…
Simplicity is key to a secured enterprise Security is a unique IT discipline. It overlays and supports all other disciplines: computers, networks, storage, apps, data. As IT evolves, so does IT security (often with a considerable lag). The introduction of personal computing gave rise to endpoint protection suites and AV capabilities. Networks drove the introduction of the firewall. Applications spawned multiple security disciplines from two-factor authentication to secure app development, vulnerability scanning and web application firewalls. Databases introduced encryption and activity monitoring – and to manage all these capabilities we now have Security Information and Event Management (SIEM) platforms. Security…
WinMagic survey reveals businesses struggling to catch up to cloud storage revolution 65% of employees don’t have or don’t know the company policy on cloud storage 1 in 10 employees who use cloud storage services at least once a week have no confidence in the security of their data saved and accessed from the cloud Cloud storage use varies widely – 41% use cloud services at least once a week, whilst 42% never use these services at all 1 in 20 employees who use cloud services at least once a week, do so despite these services being restricted by their…
Digital Guardian Now Delivers Next Generation Data Protection to Endpoint, Network, Cloud and Mobile Devices Digital Guardian, the only endpoint security platform purpose- built to stop data theft, has acquired Code Green Networks, a provider of Data Loss Prevention (DLP) solutions for the network, cloud and mobile devices. Code Green Networks’ TrueDLP™ solution is comprised of Network DLP, Discovery DLP and Cloud DLP, and locates sensitive data resting on databases and network servers, including data in the cloud. Founded in 2004 in Sunnyvale, Calif., privately held Code Green Networks helps enterprises protect and manage regulated and other sensitive digital information.…
Software presents a particularly vexing problem for most organisations. On one hand, enterprise applications are mission-critical, running every facet of operations, from front-office to back-office. On the other hand, software is one of the most difficult of corporate assets to manage – resulting in massive financial waste, inefficiency, and also cybersecurity risk. The Challenges of Software Asset Management (SAM) Most organisations spend approximately 25 percent of their IT budgets on software. But unlike physical assets like desks, chairs or machines, software is an extremely difficult asset to keep track of and inventory. Consider all the desktops, laptops, mobile devices, servers…
CREST, CSA and AISP work together to introduce penetration testing certifications in Singapore CREST has signed a Memorandum of Intent (MOI) with the Cyber Security Agency of Singapore (CSA) and the Association of Information Security Professionals (AISP) in Singapore to work together to introduce CREST certifications for penetration testing in Singapore. CREST, a UK-headquartered not for profit organisation, will work with AISP, a local body for information security professionals, with the support of CSA, to establish a CREST Singapore Chapter and offer penetration- testing certifications. This initiative was developed in collaboration with the Monetary Authority of Singapore (MAS), the Association…
The Android Stagefright bug is back and this time, the flaw allows an attacker to hack Android smartphones just by tricking users into visiting a website that contains a malicious multimedia file, either MP3 or MP4. More than 1 Billion Android devices are vulnerable to hackers. Security experts from Tripwire, Veracode and Rapd7 have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Craig Young, Security Researcher at Tripwire : “ASLR is not a secure coding technique but rather a feature provided by the operating system to block an important step in the exploitation process. For example, with the initial stage fright release,…