As a strategy, organizations need to harness technologies that can provide real-time visibility to threats combined with intelligence-based automated technologies that can help contain the incidents, says Ajay Kumar, regional head of Cyber Security Services, Asia at Crowdstrike.
The Department of Defense did not effectively control access to the health information of high-profile personnel, says a new watchdog agency report, which hints that the findings also may indicate ineffective access control over other DoD employees' health records.
With more than 61% of breaches attributed to stolen passwords, a password manager can go a long way in helping enterprises enhance security, say Chandan Pani, CISO at Mindtree, and Lloyd Evans, identity lead, JAPAC, at LogMeIn.
The world is now focused on ransomware, perhaps more so than any previous cybersecurity threat in history. But if the viability of ransomware as a criminal business model should decline, expect those attackers to quickly embrace something else, such as illicitly mining for cryptocurrency.
To enhance privileged access management for operational technology, organizations should use specialized remote access solutions for vendors that are allowed to access OT networks, says Felix Gaehtgens, an analyst at Gartner.
Thycotic and Centrify recently merged to create a powerful new player in the privileged access management space. Art Gilliland, CEO of the new ThycoticCentrify, discusses this combined entity and the role it can play for enterprises small and large in ensuring cloud identity security.
From identity and access management to cloud migration and connected devices, retired RSA CEO Art Coviello looks beyond the pandemic and says, "It's going to be a Roaring '20s for technology." But he also foresees a potentially calamitous decade for security.
The security firm Okta shook up the identity and access management market Wednesday by announcing a $6.5 billion deal to acquire the customer IAM technology supplier Auth0. Two other cybersecurity M&A deals were also announced this week.
The SolarWinds supply chain attack is another example of the damage that lateral movement by system intruders can cause. Tim Keeler of Remediant describes why detecting lateral movement is so challenging.
This edition of the ISMG Security Report features an analysis of the impact of a hacking campaign linked to Russia’s Sandworm that targeted companies using Centreon IT monitoring software. Also featured: a discussion of CIAM trends; a critique of Bloomberg's update on alleged Supermicro supply chain hack.
In 2020, a cybercrime operation known as ShinyHunters breached nearly 50 organizations, security researchers say. And this year, it shows no signs of slowing down - it's already hacked e-commerce site Bonobo and dating site MeetMindful.
What's needed to make a shift from traditional IAM to CIAM? To start, an organization needs to look at fraud detection solutions and risk-based authentication technologies such as device intelligence and behavioral biometrics, says David Britton of Experian.
Critical steps when implementing a privileged access management program include auditing of activities performed by administrators and continuous monitoring of user activity, says Sujit Christy, group CISO at John Keells Holdings, a conglomerate based in Sri Lanka.
Consumers hate passwords, criminals love them. And while the journey to passwordless authentication takes time, there are lessons to be learned from major global organizations who have started down the path. Dr. Rolf Lindemann of Nok Nok Labs shares insights.