Critical steps when implementing a privileged access management program include auditing of activities performed by administrators and continuous monitoring of user activity, says Sujit Christy, group CISO at John Keells Holdings, a conglomerate based in Sri Lanka.
The Universal Privilege Management model is an expansive approach to securing your entire universe of privileges along a journey that allows you to quickly address your biggest risk areas and immediately shrink your attack surface.
Download this guide to learn an approach that will set you up for success in:
Consumers hate passwords, criminals love them. And while the journey to passwordless authentication takes time, there are lessons to be learned from major global organizations who have started down the path. Dr. Rolf Lindemann of Nok Nok Labs shares insights.
The secure access service edge model, or SASE, treats identity as the new perimeter, says Lee Dolsen Singapore-based chief architect for Zscaler in the Asia Pacific region, who offers implementation insights.
Recent hacking incidents, including one targeting Twitter, are raising awareness of the importance of privileged access management, says David Boda, group head of information security for Camelot Group, operator of the U.K. National Lottery. He describes PAM best practices.
The latest edition of the ISMG Security Report features a discusssion with Equifax CISO, Jamil Farshchi, on the lessons learned from the credit reporting firm's massive data breach three years ago. Also featured: Australians' driver's licenses leaked; privileged access management tips.
The latest edition of the ISMG Security Report analyzes why ransomware gangs continue to see bigger payoffs from their ransom-paying victims. Also featured: Lessons learned from Twitter hacking response; security flaw in Amazon's Alexa.
The emerging cloud-delivered service model known as security access service edge, or SASE, is designed to help simplify security for remote access, says Sean Duca of Palo Alto Networks, who explains how the model works.
Chaos ensued when miscreants interrupted a virtual bail hearing on Wednesday for the suspected Twitter hacker, hijacking the feed with screams, chatter and, for a few brief seconds, pornography. The meeting details were public, and the meeting had not been password protected.
Twitter says attackers who hijacked more than 130 high-profile Twitter accounts used social engineering to bypass its defenses, including two-factor authentication on accounts. Experts say companies must have defenses in place against such schemes, which have long been employed by fraudsters.
An identity and access management strategy for a hybrid cloud environment should include single sign-on as well as multifactor authentication, says Andrew Koh, deputy general manager and regional lead-Risk at Habib Bank Ltd. in Singapore.
Using artificial intelligence and machine learning, bundled with an orchestration layer, will help CISOs mitigate cyberthreats, says Bharat Anand, chief of technology at NATGRID, the intelligence sharing network of the government of India.
Financial services organizations today face extraordinary challenges in a dynamic, complex landscape. During the past two decades, the financial services sector has seen everything from increasing cybersecurity threats, data breaches and cyberattacks to intensified regulatory compliance, an acceleration of digital...
Organizations deploying deception technology must make sure to integrate it with other technologies to reap the full benefits of intrusion alerts, says Anuj Tewari, global CISO at IT Services HCL Technologies.
It is important to have contextual authentication in place to manage privileged as well as less privileged accounts in an organization, says Avinash Tiwari, CISO and head, information security, at Pidilite Industries, a large manufacturing firm.