The White House is preparing executive branch agencies to adopt "zero trust" network architectures by 2024, with CISA and the OMB overseeing the creation of technology road maps that departments must follow. This is a major component of President Biden's cybersecurity executive order.
The most sought-after type of victim for ransomware-wielding attackers is a large, U.S.-based business with at least $100 million in revenue, not operating in the healthcare or education sector, with remote access available via remote desktop protocol or VPN credentials, threat intelligence firm Kela reports.
The threat of ransomware and other credential theft attacks has only grown over the last year. According to the Verizon Data Breach Incident Report, credential theft accounted for 89% of web application breaches, and phishing attacks increased by 44% across 2020. The recent attack against the Colonial Pipeline company...
Security specialists are offering preliminary feedback on Microsoft's sneak peek at the new security measures to be included in the Windows 11 operating system, which is slated for release in December.
Election security improvements, the push for all software to ship with a "bill of materials" and the results of a long-running investigation into a lucrative digital advertising scam are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.
The White House has written to business leaders, urging them to prioritize having robust ransomware defenses in place. The move comes as the Biden administration pursues multiple strategies to combat ransomware and digital extortion, including ordering a new task force to coordinate all federal investigations.
Threat actors are focusing a lot on Active Directory today as it is a path for them to reach an organisations key data & applications. The versatility of Active Directory makes it a crucial target for hackers. Organisations learn new ways on how to protect this valuable target and mitigate the risks. Organisations...
Identity and access management strategies are a staple of any institution’s security approach. IAM allows campuses to know who its community members are, and they allow students, faculty, and staff to have appropriate access to resources and data. Without effective identity and access management practices, many of...
There are hundreds of billions of passwords in the world
today, with more being created every day. In fact, the
average business user maintains an astounding average
of 191 passwords.1 Unfortunately, these passwords represent
a fundamentally weak link in most organizations because
they will always be...
PASSWORDS ARE FATALLY FLAWED. EVERYONE KNOWS IT.
Eliminating passwords completely is the only answer –
not using stronger passwords, password vaults, or adding
friction with multi-factor authentication. But eliminating
passwords is just the beginning.
Don't Stop At Passwordless Authentification. Implement...
What really makes a "strong" password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about your authentication methods?
For decades, end-users have borne the brunt of the password tyranny, a result of the IT industries'...
Giving the right user secure access to a system, resource, application, or network hinges on one thing – accurately confirming the user’s identity. The problem is that attackers can steal and misuse these credentials for malicious purposes, and the organization would never know.
To protect against...
Customer identity and access management - CIAM - is coming of age, as enterprises seek a unified view of their customers. Keith Casey of Okta describes what CIAM maturity looks like - and how to get there via a new playbook.
In this eBook, Casey discusses:
How the CIAM conversation has changed in 2021;
The clear message from this year's Global Password Security Report is businesses still have a lot of work to do in the areas of password and access security.
Businesses are increasing their use of important security measures like multifactor authentication - but unfortunately employees still have poor password...