"We came up with a structured, documented approach to respond to mitigating the Log4j vulnerability using the EDR scanning tools along with a code validation, containerization, and sandboxing of our applications and networks," says Ian Keller, security director at Ericsson.
Applying cloud access security broker’s three functionalities - API-level integration with managed device transfer for visibility, in-line CASB for proxy and other devices, and its control over cloud and other access points - helps provide better control and the ability to protect and secure user access, says Thomas...
Jeremy Grant, coordinator of the Better Identity Coalition, joins three ISMG editors to discuss important cybersecurity issues, including how the Biden administration’s executive order will advance the identity cause, and whether we are any closer to finally abandoning the password.
cloud migration, and the work from anywhere
model are opening up a world of possibilities
for organizations, pushing them to reinvent
core business models and unlock new revenue
On the other hand, from SolarWinds
to the recent Colonial Pipeline attack, it has
With the support of the recent executive order on improving the nation's cybersecurity, Zero Trust strategy is gaining greater recognition. But there is still a degree of resistance to Zero Trust adoption. Dr, Chase Cunningham, CSO of Ericom, discusses this and other issues around Zero Trust.
Securing operational technology (OT) systems for critical
infrastructure requires identifying and tracking a complete inventory
of all OT and IT endpoints. Only with a comprehensive inventory
that includes configuration data can companies protect against
unauthorized change, achieve compliance, mitigate risk...
The problem with decentralized access management, says Manuel Garat, head of IAM at digital travel company Booking.com, is that while you might know who or what needs access to your network, applications and data, you "don't always know who shouldn't have access."
The latest edition of the ISMG Security Report features an analysis of how cybercriminals are turning to cryptomixing services to conceal the proceeds of ransomware activities from law enforcement officials. Also featured: Criminals exploit a misconfigured FBI server and the future of zero trust.
A well-defined Identity Security strategy offers modern enterprises the peace of mind that their most critical assets are secure while accelerating business agility. But putting a plan in place that effectively secures the expanding number and types of identities can feel daunting. Where do you start? How do you...
With perimeter-focused architectures quickly becoming irrelevant, enterprises are looking toward identity-focused security measures to protect new “perimeterless” networks and new forms of working.
Identity Security for Dummies is a primer on securing digital identities across the enterprise.
In today’s digital environment, any digital identity — whether customer, remote worker, third-party vendor, device or application — can become privileged under certain conditions, creating an attack path to your most valuable assets.
Unrestricted cloud console access, excessive cloud entitlements, embedded...
In the past two years, the world experienced a significant shift in how many people work and transact business online. Digital identities used to connect remote workers suddenly became an even greater security target for attackers. Almost overnight, workplace trends from the last several years collided to create a new...
We live in an increasingly connected world. The issue of identity, and its inherent connection to security, is more important than ever. The explosion of cloud, mobile devices, and connected things, as well as the consumerization of IT, has increased the risk of a cyber security attack due to compromised identities,...
Zero Trust: Is it the operational model that's going to propel us into a more secure future? Or just another marketing message to be tossed onto the pile of past campaigns? In this latest Cybersecurity Leadership panel, the top minds in the sector weigh in on the present and future of Zero Trust.
CoinMarketCap says it has found no evidence of a data beach despite the circulation of a list of 3.1 million email addresses that correlates with accounts on its service. Regardless of the source, the list would be useful for attackers to launch phishing attacks against those interested in cryptocurrency.