Gartner has recognized Entrust, Incode, Jumio, Socure and Sumsub as identity verification leaders amid a rise in regulatory demands and fraud prevention requirements. Identity verification was historically used for regulated onboarding in industries like banking, gambling and cryptocurrency.
Iranian cyber actors are increasingly using brute force techniques, such as password spraying and multifactor authentication push bombing, to target critical infrastructure sectors, according to a cybersecurity advisory released Wednesday by the Cybersecurity and Infrastructure Security Agency.
The financial services industry (FSI) is in the midst of a digital transformation, investing in technologies and strategic partnerships to create efficiencies, support flexible work models, and meet shifting competitive and consumer demands.
However, as financial institutions become more digital and interconnected,...
No industry understands risk better than insurance, but insurance companies are in a precarious position—they have a duty to act in the best interests of their policyholders, yet policyholders’ trust in them is damaged every time the industry endures a cyber attack.
Check out this whitepaper to see how...
Passwords are ingrained in every aspect of the traditional Identity and Access Management (IAM) identity lifecycle stages. Unfortunately, stolen passwords are one of the largest threat vectors that cyber criminals use to make inroads into a company.
Download this EBook to see how organizations are evolving from...
Data warehousing platform Snowflake rolled out default MFA - as well as a 14-character password minimum - to shore up security in the wake of a series of cyberattacks in June that hit high-profile customers including Santander Bank, Advance Auto Parts, LA Unified School District and Neiman Marcus.
Authentication requiring stored credentials is not only vulnerable to phishing and other compromises, but using these credentials can also be cumbersome for busy clinicians, said Tina Srivastava, co-founder of Badge, a provider of deviceless, tokenless authentication technology.
An AI-powered virtual care provider's unsecured database allegedly exposed thousands of sensitive mental health and substance abuse treatment records between patients and their counselors on the internet - where they were available to anyone, said the security researcher who discovered the trove.
Microsoft's Sherrod DeGrippo delves into the rise of SIM swapping, the role of social engineering in cyberattacks, and the emerging use of AI by threat actors. She emphasizes the need for real multifactor authentication and advanced strategies to counter these evolving threats.
The Department of Health and Human Services is facing some of the same cloud security problems as the healthcare organizations it regulates: weaknesses in a dozen different cloud security controls and inventories of cloud systems, according to an inspector general's audit report.
The Monetary Authority of Singapore said banks will phase out one-time passwords for bank account logins over the next three months for customers who use digital tokens to authenticate their identity. The move follows a rise in phishing scams that impersonate banks in messages to steal credentials.
Keith Bergin, vice president of corporate claims at Tokio Marine HCC, explains how cyber insurers evaluate security measures such as MFA and administrative access control, and describes the integration of threat intelligence and pre-breach services to enhance policyholder security.
In the latest weekly update, ISMG editors discussed the fallout from the recent Snowflake breach and its impact on 165 companies and their users, the ongoing challenges in combating online fraud, and takeaways from ISMG's cybersecurity summit in Chicago.
Who's responsible for the data breaches experienced by customers of the data warehousing platform Snowflake due to credential stuffing attacks? While users have security responsibilities, multiple platforms - including Snowflake - have shortcomings they must urgently address.
In the latest weekly update, ISMG editors discussed critical infrastructure security challenges, a report on the 2022 Medibank breach compromising personal data for 10 million people, and Fortinet's acquisition to integrate Lacework's cloud-native security into its Security Fabric and SASE platform.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.