The security firm Okta shook up the identity and access management market Wednesday by announcing a $6.5 billion deal to acquire the customer IAM technology supplier Auth0. Two other cybersecurity M&A deals were also announced this week.
The SolarWinds supply chain attack is another example of the damage that lateral movement by system intruders can cause. Tim Keeler of Remediant describes why detecting lateral movement is so challenging.
At its core, Zero Trust aspires to eliminate persistent trust, and enforce continuous authentication, least privilege, and microsegmentation. This approach reduces the attack surface and minimizes the threat windows during which attackers can inflict damage, helping to protect against simple malware attacks to...
This edition of the ISMG Security Report features an analysis of the impact of a hacking campaign linked to Russia’s Sandworm that targeted companies using Centreon IT monitoring software. Also featured: a discussion of CIAM trends; a critique of Bloomberg's update on alleged Supermicro supply chain hack.
Controlling, monitoring, and auditing privileges and privileged access—for employees, vendors,
systems, applications, IoT, and everything else that touches your IT environments is essential for
protecting against both external and internal threat vectors, and for meeting a growing list of
In today’s perilous cyber world, companies must carefully check their vendors’ cyber posture, and the initial vetting of any third party typically begins with a comprehensive security questionnaire.
But these can be a headache, because many questionnaires include hundreds of questions, and many of them are...
What really makes a "strong" password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about your authentication methods?
For decades, end-users have borne the brunt of the password tyranny, a result of the IT industries'...
What's needed to make a shift from traditional IAM to CIAM? To start, an organization needs to look at fraud detection solutions and risk-based authentication technologies such as device intelligence and behavioral biometrics, says David Britton of Experian.
With so many recent high-profile breaches accomplished through the compromise of passwords on privileged accounts, it's time all cyber security stakeholders got educated.
This free, 24-page book, Privileged Account Management for Dummies, gives you, your IT staff, and business stakeholders a practical understanding...
The Universal Privilege Management model is an expansive approach to securing your entire universe of privileges along a journey that allows you to quickly address your biggest risk areas and immediately shrink your attack surface.
Download this guide to learn an approach that will set you up for success in:
Consumers hate passwords, criminals love them. And while the journey to passwordless authentication takes time, there are lessons to be learned from major global organizations who have started down the path. Dr. Rolf Lindemann of Nok Nok Labs shares insights.
Recent hacking incidents, including one targeting Twitter, are raising awareness of the importance of privileged access management, says David Boda, group head of information security for Camelot Group, operator of the U.K. National Lottery. He describes PAM best practices.
The latest edition of the ISMG Security Report features a discusssion with Equifax CISO, Jamil Farshchi, on the lessons learned from the credit reporting firm's massive data breach three years ago. Also featured: Australians' driver's licenses leaked; privileged access management tips.
This session is dedicated to our UK, EU and ME audiences and will provide practical steps to enable organisations to successfully implement a strategy of least privilege. Least privilege will allow you to eliminate unnecessary risk by elevating rights across multi platforms and networked devices without hindering...
The latest edition of the ISMG Security Report analyzes why ransomware gangs continue to see bigger payoffs from their ransom-paying victims. Also featured: Lessons learned from Twitter hacking response; security flaw in Amazon's Alexa.