Forrester recently published a report that shows over two-thirds of European security decision-makers have begun to develop a zero trust strategy, and public sector organizations are leading the way. Forrester's Tope Olufon shares the cultural and regulatory roadblocks to zero trust.
With the rapid increase in digital transformation & hybrid work, organizations are noticing that the biggest vulnerability is with legacy MFA solutions that have failed to keep pace with the ever-evolving skills, technology and persistence of today’s cybercriminals.
The key to defending your organization’s...
Fraud is a growing industry globally. According to research from Technology Research Institute, businesses are seeing more than 50% of their new user accounts with false or incorrect data and an increase in fraud losses over the past 12 months.
Part of the reasons is because many businesses in Asia Pacific...
In the latest weekly update, John Kindervag, creator of zero trust and senior vice president of cybersecurity strategy at ON2IT, joins ISMG editors to discuss the top zero trust storylines of the year, the impact of ChatGPT on the cybersecurity industry and how to tackle MFA bypass attacks.
The founding team behind SOAR vendor Demisto has started a passwordless authentication and user management platform company that caters to the developer community. Descope helps developers embed authentication in the application build process and competes with Auth0 in the CIAM space.
Identity verification and lack of WebAuthn implementation in legacy applications and smartphones are two of the biggest challenges associated with adopting FIDO authentication. Merck Germany's Andreas Pellenghar also says the current setup of jumping to a browser to log in is turning people off.
Phishing is the number one way to compromise accounts, and Google's Christiaan Brand says passkeys have emerged as a great technical solution to the issue. He wants to ensure what FIDO Alliance has built benefits and is relevant to how Google wants to see passkeys implemented for its own accounts.
Modern retail organizations are moving data to the cloud while still accessing on-premises applications. This makes multi-factor authentication (MFA) software an important addition to the retail sector’s security strategy. Duo’s strong endpoint security helps protect credentials and helps stop lateral movement....
As global conflicts spill over into the digital realm, protecting the individual through to the enterprise has taken on a greater sense of urgency. Download the report to learn how companies responded to complex global challenges — or missed the mark — and more in Duo’s 2022 Trusted Access Report.
Security practitioners are putting cognitive psychology and customer experience at the forefront of new product development in a push for usability, says Trusona's Kevin Goldman. Getting user experience designers familiar with products allows them to speak meaningfully with the security team.
Multi-Factor Authentication (MFA) can be a highly effective way to safeguard your organization’s data, but that doesn’t mean it’s unhackable. And nobody knows that better than award-winning author and Data-Driven Defense Evangelist at KnowBe4, Roger Grimes. While researching his most recent book Hacking...
The guardrails organizations use to protect employee identities are often ineffective for contractors, business partners or vendors since they bring their own devices. Many businesses struggle to implement identity safeguards in a setting that's more heterogeneous and offers fewer controls.
PayPal is notifying 34,942 Americans that a hacker accessed their personal information during a two-day credential stuffing attack in early December. The San Jose, California-based company says it has not detected unauthorized transactions emanating from affected accounts.
Attackers have caught up with legacy multifactor authentication tools that use push technology or one-time passcodes, boosting the need for phishing-resistant MFA, says Jeremy Grant. In response, government officials such as CISA Director Jen Easterly have championed FIDO since it's mature and open.
Moving from certificate-based to FIDO authentication reduces overhead and complications for enterprises looking to move away from passwords, says Microsoft's Libby Brown. FIDO allows organizations to go passwordless by simply buying a FIDO key and turning it on in their Azure Active Directory.