This edition of the ISMG Security Report features an analysis of the impact of a hacking campaign linked to Russia’s Sandworm that targeted companies using Centreon IT monitoring software. Also featured: a discussion of CIAM trends; a critique of Bloomberg's update on alleged Supermicro supply chain hack.
Controlling, monitoring, and auditing privileges and privileged access—for employees, vendors,
systems, applications, IoT, and everything else that touches your IT environments is essential for
protecting against both external and internal threat vectors, and for meeting a growing list of
What really makes a "strong" password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about your authentication methods?
For decades, end-users have borne the brunt of the password tyranny, a result of the IT industries'...
What's needed to make a shift from traditional IAM to CIAM? To start, an organization needs to look at fraud detection solutions and risk-based authentication technologies such as device intelligence and behavioral biometrics, says David Britton of Experian.
Critical steps when implementing a privileged access management program include auditing of activities performed by administrators and continuous monitoring of user activity, says Sujit Christy, group CISO at John Keells Holdings, a conglomerate based in Sri Lanka.
The Universal Privilege Management model is an expansive approach to securing your entire universe of privileges along a journey that allows you to quickly address your biggest risk areas and immediately shrink your attack surface.
Download this guide to learn an approach that will set you up for success in:
Consumers hate passwords, criminals love them. And while the journey to passwordless authentication takes time, there are lessons to be learned from major global organizations who have started down the path. Dr. Rolf Lindemann of Nok Nok Labs shares insights.
The secure access service edge model, or SASE, treats identity as the new perimeter, says Lee Dolsen Singapore-based chief architect for Zscaler in the Asia Pacific region, who offers implementation insights.
Recent hacking incidents, including one targeting Twitter, are raising awareness of the importance of privileged access management, says David Boda, group head of information security for Camelot Group, operator of the U.K. National Lottery. He describes PAM best practices.
The latest edition of the ISMG Security Report features a discusssion with Equifax CISO, Jamil Farshchi, on the lessons learned from the credit reporting firm's massive data breach three years ago. Also featured: Australians' driver's licenses leaked; privileged access management tips.
This session is dedicated to our UK, EU and ME audiences and will provide practical steps to enable organisations to successfully implement a strategy of least privilege. Least privilege will allow you to eliminate unnecessary risk by elevating rights across multi platforms and networked devices without hindering...
The latest edition of the ISMG Security Report analyzes why ransomware gangs continue to see bigger payoffs from their ransom-paying victims. Also featured: Lessons learned from Twitter hacking response; security flaw in Amazon's Alexa.
The emerging cloud-delivered service model known as security access service edge, or SASE, is designed to help simplify security for remote access, says Sean Duca of Palo Alto Networks, who explains how the model works.
Chaos ensued when miscreants interrupted a virtual bail hearing on Wednesday for the suspected Twitter hacker, hijacking the feed with screams, chatter and, for a few brief seconds, pornography. The meeting details were public, and the meeting had not been password protected.
Twitter says attackers who hijacked more than 130 high-profile Twitter accounts used social engineering to bypass its defenses, including two-factor authentication on accounts. Experts say companies must have defenses in place against such schemes, which have long been employed by fraudsters.