The SolarWinds supply chain attack is another example of the damage that lateral movement by system intruders can cause. Tim Keeler of Remediant describes why detecting lateral movement is so challenging.
This edition of the ISMG Security Report features an analysis of the impact of a hacking campaign linked to Russia’s Sandworm that targeted companies using Centreon IT monitoring software. Also featured: a discussion of CIAM trends; a critique of Bloomberg's update on alleged Supermicro supply chain hack.
What's needed to make a shift from traditional IAM to CIAM? To start, an organization needs to look at fraud detection solutions and risk-based authentication technologies such as device intelligence and behavioral biometrics, says David Britton of Experian.
Consumers hate passwords, criminals love them. And while the journey to passwordless authentication takes time, there are lessons to be learned from major global organizations who have started down the path. Dr. Rolf Lindemann of Nok Nok Labs shares insights.
Recent hacking incidents, including one targeting Twitter, are raising awareness of the importance of privileged access management, says David Boda, group head of information security for Camelot Group, operator of the U.K. National Lottery. He describes PAM best practices.
The latest edition of the ISMG Security Report features a discusssion with Equifax CISO, Jamil Farshchi, on the lessons learned from the credit reporting firm's massive data breach three years ago. Also featured: Australians' driver's licenses leaked; privileged access management tips.
This session is dedicated to our UK, EU and ME audiences and will provide practical steps to enable organisations to successfully implement a strategy of least privilege. Least privilege will allow you to eliminate unnecessary risk by elevating rights across multi platforms and networked devices without hindering...
The new work reality has created a change in how information is accessed and used, and attackers are targeting remote users with increasing frequency and efficiency. This has brought on a new shift in the IT paradigm which requires identity to act as the central control point in defining an enterprise security...
You know securing privileged access is a must, but where do you even begin?
Thycotic's live expert session is a must for teams launching PAM (Privileged Access Management) initiatives to start on the right foot. As you progress on your PAM journey, there's always something new to learn. If you've already begun...
The latest edition of the ISMG Security Report analyzes why ransomware gangs continue to see bigger payoffs from their ransom-paying victims. Also featured: Lessons learned from Twitter hacking response; security flaw in Amazon's Alexa.
The emerging cloud-delivered service model known as security access service edge, or SASE, is designed to help simplify security for remote access, says Sean Duca of Palo Alto Networks, who explains how the model works.
Chaos ensued when miscreants interrupted a virtual bail hearing on Wednesday for the suspected Twitter hacker, hijacking the feed with screams, chatter and, for a few brief seconds, pornography. The meeting details were public, and the meeting had not been password protected.
Twitter says attackers who hijacked more than 130 high-profile Twitter accounts used social engineering to bypass its defenses, including two-factor authentication on accounts. Experts say companies must have defenses in place against such schemes, which have long been employed by fraudsters.
An identity and access management strategy for a hybrid cloud environment should include single sign-on as well as multifactor authentication, says Andrew Koh, deputy general manager and regional lead-Risk at Habib Bank Ltd. in Singapore.
As part of healthcare's digital transformation, payers and providers alike have rolled out patient portals and telemedicine platforms to increase access to care, improve patient participation and decrease healthcare administrative costs.
How secure are these portals? What types of authentication protocols are used to...