A misconfigured Alibaba private cloud server has led to the leak of around 1 billion Chinese nationals' personal details. An unknown hacker, identified as "ChinaDan," posted an advertisement on a hacker forum selling 23 terabytes of data for 10 bitcoins, equivalent to about $200,000.
How does a conglomerate implement PAM across multiple companies? What are some of the challenges, and how can you overcome them? Gonz Gonzales, the CISO at JG Summit Holdings, one of the largest conglomerates in the Philippines, shares his journey of PAM implementation across companies.
Tired of keeping track of passwords? Recent announcements by major platform vendors Google, Apple and Microsoft could have passwords down for the count in the next six years, says Andrew Shikiar, executive director of the FIDO Alliance, which has been on a 10-year mission to eliminate passwords.
In this discussion, we will explore how Ping Identity and AWS helped a large financial institution provide their customers with a secure, frictionless experience while allowing them to focus on growth and digital transformation and how you can utilize the same strategies and best practices.
View this session to...
Ping Identity is making a $50 million bet it can integrate cutting-edge technology into its own stack through a new in-house corporate venture fund to support identity and access management technology startups. "We want to have a nice overall corporate strategy portfolio," says Ping's Anton Papp.
The need for more modern identity and access management capabilities such as biometric and passwordless authentication has been amplified by the COVID-19 pandemic and the shift to remote work, according to Forrester researchers Paul McKay and Merritt Maxim.
Interest in passwordless authentication architecture continues to grow among U.S. government agencies and departments as they embrace more modern approaches to identity and access management, says Sean Frazier, federal chief security officer at Okta.
In the latest weekly update, Jeremy Grant, coordinator of the Better Identity Coalition, joins three editors at ISMG to discuss important cybersecurity issues, including where we are with passwordless, if we are getting closer to a U.S. federal privacy law, and next-gen authentication technologies.
The public-private Ransomware Task Force last year issued numerous recommendations for battling ransomware, and task force member Marc Rogers of Okta says that while the problem persists, better mechanisms are helping to blunt such criminal activity.
Jeremy Grant of Venable says we are getting closer to eradicating the password. He says that in the next 12 to 18 months, "There will be a lot of uptake from big, consumer-facing brands to finally kill the password and let people instead create a passkey when they sign up for an account."
Cloud has a dirty little secret: While most say moving to cloud is inevitable, not everything today can or even should run in the cloud, says SecZetta's Richard Bird. He explains why hybrid approaches are here to stay and how security teams must respond, especially when it comes to identity.
Jeremy Grant says many areas in cybersecurity are fragmented, but Grant Schneider adds, "We don't want everyone developing collaboratively because the competition drives a lot of innovation in this space." The two discuss striking the right balance between industry fragmentation and collaboration.
With the ongoing pandemic driving digital transformation and hybrid work, it's no surprise that the theme of this year's RSA Conference was "transform." Carrying forward that theme, RSA CEO Rohit Ghai says that channeling "disruptive forces at play" can be a powerful tool for driving needed changes.
Companies need better visibility into their ever-changing distributed environments "like never before," says Mike Kiser, director of strategy and standards at SailPoint. He discusses cloud governance, digital transformation and identities, and the importance of transparency in automation.
Okta's competitive win rates and renewal rates weren't measurably affected by the Lapsus$ cyberattack that came to light in March. The company looked through hundreds of opportunities with customers and prospects to see if any of the potential sales had been delayed or canceled due to the breach.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.