U.S. federal agencies reported 8% fewer cybersecurity incidents in 2019 compared to the previous year, according to the White House's Office of Management and Budget. But 71 audits of agencies' "high-value assets" showed many remain susceptible to attacks because of a lack of security measures.
Jeremy Grant has spent more than two decades championing the cause of secure digital identities. But as the COVID-19 pandemic has created a remote workforce of unprecedented scale seemingly overnight, are current approaches to securing the identity management and attestation practice up to the challenge?
Even after being notified that their personal data has been compromised in a breach, only about a third of users change their passwords - and most are not strong or unique, according to a study by researchers at Carnegie Mellon University, who call for changes in breach notification procedures.
The world has experienced an unprecedented business disruption that instantly created the largest remote workforce - and largest attack surface - in history. How do you validate users and access in this new dynamic workforce? RSA's Steve Schlarman and Ben Smith preview an upcoming series of virtual roundtables.
An independent security researcher disclosed a zero-day vulnerability contained in the "Sign in with Apple" feature that, if exploited, could have resulted in a full account takeover. The vulnerability has been patched, and Apple says it found no account misuse tied to it.
A federal judge has ordered Capital One to turn over a forensics report covering its 2019 data breach, which has been sought by plaintiffs in a class action lawsuit. The report, if it becomes public, could shed light on one of last year's biggest breaches.
The remote workforce brings more flexibility. But it also comes with unique challenges such as VPN congestion, a greater attack surface and a lack of visibility for security. How can you help remote workers to be both productive and cybersecure? Menlo Security's Kowsik Guruswamy offers advice.
The Russian blogging platform LiveJournal confirmed this week that it suffered several brute-force attacks in 2011 and 2012. But it insists that the 26 million usernames and passwords that are now available for sale on darknet forums came from other sources.
The Future of Unified Workplace Access
A Vision for a Unified Physical Identity and Access Management for Financial Institutions Vision for a Unified Physical Identity and Access Management for Financial Institutions
Banks and financial institutions are undergoing a physical transformation and rebirth. As cyber...
As more organizations rely more heavily on cloud-based applications as a result of a remote workforce, they must avoid taking identity and access management shortcuts, says James Gosnold of the cloud consultancy CloudKubed, who calls for the addition of another layer of authentication.
Every team building a mobile or app has a choice to make: build the whole app from scratch or find and use a pre-built option to A third-party customer identity and access management (CIAM) solution is another such service. A digital identity layer comprised of APIs, SDKs, and out-of-the-box customizable components...
The massive shift to remote working as a result of the COVID-19 pandemic means more organizations are adopting the "zero trust" model, taking such steps as implementing proper access controls, monitoring user behavior and building data governance policies.
Companies add tool after tool to secure their data, systems, and users. But instead of increased security, they're left with misconfigured, repetitive, or siloed tools and little visibility and control over their environments. This leads to poor cyber hygiene and creates severe security vulnerabilities, especially as...