Some federal agencies inappropriately continue to rely on knowledge-based authentication to prevent fraud and abuse even though this method is no longer trustworthy because so much personal information that's been breached is readily available to fraudsters, a new
U.S. Government Accountability Office report notes.
Cybersecurity continues to be a significant area of concern, with a higher frequency of multi-million dollar, potentially deadly, security breaches, 63% of which can be attributed to a third party.
In this webinar Justin Strackany, Chief Customer Officer at SecureLink, and Tony Howlett, CISO at SecureLink, will...
Google is notifying administrators and users of its business-oriented G Suite product that the company had been storing unhashed passwords for years because of a flaw in the platform. The company believes no customer data was leaked and that all passwords remained encrypted.
Cybercrime has targeted bank and payments solutions for a long time, but in the past few years has expanded its target industries to airlines, insurance, travel, retail and others. CISOs and fraud leaders that have been focused on insider threats are finding they need to consider the fraud darknet eco-system and...
Analysts state 80% of cyber security incidents are caused by credential misuse, with 54% of organisations using inflexible methods such as MS Excel to manage privileged access. Ineffective credential management can also result in the propagation of malware.
However, there is a fast and effective way of "mining"...
Access risk: Security leaders understand their governance and technology challenges. But addressing them with new automated tools - and selling these new processes within their organizations? Those are the problems attendees attempted to solve at a recent dinner in Philadelphia.
The latest edition of the ISMG Security Report features an update on a congressional report that slams Equifax for lacking a strong cybersecurity culture. Also featured: A new study on the status of women in the cybersecurity industry and the use of Android phones as security keys.
Google's latest security feature enables the use of Android phones as a security key, eliminating the need for a separate token or hardware device. The free feature is potentially more appealing that Google's Titan security keys, which cost $50.
Identity and access management is more complicated when organizations rely on a cloud infrastructure, says Brandon Swafford, CISO at Waterbury, Connecticut-based Webster Bank, who describes the challenges in an interview.
While credential vaulting, password rotation, controlled elevation and delegation of privileges, session establishment, and activity monitoring have been the focus of attention for privileged access management (PAM) tools, more advanced capabilities such as privileged user analytics, risk-based session monitoring and...