Improvements in behavioral biometrics and analytics are changing the way many financial services firms approach authentication. And more companies also are taking a "zero trust" approach to improve identity and access management, according to two security experts interviewed at RSA 2020.
Dell Technologies has agreed to sell its RSA security division to private equity firm Symphony Technology Group in an all cash deal worth more than $2 billion, the companies announced Tuesday. The news comes on the eve of the annual RSA Conference in San Francisco, which starts Monday.
Information Security Media Group, a premier media partner at the annual RSA Conference, will conduct over 200 video interviews at this year's event with cybersecurity thought leaders, executives, CISOs and sponsors.
Time for a fresh edition of "learn from how others get breached" focusing on Equifax. The goal is not blame, but rather to highlight specific missteps so others can avoid making the same mistakes. The Equifax breach offers a plethora of takeaways to help organizations better repel attackers.
Twitter says it has fixed an API problem that would have allowed someone to match phone numbers en masse to corresponding accounts, which could potentially unmask anonymous users. The flaw could have been found and exploited by state-sponsored actors, the social media firm warns.
Conferencing service provider Zoom has fixed a vulnerability that - under certain conditions - could have allowed an uninvited third party to guess a meeting ID and join a conference call. The exploitation of the flaw revolves around guessing IDs for meetings that aren't password-protected.
Deception technologies offer a way to shift away from a purely defensive "detect and response" posture toward a more proactive offensive approach that draws stealth cyberattackers into the open before a breach.
A baby photo and video-sharing app called Peekaboo Moments is exposing sensitive logs through an exposed Elasticsearch database, a researcher has found. The data includes baby photos and videos, birthdates, location data and device information.
Zero Trust has become a cybersecurity marketing buzzword. But Kelsey Nelson of Okta sheds light on the realities of the Zero Trust approach, with a specific focus on the identity and access management component of the strategy.
Adopting the policies in NIST 800-171 brings multiple security-related benefits, including best practices for data access policies, reduced risk of data breaches and insider threats, and a scalable approach to protecting sensitive data.
"Zero Trust" security is rapidly transitioning from a marketing buzzword to a practical methodology for protecting today's global networks. Stan Lowe, global CISO of Zscaler, shares his 2020 vision for zero trust.
Identity and Access Management is at the epicenter of many corporate security vulnerabilities. Markku Rossi of SSH Communications Security discusses how a "Just-in-Time" approach to credential management eliminates standing privileges.