More than15 years ago, the nation of Estonia rolled out a digital identity program for all citizens, allowing access to government services, banking, shopping - even voting. What lessons can global businesses learn from Estonia's example? Joseph Carson of Thycotic offers insight.
When an employee exits, it's essential to ensure their access rights don't go with them. Too often, however, organizations fail to track who's joining, leaving or changing roles, leaving them at increased risk of malicious activity.
Enterprise security leaders largely understand the business problems posed by a lack of privileged access management. But understanding and overcoming the obstacles to deploying a successful PAM rollout? That's the real challenge, says Alex Mosher of CA Technologies.
Too many businesses assume that the internet will be around forever, but that's faulty thinking and an impractical business practice, says Information Security Forum's Steve Durbin, a featured speaker at Information Security Media Group's Fraud and Breach Prevention Summit in Atlanta this month.
With apologies to Troy Hunt, the last thing you want to see in the morning as you're having your first cup of coffee and scanning the interwebz for cat videos is a notice from his "Have I Been Pwned" breach-alert service.
Hackers have been targeting the likes of AOL and Yahoo, in part, because a certain generation of users - including many senior U.S. officials - continue to use the services to send and store state secrets. Let's make sure future generations don't make similar mistakes.
A groundbreaking study from RAND Corporation quantifies the stakes around how zero-day software vulnerabilities get discovered and persist, bringing hard facts to bear on related - and contentious - debates surrounding vulnerability disclosure and public safety.
In the history of data breaches, Cloudflare's recent breach was strikingly unique, in that a software bug caused a random regurgitation of data from server memory. But a postmortem from CEO Matthew Prince should put most people's concerns to rest.
At this year's RSA Conference, we have about 35 videos on the docket. And truly we're talking about the A-Z of information security thought leaders, from CrowdStrike co-founder Dmitri Alperovitch to ZixCorp CEO David Wagner, with a stop in the middle to discuss homeland security with U.S. Rep. Michael McCaul.
Just like epidemiologists studying disease outbreaks, cybersecurity professionals can benefit from identifying and mitigating certain behaviors, says Dr. Elizabeth Lawler, an epidemiologist who is CEO of Conjur, a data security firm.
When Army intelligence specialist Chelsea Manning leaked classified documents to WikiLeaks in 2010, the federal government's security clearance process served as the main defense against malicious insiders. CERT's Randy Trzeciak explains how insider threat defenses have changed since then.
Facebook is aiming to make account recovery and password resets more secure with a new, updated approach that eliminates outdated weaknesses such as emailed reset links, SMS messages and security questions.
Hackers have apparently hijacked potentially thousands of vulnerable MongoDB databases and demanded ransoms for the return of critical data, with some victims paying up, according to security researchers.
The lack of a smoking gun - absolute certainty - has some security experts not entirely convinced that the Russians or their backers hacked Democratic Party computers in an attempt to sway the U.S. presidential election.