The Department of Health and Human Services is facing some of the same cloud security problems as the healthcare organizations it regulates: weaknesses in a dozen different cloud security controls and inventories of cloud systems, according to an inspector general's audit report.
The Monetary Authority of Singapore said banks will phase out one-time passwords for bank account logins over the next three months for customers who use digital tokens to authenticate their identity. The move follows a rise in phishing scams that impersonate banks in messages to steal credentials.
Keith Bergin, vice president of corporate claims at Tokio Marine HCC, explains how cyber insurers evaluate security measures such as MFA and administrative access control, and describes the integration of threat intelligence and pre-breach services to enhance policyholder security.
In the latest weekly update, ISMG editors discussed the fallout from the recent Snowflake breach and its impact on 165 companies and their users, the ongoing challenges in combating online fraud, and takeaways from ISMG's cybersecurity summit in Chicago.
Who's responsible for the data breaches experienced by customers of the data warehousing platform Snowflake due to credential stuffing attacks? While users have security responsibilities, multiple platforms - including Snowflake - have shortcomings they must urgently address.
Even the most accomplished executive can find the vetting and purchasing of appropriate cyber insurance overwhelming. Understanding that "cyber insurance" is not a legal term or a standard insurance industry term can make this conundrum even more onerous. However, with some background knowledge, preparation, and...
In the latest weekly update, ISMG editors discussed critical infrastructure security challenges, a report on the 2022 Medibank breach compromising personal data for 10 million people, and Fortinet's acquisition to integrate Lacework's cloud-native security into its Security Fabric and SASE platform.
Generali Poland’s innovative approach to cyber insurance includes an anti-phishing initiative and market education efforts to enhance cyber resilience. Learn how these measures aim to support small and medium-sized businesses in Poland - and bridge the knowledge gap in cybersecurity.
Multifactor authentication is a must-have security defense for repelling outright credential stuffing and password spraying attacks. But no defense is foolproof. Attackers have been refining their tactics for bypassing MFA, including using technology and trickery.
Organizations are moving from traditional perimeter-based security to identity-based security. This shift focuses on continuous identity verification rather than assuming internal users are automatically trusted, said Vivin Sathyan, senior technology evangelist, ManageEngine.
Hypr raised $30 million from Silver Lake Waterman to boost its identity security offerings, aiming for market expansion and a potential initial public offering. The investment supports the New York-based company's multi-product strategy in a rapidly evolving threat landscape.
By decentralizing the ownership of cybersecurity and increasing security consciousness among everyone in the organization, businesses can improve their security posture, said Dom Lombardi, the vice president of security and trust at Kandji. He discussed the concept of collaborative security.
While AI has spurred the growth of authentication controls, it has also enabled voice cloning and video deepfakes to become much more convincing. Fraud fighters are looking at adopting a multifactor authentication system using multimodal biometrics to fight against deepfakes.
Semperis researcher Eric Woodruff discovered Silver SAML - a new technique used to launch attacks from an identity provider against applications configured to use it for authentication. How does it differ from Golden SAML, and how can enterprises respond to the threat? Woodruff shares insight.
As cyberthreats continue to evolve, organizations are increasingly turning to advanced technological solutions to mitigate risks. Kris Burkhardt, CISO, Accenture, discusses how organizations are adopting passwordless systems and using generative AI to bolster their defenses.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.