Multifactor authentication and privilege-based controls are among the forms of identity and access management that can help security leaders address key vulnerabilities in their organizations, says Charanjit Singh Sodhi of Normura Wholesale, who offers advice.
Uber has been slammed with $1.2 million in fines by U.K. and Dutch privacy regulators for its cover-up of a 2016 data breach for more than a year. The breach exposed millions of drivers' and users' personal details to attackers, whom Uber paid $100,000 in hush money and for a promise to delete the stolen data.
Despite increased use of two-factor authentication, single sign-on, and biometrics, passwords are still the most common form of authentication. However, when a significant percentage of breaches are caused by weak, stolen, or reused passwords, it's clear passwords pose significant risks that can't be ignored.
From...
You know password management is important. But is your business failing to invest in this easy security and productivity win?
In this Global Password Security Report, we're uncovering the true state of corporate password security around the world. We analyzed aggregated data from more than 43,000 businesses using...
A vulnerability is only as bad as the threat exploiting it and the impact on the organization. Security and risk management leaders should rate vulnerabilities on the basis of risk in order to improve vulnerability management program effectiveness.
Gartner receives frequent inquiries from clients who are...
Identity and access management is not about compliance anymore - It's really about security, says Gartner's Felix Gaehtgens. With cloud, virtualization, DevOps and other IT trends, IAM has evolved from being a one-off project to an ongoing initiative.
Step away from the social media single sign-on services, cybersecurity experts say, citing numerous privacy and security risks. Instead, they recommend that everyone use password managers to create unique and complex passwords for every site, service or app they use.
One mystery with the recently discovered payment card sniffing attacks against such organizations as British Airways and Newegg has been how attackers might have first gained access to the victims' networks. But a number of cybercrime markets sell such access, in some cases for as little as 50 cents.
Security technology innovations entering the market are getting attached as features to an infrastructure that is fundamentally broken and an enforcement model that cannot operate in real time, says Matthew Moynahan, CEO at Forcepoint.
Forty-eight percent of customers drop the products and services
of organizations that have had a publicly-disclosed data breach.
This is but one of the findings of the new 2018 Global State of
Online Digital Trust study commissioned by CA Technologies.
The new research study, developed by Frost and...
While support for cloud infrastructure is rapidly maturing and more vendors are adding behavior analytics and privileged task automation, pricing and licensing remain variable. Security and risk management leaders should evaluate multiple vendors with an eye on future requirements as well as costs.
Download this...
Is your privileged access management system directly addressing the problems which face your business?
Download this white paper and learn:
How privileged accounts should be used by one system to connect to other accounts used to run service programs;
Best practices for processes, policies and technology used to...
T-Mobile has suffered a breach that may have exposed personal data for 2.3 million of its 77 million customers, and one security researcher says the hacker appears to be keen to sell the stolen data.
U.K. health and beauty retailer Superdrug Stores is warning customers that attackers may have compromised some of their personal information, apparently because they'd reused their credentials on other sites that were hacked. While Superdrug quickly notified victims, it stumbled in three notable ways.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.
