Criminal hackers don't break for lunches, weekends or holidays. Of course, that's just one of many challenges facing information security teams, as they attempt to maximize visibility and minimize complexity while protecting their business around the clock, says Peter Van Lierde, the CISO of energy firm Sibelga.
A Silicon Valley venture capital firm that runs a matchmaker service linking investors with startups exposed 6GB of data, including deal flow information pertaining to investors and startups. The exposure has been closed, but it's unclear if the company will notify regulators.
Privileged access management is cited as a major concern for enterprises moving workloads to Amazon Web Services (AWS) cloud environments. Managing identities with elevated permissions and cloud entitlements allows organizations to control risk by reducing their attack surface and mitigating the impact of privilege...
Four federal agencies have been awarded $311 million to bolster the U.S. government's cyber defenses and address IT modernization challenges, according to the interagency board of the Technology Modernization Fund, a federal funding source, which made the announcement Thursday.
After a turbulent 2020 dominated by dramatic change, cybersecurity experts everywhere are looking ahead at newly emerging and rapidly evolving threats and the ways in which IAM and IGA are adapting to stop them. But how much of what you’re hearing is hyperbole, and how much should you take to heart?
Join SecurID...
Travis CI, a Berlin-based continuous integration testing vendor, has patched a serious flaw that exposed signing keys, API keys and access credentials, potentially putting thousands of organizations at risk. Those using Travis CI should change their secrets immediately.
"There are so many basics we need to get right," says Daniel Dresner, professor of cyber security at Manchester University. In this interview, he discusses the cybersecurity practices that he recommends to make the task of securing small- to medium-sized enterprises less overwhelming.
The pandemic has created the need for rapid digital transformation and the growing trend of working from home is pushing businesses to adopt "zero trust" and implement it within their own organizations, says Bobbet Castillo, chief technology officer and information security officer at Petnet.
In the 20 years since the Sept. 11, 2001, al Qaida terrorist attacks on targets in the U.S., the need to shore up critical infrastructure and build resilience into systems remains a priority. But over the past two decades, concerns about physical threats have been displaced by cyber concerns.
The White House is preparing executive branch agencies to adopt "zero trust" network architectures by 2024, with CISA and the OMB overseeing the creation of technology road maps that departments must follow. This is a major component of President Biden's cybersecurity executive order.
Implementing a comprehensive identity security program might be described as a Holy Grail. But what does it mean to reduce the complexity for organizations and their employees? CyberArk's David Higgins outlines how to modernize an organization’s identity and access management, or IAM.
Joey Johnson, CISO of Premise Health, a Brentwood, Tennessee-based provider of online healthcare services, outlines a three-pillar security program in which "identity is the central aspect."
At least 38 million records have been leaked by hundreds of online portals that were unwittingly misconfigured by organizations using Power Apps, a Microsoft service to quickly spin up web apps. Microsoft has now changed default settings for Power Apps to prevent inadvertent data exposures.
The rise of ransomware as a criminal moneymaking powerhouse parallels the services offered by initial access brokers, who continue to offer affordable access to victims' networks - often via brute-forced remote desktop protocol or VPN credentials - to help attackers hit more targets in search of larger profits.
Love them or loathe them, passwords are still relied upon for security. Although widespread MFA adoption may have improved the authentication process, as most MFA methods are built on top of passwords, password problems remain at an all-time high. Weak passwords, credential stuffing, account takeovers and phishing are...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.