Why do so many enterprises remain chained to outdated and vulnerable identity and access management technologies - legacy systems that rely on passwords, eat budgets and kill productivity? Baber Amin of Ping Identity and Ramnath Krishnamurthi of LikeMinds Consulting preview a new virtual roundtable on Modernizing IAM.
Temperatures (and tempers) are rising, and nations and states alike are starting to relax their COVID-19 restrictions. But pandemic expert Regina Phelps says it's too early to be celebrating victory and reopening offices because the first wave of the virus has yet to end.
Southeast Asia has become a hotbed for cybercrime activities, says Anthony Bargar, former deputy CISO of the U.S. Department of Defense, who says enterprises in the region need to take a collaborative defense approach to respond to this new threat environment.
The attack sounds ripped from an episode of TV show "24": Hackers have infiltrated a government network, and they're days away from unleashing ransomware. Unfortunately for Florence, a city in Alabama, no one saved the day, and officials are sending $300,000 in bitcoins to attackers for a decryption key.
When security teams apply agile methodologies, they are better able to deliver value and can more easily pivot and change plans, says Kevin Fielder, CISO of Just Eat, a British online food ordering and delivery service with operations in 13 countries.
The latest edition of the ISMG Security Report discusses Europol's launch of the European Financial and Economic Crime Center, and also details the London Met's perspective on recent cybercrime trends, and to need to maintain a paper audit trail for mobile voting.
A bipartisan group of lawmakers sent a letter to Juniper Networks seeking a more detailed explanation into a 2015 incident when an NSA-created algorithm - that may have included a backdoor - appeared in a company product that would have allowed VPN traffic to be decrypted.
Cybercriminals are continuing to take advantage of unsecured Amazon S3 buckets, with RiskIQ researchers recently finding card skimming code and redirects to a long-running malvertising campaign infecting several websites.
It is important to have contextual authentication in place to manage privileged as well as less privileged accounts in an organization, says Avinash Tiwari, CISO and head, information security, at Pidilite Industries, a large manufacturing firm.
A software error that briefly allowed individuals to access other patients' telehealth appointment recordings serves as a reminder of the potential security and privacy risks involving telemedicine applications, especially as the use of the technology soars during the COVID-19 pandemic.
Perceived wisdom is that mobile voting will be open to significant opportunities for interception, manipulation and nation-state interference. Nimit Sawney, CEO of Voatz, describes the architecture of a secure mobile voting system.
Payment fraud continues to evolve during the COVID-19 pandemic, exploiting changing habits and behaviors of consumers. Melissa Gaddis of TransUnion, who has been tracking these changes, says one of the surprising changes concerns millennials: They're now fraudsters' top target.
An ongoing phishing campaign has targeted top officials at a German multinational company tasked with procuring personal protective equipment during the COVID-19 pandemic, according to IBM. While it's not clear if these attacks were successful, they contain the hallmarks of a nation-state group.
Several U.S. energy providers have been targeted by a spear-phishing campaign attempting to spread a recently discovered Trojan called FlowCloud, according to Proofpoint research. The analysts have found connections between these attacks and another campaign using malware called LookBack.
With internet connectivity getting added to an increasing number of products, privacy and security risks abound. But buyers may be unaware. A team of Carnegie Mellon University researchers aims to change that, by clear labeling of connected devices and the risks they may pose.