Passwordless authentication will gain traction once it addresses edge cases such as logging into Netflix using a remote control, says Hypr CEO Bojan Simic. He shares how a QR code and a biometric identifier on a smartphone can transform the way someone accesses the Wi-Fi at a friend's house.
The FIDO2 standard has driven the adoption of multifactor authentication as well as the embrace of passkeys and conditional UI, says Superlunar's Nick Steele. FIDO2 will help users adopt passwordless flows while protecting websites with public key credentials in a way that hadn't been possible.
In 2023, we'll see ransomware groups exploring new methods to get money from the same victims and entering the "the fifth generation of ransomware." Cybereason field CISO Greg Day shares his predictions for cybersecurity trends this year, from cloud security to deepfake scams.
Organizations must grapple with software development happening at a faster pace than ever as well as an exponential increase in attacks on the software layer. Contrast Security has therefore developed new technology to secure code that's deployed quickly to the cloud, CEO Alan Naumann says.
Vista Equity Partners' specialization in enterprise software and bench of subject-matter experts should help KnowBe4 reach $1 billion in ARR, says CEO Stu Sjouwerman. The processes and tech stack that got KnowBe4 to $300 million in ARR today aren't necessarily what'll get the firm to $1 billion.
In the latest weekly update, ISMG editors discuss how online markets selling illegal substances are moving to Android apps to evade authorities, how check fraud, first-party and AI-related fraud will increase in 2023, and how Chinese state-sponsored actors may benefit from Russia's war in Ukraine.
As regulators push healthcare entities and vendors to make it easier for patients to access their electronic health information, organizations must balance compliance with the prevention of potential security breaches, says attorney David Holtzman of HITprivacy LLC.
Hackers are going downstream in their attacks on healthcare sector entities and their third-party business associates because in many cases, these cybercriminals have already hit up the larger players, says Michael Hamilton, CISO of security firm Critical Insight.
"If we look at all of the types of issues with cloud breaches, it always comes down to misconfiguration," says Troy Leach of Cloud Security Alliance. "The challenge is: People try to treat cloud environments the same as they've always done on-premises, and that is unfair for both environments."
Determining which asset vulnerabilities should be prioritized for remediation is one of the biggest challenges for virtually every CISO and CSO, says Armis co-founder and CEO Yevgeny Dibrov. Dibrov says CVE and CVSS scores aren't an effective way to prioritize which vulnerabilities to fix first.
In the latest weekly update, ISMG editors discuss how collaboration platform Zoom has strengthened its security features, the implications of a new law on medical device security for patient safety, and details on how a zero-day exploit enabled the ransomware hit on cloud computing firm Rackspace.
Industrial control vendors such as Honeywell are increasingly adopting Nozomi Networks within their security portfolio, says CEO Edgard Capdevielle. Firms such as Siemens can actually run Nozomi's products inside their platform, while others have incorporated its tool into a managed service bundle.
Cybercriminals are becoming bolder in their attacks on healthcare entities and in how they're compromising patient data - and that's a very worrisome trend, says Nicholas Heesters of the Department of Health and Human Services' Office for Civil Rights.
The embrace of the open internet as the new corporate network has created challenges around remote access and employee security, says Perimeter 81 CEO Amit Bareket. Perimeter 81 has attempted to simplify securing remote work by bringing ZTNA and SWG together on a single management console.