From SolarWinds to Kaseya, Accellion, Log4j and Okta, third-party security breaches are among the most devastating for organizations affected. Tony Morbin of ISMG dives into the story behind the results of a global survey with Demi Ben-Ari, the co-founder, CTO and head of security at Panorays.
Financial services giant Morgan Stanley will pay a $35 million fine to settle U.S. Securities and Exchange Commission charges that it failed to comply with rules requiring it to safeguard customer data as well as ensure it is disposed of properly.
Deep Instinct has tasked the former CEO of Palo Alto Networks and COO of Zscaler with reworking the company's go-to-market strategy to better serve large enterprises. The company has moved longtime executive Lane Bess from the executive chair to the CEO's seat to recruit experienced sales leaders.
Decentralized identifiers and verifiable credentials, in which consumers can use their digital identity credentials for a variety of tasks, have significant evolving potential within the realm of identity and access management, says Merritt Maxim, vice president and research director at Forrester.
CrowdStrike has purchased external attack surface management startup Reposify to help organizations detect and eliminate risk from vulnerable and unknown assets. This deal will allow CrowdStrike to combine its insights on endpoints and IT environments with Reposify's internet-scanning capabilities.
In the latest "Proof of Concept," David Pollino, former CISO of PNC Bank, and Ari Redbord, head of legal and government affairs at TRM Labs, join ISMG editors to discuss ethical concerns for CISOs, cryptocurrency regulations, and potential foreign interference in the U.S. midterm elections.
The basic idea behind zero trust is the assumption that all devices and users are untrustworthy until proven otherwise.
Often associated with an identity-centric perimeter, zero trust network access (ZTNA) architecture helps organizations reduce their attack surface by eliminating network-layer risks, but is not...
Learn how to ensure zero trust access to private applications in datacenters, Azure and multi-cloud environments. Leverage your Azure AD user store for Single Sign On (SSO) into any private resource, beyond just SAML-based web SSO.
When it comes to keeping your private apps private, on-prem VPNs lack the agility...
Managed service providers (MSPs) need an effective business continuity and disaster recovery (BCDR) solution to restore data and operations quickly, without sacrificing margin.
That means industry-leading recovery technology from a vendor that is there to support you 24x7x365, no matter what.
Download this eBook...
SaaS applications have become essential supporting collaboration and ensuring easy access to files and folders from anywhere to keep workforces productive and connected.
Unfortunately, many organizations still believe that these tools are completely secure and make the need for backup obsolete. This simply isn’t...
A PSA is the central hub for any MSP or ITSP - it must integrate with all of the critical applications that an MSP needs to run their business, providing full visibility into customers, internal operations, and profitability.
The PSA solution should be purpose-built for MSPs and have a user experience that is...
Internally hosted resources harboring sensitive PII or intellectual property may reside anywhere, from your on-premises data center to public cloud services such as AWS, Azure or GCP. Third parties accessing these resources pose an additional risk, expanding your attack surface to contractors, vendors, resellers and...
Palo Alto Networks has been in a 19-month dry spell when it comes to major acquisitions, but it looks like that's about to change. Israeli business publication Calcalist reported Monday the firm is closing in on a deal to buy New York-based code risk platform provider Apiiro for around $600 million.
From SolarWinds to Kaseya, Accellion, Log4j,
or Okta, third-party security breaches are
among the most devastating for organizations
affected.
Defense against third-party risk is
a top-tier risk register item, and it is not a one-off either – you need
continuous monitoring to evaluate the security stance of...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.