Much of the focus of identity and access management (IAM) is concerned with easy and unobstructed access to a large population of end users with minimal disruption to IT operations.
In this e-book, you'll discover:
What PAM is and why it can be a prime source of security breaches;
How you can manage or even...
Patch management problem: Organizations must identify and fix all new vulnerabilities in their software and hardware as quickly as possible. Unfortunately, on average, attackers keep exploiting flaws faster than they're being patched, says Tenable's Gavin Millard.
In the age of GDPR, more organizations are looking to data classification - including more automated techniques for doing so - as a way to not only help them protect their crown jewels, but in the case of a breach quickly identify what went missing, says Digital Guardian's Tony Themelis.
A coding mistake by an electronic health records vendor has resulted in a data breach impacting thousands of United Kingdom patients. But the incident also serves as a reminder to healthcare entities in the U.S. and elsewhere about the variety of data privacy and security risks vendors can pose.
Google says it closely vets third-party party applications that peek into Gmail boxes. But an investigation by the Wall Street Journal raises questions if consumers are fully aware of the consequences of granting access to third-party apps and the practices of email-scanning companies.
The difficulty in hiring new information security personnel and need to combat the ever-rising number of threats is driving many organizations to seek increased incident response automation, and in many cases to get it by working with managed security service providers, says AlienVault's Mike LaPeters.
Much more must be done to shore up the U.K.'s national infrastructure. "It's partly austerity, and it's partly what's happening in the global economy, but we've really seen an underinvestment, specifically in the critical national infrastructure," says LogRhythm's Ross Brewer.
The security of your vendor's entire enterprise impacts you, and that is why third-party security risk matters. The third-party space is currently being transformed, which will change you how must prioritize risk.
Download this white paper and learn:
Principles for fair and accurate security ratings;
Old technology never dies, but rather fades "very slowly" away, as evidenced by there being 21 million FTP servers still in use, says Rapid7's Tod Beardsley. Rapid7's scans of the internet have also revealed a worrying number of internet-exposed databases, memcached servers and poorly secured VoIP devices.
What real firms are doing to solve third-party security risk?
Based on in-depth interviews of security executives from 30 domestic and global firms, this report reveals the real world capabilities and practices employed to manage third-party security risk. The learnings are embodied in a repeatable framework,...
What are hot cybersecurity topics in Scotland? The "International Conference on Big Data in Cyber Security" in Edinburgh focused on everything from securing the internet of things the rise of CEO fraud to the origins of "cyber" and how to conduct digital forensic investigations on cloud servers.
In January 2018, Financial Crime Enforcement Network (FinCEN) announced changes to the Suspicious Activity Report (SAR) form. Financial organizations currently subject to the FinCEN SAR eFiling will soon have to make major changes to comply with the new rules by January 1, 2019. The suspicious activity types that need...
Your executives have adopted a service-provider-first strategy, outsourcing system hosting and services operations on a large scale. As systems and services move outside the organization, related information assets move with it. While you can outsource your systems and services, you cannot outsource your risk....
Recent failures of IT systems at some major airports and banks are a reminder that as an organization launches a digital transformation project, or seeks to move more of its processes to the cloud, those efforts won't necessarily proceed smoothly or securely, says Skybox Security's Justin Coker.
The latest challenge to face CISOs: Finding the best way to keep their organization secure while at the same time navigating political edicts that may lack any technical detail or present solid facts or alternatives to suspect technology, says Jaya Baloo, CISO of KPN Telecom.