Speaking about his role as managing director, business information security, at financial giant State Street, TJ Hart says, "I wake up nervous, and I go to bed nervous." But he channels that energy into trying to better understand the threat landscape and use that data to make better business risk decisions.
The challenge of dealing with cybercrime is complex. Human factors and the human-computer interface are central components of cybersecurity. But because threat actors understand human behavior, they know how to manipulate it to achieve their goals—stealing money and valuable information from organizations...
This Aite-Novarica Group white paper, commissioned by Radiant Logic, examines the
toll enterprises pay due to identity sprawl and introduces Radiant Logic’s Identity Data
Fabric approach to support identity unification and simplification.
Key takeaways from this research include:
Financial services companies...
From the IT perspective, it’s harder than ever to manage the unending requests from the business side. Moving to the cloud, adding new applications, integrating new partners, securing new devices—business needs keep piling up, and it all needs to be done yesterday. Before you know it, IT has become the bottleneck...
When a large oil company moved to the US from Canada, they also embarked on an IAM modernization
and integration project. Because their business model included future M&As, the goal was to create a
foundation to support integration of business entities with disparate identity infrastructures so that they
While the Capital One breach may have been
jawdropping in its sheer scale, there are best
practice lessons to be learned in its remediation
What was overlooked in the Capital One
data breach, and why it could have been
How to monitor for security events in a
Pfizer has sued a former employee, alleging she uploaded to her personal devices and accounts thousands of files containing confidential information and trade secrets pertaining to the company's vaccines and medications, including its COVID-19 vaccine, to potentially provide to her new employer.
Following the holiday recess, U.S. lawmakers are picking up several legislative priorities starting Monday, including progress on the annual defense spending bill, which contains amendments that would require incident reporting for critical infrastructure providers, among other measures.
Researchers have identified a new remote access Trojan that uses a unique stealth technique to help it stay undetected on a victim's infrastructure and conceal Magecart malware. Dubbed CronRAT, it hides in the Linux calendar subsystem as a task that has a nonexistent date.
An Iranian attacker has been targeting users who have failed to patch a remote code execution vulnerability in a Microsoft browser engine to spy on Farsi-speaking victims, paralleling a similar campaign being run by North Korean attackers, researchers warn.
Biometric data in Pakistan’s National Database and Registration Authority was compromised, a Federal Investigation Agency official has told the country’s national assembly. It has been clarified that this was not a hacking incident, but it remains a concern that the data could be exploited.
The annual IRISSCOM cybercrime conference in Dublin aims to give attendees "an overview of the current cyberthreats facing businesses in Ireland and throughout the world" and how to best defend themselves, organizers say. Here are visual highlights from the conference's latest edition.
The problem with decentralized access management, says Manuel Garat, head of IAM at digital travel company Booking.com, is that while you might know who or what needs access to your network, applications and data, you "don't always know who shouldn't have access."
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including why security teams are still unprepared for cyberattacks over weekends and holidays, which experts warn is when attackers love to strike.
A health insurer in New Mexico is warning of a data breach that exposed customers' personal and medical information. True Health New Mexico reports that nearly 63,000 individuals' personal details were exposed in the "early October" incident. It's offering all victims prepaid credit monitoring services.