The Principle of Least Privilege is one of the longest standing principles of security. People (as well as applications) should only have access to the things they need to do their job, and nothing else. While being overly permissive may make life a bit easier in the short-term, it can easily come back to haunt you long-term, whether due to a malicious attack, misplaced credentials, or even an honest mistake.
Generali Global Assistance released the findings of its fourth annual Holiday Shopping ID Theft survey. The survey examines consumer sentiment on retail data breaches and the identity theft risks holiday shopping poses.
The need for improved security for remote workers requires more resources; however, the ongoing economic conditions often require lowering costs. A Microsoft survey found most leaders increased budgets for security and compliance (58 and 65% noting an increase), while 81% of respondents also reported pressure to lower security costs overall. IT is therefore tasked with protecting their company’s networks from the remote work-related threats while operating with leaner budgets. Doing this effectively will require multiple strategies to make sure your network is secure with the shift to remote work. Here are three examples on how broader security can be achieved.
Fake news, which is promoted by social media, is common in elections and it continues to proliferate in spite of the somewhat limited efforts social media companies and governments to stem the tide and defend against it. It is only a matter of time before these tools are redeployed on a more widespread basis to target companies, indeed there is evidence of this already happening. University College London has come up with a tool to detect fake news before it becomes a problem.
A recent Outbound Email Security Report revealed that stressed, tired employees are behind four in 10 of the most severe data breach incidents. As stress levels rise, rushed employees are more likely to make simple mistakes such as sending an email to the wrong person, or attaching the wrong file.
Cybersecurity breaches are an all-too-common and ever-evolving threat that every organization should be prepared for. But as digital ecosystems evolve to support new innovations and an increasing number of connected devices, so does the complexity of managing and securing critical network infrastructure. What can be done to prevent attacks and protect sensitive data and critical infrastructure? One of the first and most critical steps to improving security is to ensure network management operates independently from the production network.
The choices you make when a cyberattack happens are critical. They can either mitigate the damage or make it worse. Even those companies that have built robust defenses miss an important step: a comprehensive response plan that will guide them in the event of a breach. So, what steps can you take to ensure business resilience and continuity?
On November 4, 2020, the California Privacy Rights Act (CPRA) passed, with a decisive majority of Californians (56% according to the Secretary of State's web site) supporting the measure to strengthen consumer privacy rights. Here, we talk to Heather Federman, Vice President of Privacy & Policy at BigID, about this sweeping privacy law that will set the bar for privacy rights for the rest of the nation.
Overlooked risks can cost companies millions in financial and reputational damage — but existing commercial threat intelligence solutions often lack data coverage, especially from these alternative web spaces.
How does this impact corporate security operations, and how can data coverage gaps be addressed?
In its quarterly report, toy maker Mattel announced it was the victim of a ransomware attack on its information technology systems that caused data on a number of systems to be encrypted in July 2020.
