The New York Office of the Attorney General (OAG) notified 17 well-known online retailers, restaurant chains and food delivery services that have been the victims of credential stuffing attacks.
Security professionals can use these four strategies to better protect themselves against third-party risk, which can lead to cyberattacks and data breaches.
When employing a zero trust strategy at an enterprise, cybersecurity teams must consider instituting a least privilege policy — providing only strictly necessary access credentials to employees and revoking them when no longer needed.
Security teams who aim to control secure access to networked applications and sensitive data often focus on the authentication of user credentials. Yet, the explosive growth of connected devices and machines in today’s enterprises exposes critical security vulnerabilities within machine-to-machine communications, where no human is involved.
According to a recent report by Garner Insights, the smart building market is expected to grow from $7.4 billion in 2017 to nearly $32 billion in 2022 — that’s more than a quadruple increase in just five years.
Often, the touch-free conversation is tied with the need for mobile access solutions. While the two approaches are not interchangeable, both are ideal choices to reduce hand-to-door contact in high traffic public areas such as office lobbies and entry ways, healthcare facilities, restaurants, schools, and restrooms. When combined, they offer contactless, barrier-free and user-friendly access that assure secure entry, minimize high frequency touchpoints, and reduce the spread of germs.
Specops Software discovered that 41% of employees had not been provided with adequate cybersecurity training while working from home, and they were keen to discover which sectors were experiencing the most threats during this time. They found that 54% of businesses across 11 sectors have seen a rise in cybercrime threats since working from home, with phishing being the most prevalent attack.
The SEC’s Office of Compliance Inspections and Examinations (“OCIE”) recently issued a Risk Alert (the “Alert”) discussing cybersecurity observations from its examinations over time. The Alert did not state the time period of examinations included; however, OCIE has conducted several cybersecurity targeted exams over recent years.
From the early days of the web, the concept of authentication has been synonymous with the notion of ‘logging in,’ typically with a username and password. Today, this ubiquity has exploded to the point that the average individual has 191 usernames and passwords acting as one-to-one keys for any website they’ve registered with.
