One Identity released global survey results that revealed that 37% of IT professionals rated rapid changes in their AD/AAD environment as the key impact of COVID-19 on their organization’s identity management team. Given the unique challenges of the sudden shift to remote work amidst COVID-19, businesses should look toward integrating AD/AAD with a strong privileged access management (PAM) solution in order to harness the full value of AD and AAD, dramatically increasing the security of their IT environments.
While there are several security concerns that cloud users must address in the long run, here are three critical areas that must be given immediate attention, especially now as organizations are planning to scale their remote work setup, and nine best practices organizations must follow to ensure optimal safety of their cloud instances.
We live in a digital age, yet voting remains woefully outdated. The nation’s recent experience holding a presidential election during a pandemic highlights how important it is to modernize the voting process. The benefits of transitioning to online voting are numerous, including easier access as voters would no longer be required to wait in long lines and greater efficiency as votes would be tabulated electronically.
The US Secret Service hosted a virtual Cyber Incident Response Simulation for financial services, real estate, retail and hospitality executives who trained on mitigation strategies for a simulated business email compromise (BEC) attack. Business Email Compromise is a sophisticated scam targeting both businesses and individuals performing a transfer of funds. The scam is frequently carried out when a subject compromises legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.
Traditionally, security operations centers (SOC) used tools such as endpoint detection and response (EDR), network detection and response (NDR), and security information and event management (SIEM), but as a result of the rush to remote work, many security teams have found their tools are now blind to many new and emerging threats.
With mobile usage a dominant channel going forward, authentication techniques need to move beyond two steps forward for authentication and one step backward for user experience. Just as passwords are being discarded because of the high friction they create for users, new multi-factor authentication techniques are moving in.
A recent survey conducted among consumers and IT professionals by SecureAge Technology suggests that a majority of these groups believe COVID-19 contact-tracing technologies put individuals' personally identifiable information (PII) at risk. Generally, however, both these groups believed that these types of tools could help mitigate the spread of the disease, and would support a nationwide rollout of the technology in spite of privacy concerns. So, are contact tracing apps a 'necessary evil'? If so, what can be done to make these apps safer to protect PII and the privacy of the public? Here, we talk to Paul Kohler, Chief Technology Officer (CTO) at S3 Consulting.
The Cybersecurity and Infrastructure Security Agency (CISA) issued an Emergency Directive 21-01, in response to a known compromise involving SolarWinds Orion products that are currently being exploited by malicious actors.
Hackers working on behalf a foreign government are believed to be behind a highly sophisticated attack into a range of key government networks, including in the Treasury and Commerce Departments, and other agencies. The hackers had free access to their email systems.
It’s a typical day in the Global Security Operations Center (GSOC). The anticipated chatter on the phones, radio communication, and sounds of the software giving audible alerts are all what you’ve come to expect in this busy hub of the security program.
RSS
