OMB on Wednesday released a federal strategy to move the U.S. government toward mature zero trust architectures. White House officials say the new strategy - with a focus on MFA, asset inventories, traffic encryption, and more - is a key step in delivering on Biden's May 2021 executive order.
How do you identify a BIN - Bank Identity Number - attack, let alone stop it? Ernie Moran, senior vice president of risk at Brightwell Payments, shares his experience of how he managed a BIN attack on his firm.
Amid the current ransomware surge, it's time for the principle of least privilege to meet endpoint security and be a new foundational security control, says David Higgins of CyberArk. He outlines the cybersecurity use cases and potential business benefits.
New York State Attorney General Leticia James detailed a credential stuffing investigation that showed the compromise of 1.1 million user accounts linked to "well-known" retail operations. The 17 companies involved reportedly agreed to put new measures in place to mitigate cyber risks.
Mobile carrier T-Mobile fell victim to another data breach, this time linked to a SIM swap attack that affected "a very small number" of its 105 million customers. Details remain scarce, but T-Mobile says it has enacted proper incident response protocols to limit the number of people affected.
ISMG's global editorial team reflects on the top cybersecurity news and analysis from 2021 and looks ahead to the trends already shaping 2022. From ransomware to Log4j, here is a compilation of major news events, impacts and discussions with leading cybersecurity experts on what to expect in the new year.
On the cusp of 2022, John Kindervag - the father of the Zero Trust security model - reflects on how the Zero Trust dialogue has evolved in 2021 and makes his New Year's predictions. Will the president's executive order be an accelerator or an anchor? Which myths are ripe to be busted?
Jeremy Grant, coordinator of the Better Identity Coalition, joins three ISMG editors to discuss important cybersecurity issues, including how the Biden administration’s executive order will advance the identity cause, and whether we are any closer to finally abandoning the password.
cloud migration, and the work from anywhere
model are opening up a world of possibilities
for organizations, pushing them to reinvent
core business models and unlock new revenue
On the other hand, from SolarWinds
to the recent Colonial Pipeline attack, it has
While there are many solutions that claim to simplify certificate lifecycle management, not all of
them are built to address the unique complexities of today’s expansive and distributed digital
When evaluating a certificate management solution, it is important to look for
key capabilities that...
The time for Machine Identity Management is NOW. Hear from 1,000 security and public key infrastructure (PKI) professionals on how automation and SaaS redefine Next-Gen Machine Identity Management.
Download the 2021 report now.
Join this on demand session to learn how attackers are leveraging credentials, Active Directory, and the vast over provisioning of entitlements to successfully conduct some of the most damaging attacks that we have ever seen.
Join John O’Neill the Chief Information Security Officer at Molded Fiber Glass (MFG) Companies and Carolyn Crandall the Chief Security Advocate at Attivo Networks for a lively discussion on Identity Security as the Next Big Thing.
When it comes to managing identities, most enterprises make the mistake of having silos of identity systems in place, says Deepak Prasad, customer engineer, security specialist at Google Cloud. He discusses the benefits of a consolidated identity system.