Infosec Island
Social Security Administration’s Second Attempt at 2FA Fails Federal Government’s Own Standards, Not Secure
June 06, 2017 Added by:Alexandre Cagnoni
The Social Security Administration (SSA) recently instituted its latest precautions to identify threats and protect citizens’ information by making two-factor authentication mandatory for all users.
Comments (0)
Bracing for the Future of Information Security Threats
April 04, 2017 Added by:Steve Durbin
New attacks will impact both business reputation and shareholder value, and cyber risk exists in every aspect of the enterprise. Here are the top nine threats to information security over the next two years.
Comments (0)
Exchanges in History: What Third Party Cyber Risk Management (TPRM) Programs Can Learn from the Past
March 09, 2017 Added by:Scott Schneider
Throughout history, whenever organizations, governments, or industries have used an exchange to share information, great transformation has taken place.
Comments (0)
The Dark Side of the Force: Hacktivism Takes Center Stage in 2016
December 21, 2016 Added by:Dan Lohrmann
A new world of hacking motivations and causes is starting to develop — along with convenient, easy-to-use tools for computer novices to do many dangerous things online.
Comments (0)
Top 10 Cloud and Security Predictions for 2017
December 14, 2016 Added by:Shehzad Merchant
In the coming year, we might see a number of significant changes with respect to both the public cloud and information security.
Comments (0)
Minimize “Dwell Time” to Cut the Cost of Data Center Breaches
October 20, 2016 Added by:Dave Burton
If enterprises are serious about curtailing the cost of data breaches, it’s time to shift their focus to one of the chief culprits driving up the cost of breaches: dwell time.
Comments (0)
Paving the Road to Digital Transformation
August 18, 2016 Added by:Jackson Shaw
Digital transformation has arrived and organizations are embracing the latest innovations to provide customers with anytime, anywhere, any way access.
Comments (0)
Black Hat, DEFCON and the Summer of Our Discontent
July 21, 2016 Added by:Paul Shomo
I see wisdom behind the instinct to resist information authority. Human hierarchy tends to pyramid into increasingly fewer numbers up top. If you're going to fight for rights, there are more individuals at the bottom and more power to abuse from above.
Comments (0)
Microsoft Blocks Certain Passwords
June 10, 2016 Added by:Dean Wiech
The steps Microsoft is making are definitely a move in the right direction to protect users from potential social hacking with easily guessable passwords.
Comments (0)
Cloud Security Can’t Be Ignored Anymore, Thanks to Millennials
May 09, 2016 Added by:Vanishree Rao
Thanks to digital preferences of millennials, increased digitization and cloudification will drive the demand for cloud security products and services.
Comments (0)
Bangladesh Bank: Why Aren't We Talking About Privileged Account Management?
April 26, 2016 Added by:Jim Legg
While prevention of the initial breach is an important layer of an enterprise security strategy, perimeter-based threat protection alone is not sufficient to protect against today’s increasingly sophisticated and targeted external security threats.
Comments (0)
Managing Insider Threats in Today's Digital Age
April 05, 2016 Added by:Steve Durbin
Most research on the insider threat focuses on malicious behavior. However, insider negligence and insider accidents comprise a greater and growing proportion of information security incidents. Chief Information Security Officers (CISOs) who limit their thinking to malicious insiders may be gravely miscalculating the risk.
Comments (0)
Protecting Yourself (and Your Organization) from Ransomware
April 04, 2016 Added by:Dan Lohrmann
While media attention has focused on global terrorist incidents and the presidential primaries, a growing number of business emergencies caused by ransomware are sweeping the world. The risk of this situation escalating into a significant public- or private-sector crisis is growing.
Comments (0)
Reducing the Attack Surface is a Fool’s Errand
April 01, 2016 Added by:Paul Morville
This April Fool’s Day, let’s acknowledge that a security strategy focused exclusively on patching and prevention is a fool’s errand and let’s move towards an adaptive approach that includes prevention, detection, continuous visibility and response.
Comments (0)
Why You Should Move Security Away from Security
March 31, 2016 Added by:Nimmy Reichenberg
Automating your security processes and aligning the various groups within your IT department is key to successfully migrating selected operations away from your security team.
Comments (0)
Bringing Innovation into Cyberdefense Technologies
February 22, 2016 Added by:Larry Karisny
When I spoke on the need for cybersecurity innovation at the January ITEXPO conference in Fort Lauderdale, Fla., I sensed something interesting about my cybersecurity colleagues: They don't seem to care about innovation; they care about having a job in cybersecurity.
Comments (0)
- How Does UC in the Cloud Impact Your Security Posture?
- How to Prevent Ransomware and Cyberattacks
- SAP Cyber Threat Intelligence report – July 2017
- WannaCry: How We Created an Ideal Environment for Malware to Thrive, and How to Fix It
- NotPetya — 'Ransomware' That Spreads like a Worm
- Convenience Comes at a Steep Price: Password Management Systems & SSO
- How Does Samba Compare to WannaCry?
- The Security Risk Within Smart Cities
- Follow the Money — Stemming Hacker Habits
- Survey Shows Employers under Pressure to Keep Mobile Workers Safe