Not knowing where all the data resides in an organization is a major hurdle when it comes to protecting and securing that data, says Prakash Kumar Ranjan, senior manager and lead, IT and information security audit, Airtel Payments Bank.
Ten years since he coined the term "zero trust," John Kindervag, field CTO of Palo Alto Networks, sees CISOs increasingly being faced with the challenge of having to implement the "never trust, always verify" model across increasingly complex IT environments, including cloud and IoT.
Passwords are the access point to almost every system in our environment. Can they ever truly be replaced? John Bennett of LogMeIn talks about the steps necessary to create a secure, passwordless login experience.
The Reserve Bank of India has decided to allow all banks to use remote video-based "know your customer" authentication for onboarding new clients. But some observers say many Indian banks may prove reluctant to use video KYC because they lack the necessary technology and new customers lack smartphones.
Identity and Access Management is at the epicenter of many corporate security vulnerabilities. Markku Rossi of SSH Communications Security discusses how a "Just-in-Time" approach to credential management eliminates standing privileges.
The latest edition of the ISMG Security Report discusses new combination ransomware and doxing attacks. Plus, Twitter drops phone numbers in 2FA, and why we need to consider quantum cryptography today.
Students are increasingly turning to online universities as part of their educational experience. To keep students engaged, these platforms must provide positive user experiences, be consistently available, and remain secure. Cloudflare provides a scalable, easy-to-use, unified product stack to deliver security,...
Udacity is an online education company focused on making entry-level tech jobs more accessible through "Nanodegree" educational programs. Students from hundreds of different countries have gone through Udacity's programs, and some have been hired by top tech companies including Google, Amazon, and Facebook....
Employees view the ability to bring their own devices into their workplace life as a prerequisite for any job, which complicates organizations' identity management and cybersecurity efforts, says Barry McMahon of LastPass.
Scammers are using the notorious Phorpiex botnet as part of an ongoing "sextortion" scheme, according to Check Point researchers. At one point, the botnet was sending out over 30,000 spam emails an hour and the attackers made about $110,000 in five months, researchers say.
Organizations are accepting that the network perimeter no longer serves as the "ultimate defense" and thus adapting zero-trust principles, including least privilege, based on the understanding that they may already have been compromised, says Darran Rolls of SailPoint.
What's the purpose of ISO 27701, the new privacy extension to the ISO 27001 information security management standard? Matthieu Grall, CISO and DPO at SodiFrance, a French IT services company, who participated in development of 27701, explains the standard and discusses "privacy by design" compliance issues.
Gartner recently recognized Okta as a Leader in the "Magic Quadrant for Access Management" for the third year in a row. Additionally, Okta has been placed highest both "Ability to Execute" and "Completeness of Vision" making us the first vendor in the report's history to do so.
Okta believes this recognition from...