With countless devices and services all connected to each other without clear perimeters, verifying user identities and controlling their access to sensitive resources becomes more important than ever, but also far more difficult to achieve, says Hed Kovetz of Silverfort.
Improvements in behavioral biometrics and analytics are changing the way many financial services firms approach authentication. And more companies also are taking a "zero trust" approach to improve identity and access management, according to two security experts interviewed at RSA 2020.
Dell Technologies has agreed to sell its RSA security division to private equity firm Symphony Technology Group in an all cash deal worth more than $2 billion, the companies announced Tuesday. The news comes on the eve of the annual RSA Conference in San Francisco, which starts Monday.
Information Security Media Group, a premier media partner at the annual RSA Conference, will conduct over 200 video interviews at this year's event with cybersecurity thought leaders, executives, CISOs and sponsors.
Time for a fresh edition of "learn from how others get breached" focusing on Equifax. The goal is not blame, but rather to highlight specific missteps so others can avoid making the same mistakes. The Equifax breach offers a plethora of takeaways to help organizations better repel attackers.
Twitter says it has fixed an API problem that would have allowed someone to match phone numbers en masse to corresponding accounts, which could potentially unmask anonymous users. The flaw could have been found and exploited by state-sponsored actors, the social media firm warns.
Conferencing service provider Zoom has fixed a vulnerability that - under certain conditions - could have allowed an uninvited third party to guess a meeting ID and join a conference call. The exploitation of the flaw revolves around guessing IDs for meetings that aren't password-protected.
Deception technologies offer a way to shift away from a purely defensive "detect and response" posture toward a more proactive offensive approach that draws stealth cyberattackers into the open before a breach.
The Reserve Bank of India has decided to allow all banks to use remote video-based "know your customer" authentication for onboarding new clients. But some observers say many Indian banks may prove reluctant to use video KYC because they lack the necessary technology and new customers lack smartphones.
A baby photo and video-sharing app called Peekaboo Moments is exposing sensitive logs through an exposed Elasticsearch database, a researcher has found. The data includes baby photos and videos, birthdates, location data and device information.
Adopting the policies in NIST 800-171 brings multiple security-related benefits, including best practices for data access policies, reduced risk of data breaches and insider threats, and a scalable approach to protecting sensitive data.
"Zero Trust" security is rapidly transitioning from a marketing buzzword to a practical methodology for protecting today's global networks. Stan Lowe, global CISO of Zscaler, shares his 2020 vision for zero trust.
Credential stuffing is a growing problem that's difficult to address, says Troy Hunt, creator of the Have I Been Pwned data breach notification service, who sizes up mitigation efforts.
Identity and Access Management is at the epicenter of many corporate security vulnerabilities. Markku Rossi of SSH Communications Security discusses how a "Just-in-Time" approach to credential management eliminates standing privileges.
The National Institute of Standards and Technology has released three biometric datasets to help organizations research new types of secure digital identification systems and authentication processes. NIST also released a study on facial recognition technology that raises some concerns.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.