Attackers crave insider-level access to IT infrastructure and regularly target insiders - and especially administrators- to steal their credentials, says BeyondTrust's Karl Lankford, who advises organizations to ensure they manage, monitor and audit all privileged access.
Provisioning and deprovisioning employee credentials is a critical component of mitigating insider threats, says Andrew Clarke of One Identity, who discusses the importance of identity and access management.
Bad news for anyone who might have hoped that the data breach problem was getting better. "Anecdotally, it just feels like we're seeing a massive increase recently," says Troy Hunt, the creator of the free "Have I Been Pwned?" breach-notification service. Unfortunately, he says, the problem is likely to worsen.
Organizations that want to ensure they have a solid cybersecurity strategy must ensure they rigorously pursue best practices, monitor their infrastructure, eliminate vulnerabilities as well as prepare for the worst, says Andrew Gogarty of Secon Cyber.
An Account Takeover (ATO) attack is exactly
what it sounds like: a bad actor acquires an
authorized user's login credentials, most
often by leveraging reused or similar passwords from previously breached sites.
With millions of usernames and passwords
stolen each year, ATOs are more common than
ever. Yet a...
Defending organizations against attackers is more challenging than ever. "The complexity and sophistication of the threats has increased," says Cisco's Mark Weir. "What we're seeing a lot of at the moment as well is intellectual property theft."
Visibility, or a lack thereof, continues to challenge organizations as they attempt to protect their businesses by knowing which systems, applications and data they have, says AlgoSec's Jeffrey Starr. He discusses how centralized visibility, control and automation can help.
With the volume of data breaches and cyberattacks continuing to rise, organizations are increasingly relying on breach and attack simulation tools to provide more consistent and automated validation of controls, says Cymulate's Tim Ager.
The annual Infosecurity Europe conference this year returned to London. Here are visual highlights from the event, which featured over 240 sessions and more than 400 exhibitors, 19,500 attendees and keynotes covering data breaches, darknets, new regulations and more.
Singapore's Personal Data Protection Commission is seeking feedback on the government's plan to amend the Personal Data Protection Act to create a tough breach notification mandate. In the meantime, the PDPC has issued data breach management guidelines to help organizations prepare for the new requirements.
Data breaches, incident response and complying with the burgeoning number of regulations that have an information security impact were among the top themes at this year's Infosecurity Europe conference in London. Here are 10 of the top takeaways from the conference's keynote sessions.
Computol is a technology provider with nearly 40 years of experience
providing network management and data protection services. Today, the MSP
manages these services for more than 30 clients across the USA, protecting
29 TB of data in the cloud alone.
In order to exceed their clients' needs, Computol's team of IT...
Digital transformation impacts the way that organizations deal with cybersecurity risk, says Tim Wilkinson of Avast Business, who provides advice on how to place security at the center of the transformation.