News & Commentary

A focus on integrity requires a shift in the way many approach security management, but it's one of the most promising approaches to effective enterprise security.

FIDO Alliance Appoints Facebook to Board of Directors

Quick Hits | 5/16/2018 |

Facebook joins Google, Microsoft, Amazon, and Intel, all among major influential tech companies backing FIDO authentication.

Compliance Complexity: The (Avoidable) Risks of Not Playing by the Rules

Commentary | 5/9/2018 |

Achieving compliance is a challenging process, but with the right systems and customized data management policy, your organization can stay ahead of the next data breach -- and the regulators.

10 Lessons From an IoT Demo Lab

Slideshows | 5/7/2018 |

The Demo Lab at InteropITX 2018 was all about IoT and the traffic - legitimate and malicious - it adds to an enterprise network.

6 Enterprise Password Managers That Lighten the Load for Security

Slideshows | 5/3/2018 |

EPMs offer the familiar password wallet with more substantial administrative management and multiple deployment models.

Spring Clean Your Security Systems: 6 Places to Start

Commentary | 5/2/2018 |

The sun is shining and you have an extra kick in your step. Why not use that newfound energy to take care of those bothersome security tasks you've put off all winter?

A Data Protection Officer's Guide to GDPR 'Privacy by Design'

Commentary | 5/1/2018 |

These five steps can show you how to start building your foundational privacy program for the EU's General Data Protection Regulation.

'Zero Login:' The Rise of Invisible Identity

Commentary | 4/27/2018 |

Will new authentication technologies that recognize users on the basis of their behaviors finally mean the death of the despised password?

12 Trends Shaping Identity Management

Slideshows | 4/26/2018 |

As IAM companies try to stretch 'identity context' into all points of the cybersecurity market, identity is becoming 'its own solar system.'

Despite Risks, Nearly Half of IT Execs Don't Rethink Cybersecurity after an Attack

Commentary | 4/25/2018 |

6 comments

A recent survey reveals a troubling degree of security inertia lurking among scores of organizations. But there are a few bright spots.

Why Information Integrity Attacks Pose New Security Challenges

Commentary | 4/25/2018 |

3 comments

To fight information integrity attacks like the ones recently perpetrated by bots on the FCC's website, we need to change our stance and look for the adversaries hiding in plain sight.

'Stresspaint' Targets Facebook Credentials

News | 4/24/2018 |

New malware variant goes after login credentials for popular Facebook pages.

Digital Identity Makes Headway Around the World

Commentary | 4/23/2018 |

The US is lagging behind the digital ID leaders.

Biometrics Are Coming & So Are Security Concerns

Commentary | 4/20/2018 |

Could these advanced technologies be putting user data at risk?

8 Ways Hackers Monetize Stolen Data

Slideshows | 4/17/2018 |

4 comments

Hackers are craftier than ever, pilfering PII piecemeal so bad actors can combine data to set up schemes to defraud medical practices, steal military secrets and hijack R&D product information.

Companies Still Suffering From Poor Credential Hygiene: New Report

Quick Hits | 4/16/2018 |

Credentials are being mis-handled and it's hurting most companies, according to a new report out today.

Cisco, ISARA to Test Hybrid Classic, Quantum-Safe Digital Certificates

News | 4/13/2018 |

Goal is to make it easier for organizations to handle the migration to quantum computing when it becomes available.

HTTP Injector Steals Mobile Internet Access

News | 4/10/2018 |

Users aren't shy about sharing the technique and payload in a new attack.

Protect Yourself from Online Fraud This Tax Season

Commentary | 4/6/2018 |

Use these tips to stay safe online during everyone's least-favorite time of the year.

Report: White House Email Domains Poorly Protected from Fraud

Quick Hits | 4/4/2018 |

Only one Executive Office of the President email domain has fully implemented DMARC, according to a new report.

Phantom Secure 'Uncrackable Phone' Execs Indicted for RICO Crimes

Quick Hits | 3/16/2018 |

Executives of Phantom Secure have been indicted on federal RICO charges for encrypting communications among criminals.

Voice-Operated Devices, Enterprise Security & the 'Big Truck' Attack

Commentary | 3/15/2018 |

The problem with having smart speakers and digital assistants in the workplace is akin to having a secure computer inside your office while its wireless keyboard is left outside for everyone to use.

Segmentation: The Neglected (Yet Essential) Control

Commentary | 3/14/2018 |

Failure to deploy measures to contain unauthorized intruders is a recipe for digital disaster.

Medical Apps Come Packaged with Hardcoded Credentials

News | 3/14/2018 |

Vulnerabilities in DocuTrac applications also include weak encryption, according to Rapid7.

IoT Product Safety: If It Appears Too Good to Be True, It Probably Is

Commentary | 3/12/2018 |

Proposed new connected-product repair laws will provide hackers with more tools to make our lives less secure.

DevSecOps: The Importance of Building Security from the Beginning

Commentary | 3/9/2018 |

Here are four important areas to tackle in order to master DevSecOps: code, privacy, predictability, and people.

Privilege Abuse Attacks: 4 Common Scenarios

Commentary | 3/7/2018 |

It doesn't matter if the threat comes from a disgruntled ex-employee or an insider anticipating financial gain, privilege abuse patterns are pretty much the same, and they're easy to avoid.

Identity Management: Where It Stands, Where It's Going

News | 3/6/2018 |

How companies are changing the approach to identity management as people become increasingly digital.

What Enterprises Can Learn from Medical Device Security

Commentary | 3/1/2018 |

In today's cloud-native world, organizations need a highly distributed approach that ties security to the workload itself in order to prevent targeted attacks.

How to Secure 'Permissioned' Blockchains

Commentary | 2/28/2018 |

At the heart of every blockchain is a protocol that agrees to the order and security of transactions in the next block. Here's how to maintain the integrity of the chain.

Leveraging Security to Enable Your Business

Commentary | 2/23/2018 |

When done right, security doesn't have to be the barrier to employee productivity that many have come to expect. Here's how.

Takeaways from the Russia-Linked US Senate Phishing Attacks

Commentary | 2/21/2018 |

7 comments

The Zero Trust Security approach could empower organizations and protect their customers in ways that go far beyond typical security concerns.

Facebook Aims to Make Security More Social

News | 2/20/2018 |

Facebook's massive user base creates an opportunity to educate billions on security.

IRS Reports Steep Decline in Tax-Related ID Theft

News | 2/15/2018 |

Research group Javelin confirms that the numbers are trending in the right direction, with total fraud losses dropping more than 14% to $783 million.

Can Android for Work Redefine Enterprise Mobile Security?

Commentary | 2/13/2018 |

Google's new mobility management framework makes great strides in addressing security and device management concerns while offering diverse deployment options. Here are the pros and cons.

Back to Basics: AI Isn't the Answer to What Ails Us in Cyber

Commentary | 2/9/2018 |

The irony behind just about every headline-grabbing data breach we've seen in recent years is that they all could have been prevented with simple cyber hygiene.

Identity Fraud Hits All-Time High in 2017

News | 2/6/2018 |

Survey reports that the number of fraud victims topped 16 million consumers last year, and much of that crime has moved online.

Google Cloud Least-Privilege Function Goes Live

Quick Hits | 1/31/2018 |

Custom Roles for Cloud IAM now available in production from Google.

Passwords: 4 Biometric Tokens and How They Can Be Beaten

Commentary | 1/31/2018 |

Authentication security methods are getting better all the time, but they are still not infallible.

K-12 Study Gives Schools Low Marks for Protecting Student Privacy Online

News | 1/31/2018 |

Survey says local school districts and education departments lack even the most basic security and privacy safeguards.

6 Tips for Building a Data Privacy Culture

Slideshows | 1/26/2018 |

Experts say it's not enough to just post data classification guidelines and revisit the topic once a year. Companies have to build in privacy by design.

New Voice MFA Tool Uses Machine Learning

Quick Hits | 1/25/2018 |

Pindrop claims its new multi-factor authentication solution that uses the "Deep Voice" engine could save call centers up to $1 per call.

Less than 10% of Gmail Users Employ Two-Factor Authentication

Quick Hits | 1/23/2018 |

Google software engineer reveals lack of user adoption for stronger authentication.

One Identity Acquires Balabit

Quick Hits | 1/17/2018 |

Union expands One Identity's privileged access management and analytics offerings.

Oracle Product Rollout Underscores Need for Trust in the Cloud

News | 12/11/2017 |

Oracle updates its Identity SOC and management cloud with security tools to verify and manage users trusted with access to cloud-based data and applications.

Gartner: IT Security Spending to Reach $96 Billion in 2018

News | 12/8/2017 |

Identity access management and security services to drive worldwide spending growth.

Why Security Depends on Usability -- and How to Achieve Both

Commentary | 11/29/2017 |

Any initiative that reduces usability will have consequences that make security less effective.

Uber Paid Hackers $100K to Conceal 2016 Data Breach

News | 11/22/2017 |

The ride-sharing company has confirmed an October 2016 data breach that compromised 57 million accounts.

Who Am I? Best Practices for Next-Gen Authentication

Commentary | 11/15/2017 |

By their very nature, antiquated, static identifiers like Social Security numbers and dates of birth are worse than passwords.

Inhospitable: Hospitality & Dining’s Worst Breaches in 2017

Slideshows | 11/8/2017 |