Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
What's in Store for Privacy in 2021
Changes are coming to the privacy landscape, including more regulations and technologies.
3 Tips For Successfully Running Tech Outside the IT Department
When marketing opts for "extra-departmental IT," coordination and communication are required to keep things secured.
How to Avoid Getting Killed by Ransomware
Using a series of processes, infosec pros can then tap automated data hygiene to find and fix files that attackers key in on.
Cloud Usage, Biometrics Surge As Remote Work Grows Permanent
A new report reveals organizations are increasing their adoption of biometric authentication and disallowing SMS as a login method.
Neural Networks Help Users Pick More-Secure Passwords
Typically, blocklists are used to prevent users from picking easily guessable patterns, but a small neural network can do the same job and suggests that complex password requirements are not necessary.
A Pause to Address 'Ethical Debt' of Facial Recognition
Ethical use will require some combination of consistent reporting, regulation, corporate responsibility, and adversarial technology.
Credential-Stuffing Attacks Plague Loyalty Programs
But that's not the only type of web attack cybercriminals have been profiting from.
Dealing With Insider Threats in the Age of COVID
Dangerous gray areas like new BYOD policies and shadow IT devices have increased, thanks to the rapid shift to remote working.
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
Attacks involving an unmanaged device and no malware expose gaps in cybersecurity that must be addressed.
Building the Human Firewall
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?
Microsoft Tops Q3 List of Most-Impersonated Brands
The technology sector was also the most likely targeted industry for brand phishing attacks, according to Check Point's latest report on brand phishing.
Online Voting Is Coming, but How Secure Will It Be?
It's time for state governments to act as leaders, adopt digital ID standards, enable new online voting systems, and provide broad-based access to all communities for the benefit of all.
A 7-Step Cybersecurity Plan for Healthcare Organizations
With National Cybersecurity Awareness Month shining a spotlight on the healthcare industry, security pros share best practices for those charged with protecting these essential organizations.
Why MSPs Are Hacker Targets, and What To Do About It
Managed service providers are increasingly becoming the launching pad of choice for ransomware and other online malfeasance.
Researchers Adapt AI With Aim to Identify Anonymous Authors
At Black Hat Asia, artificial intelligence and cybersecurity researchers use neural networks to attempt to identify authors, but accuracy is still wanting.
Biometric Data Collection Demands Scrutiny of Privacy Law
An IT lawyer digs into the implications of collecting biometric data, why it can't be anonymized, and what nations are doing about it.
Permission Management & the Goldilocks Conundrum
In today's COVID-19 era, managing access has become even more difficult, especially for large organizations. Here's how to get it "just right."
8 Reasons Perimeter Security Alone Won't Protect Your Crown Jewels
Most firewalls and security devices effectively protect systems and data, but are they enough to safeguard business-critical applications?
Cybersecurity Bounces Back, but Talent Still Absent
While the demand for cybersecurity talent rebounds, organizations will need to focus on cyber-enabled roles to fill immediate skills gaps.
Taking Security With You in the WFH Era: What to Do Next
As many organizations pivot to working from home, here are some considerations for prioritizing the new security protocols.
Zoom Brings Two-Factor Authentication to All Users
This marks the latest step Zoom has taken to improve user security as more employees work from home.
Top 5 Identity-Centric Security Imperatives for Newly Minted Remote Workers
In the wake of COVID-19, today's remote workforce is here to stay, at least for the foreseeable future. And with it, an increase in identity-related security incidents.
Post-COVID-19 Security Spending Update
Security spending growth will slow in 2020, but purse strings are looser than for other areas of IT.
Don't Forget Cybersecurity on Your Back-to-School List
School systems don't seem like attractive targets, but they house lots of sensitive data, such as contact information, grades, health records, and more.
Deep Fake: Setting the Stage for Next-Gen Social Engineering
Humans are susceptible to normalcy bias, which may leave us vulnerable to disinformation that reinforces our beliefs.
Newly Patched Alexa Flaws a Red Flag for Home Workers
Alexa could serve as an entry point to home and corporate networks. Security experts point to the need for manufacturers to work closely with enterprise security teams to spot and shut down IoT device flaws.
Is Edtech the Greatest APT?
Educational technology is critical but can come at huge costs to student and teacher privacy and security. Are those costs too high?
EU-US Privacy Shield Dissolution: What Happens Next?
In a world that isn't private by design, security and liability implications for US-based cloud companies are huge.
Gamifying Password Training Shows Security Benefits
When picking passwords, users often fall back on certain insecure patterns, but good habits can be learned using simple games, a group of researchers find.
Attack of the Clone: Next-Gen Social Engineering
NeoEYED CTO Tamaghna Basu tells us how he created an AI bot to mimic him, how it could be used in social engineering attacks, and what the experience taught him about the value of true human connections.
Pandemic Credential Stuffing: Cybersecurity's Ultimate Inside Job
How stolen credentials for services like Zoom and password reuse practices threaten to compromise other accounts and applications.
Email Security Features Fail to Prevent Phishable 'From' Addresses
The security features for verifying the source of an email header fail to work together properly in many implementations, according to a team of researchers.
Deepfakes & James Bond Research Project: Cool but Dangerous
Open source software for creating deepfakes is getting better and better, to the chagrin of researchers
4 Steps to a More Mature Identity Program
Security has evolved to evaluate an identity's attributes, access, and behavior to determine appropriate access.
Back to Basics with Cloud Permissions Management
By using the AAA permissions management framework for cloud operations, organizations can address authentication, authorization, and auditing.
5 Steps for Implementing Multicloud Identity
Why embracing, not fighting, decentralization will pave the way to smoother cloud migrations.
The Bigger the News, the Bigger the Cyber Threats
Criminals use disasters, wars, and now pandemics as air cover to focus collective anxiety and fear into highly targeted, malicious messaging.
CISO Dialogue: How to Optimize Your Security Budget
CISOs are never going to have all the finances they want. Hard choices must be made. The CISO of Amazon Prime Video discusses his approaches to a slimmed-down budget.
The Telehealth Attack Surface
Amid the surge in digital healthcare stemming from the coronavirus pandemic, security is taking a backseat to usability.
CSO's Guide to 'Employee-First' Security Operations During COVID-19 & Beyond
As the work-at-home environment continues to inform new ways of doing business, it's important that security teams remain flexible and ready for change.
Thycotic Buys Onion ID to Extend PAM Portfolio
The acquisition brings three new products into Thycotic's privileged access management lineup.
79% of Companies Report Identity-Related Breach in Past Two Years
Two-thirds of organizations surveyed say phishing is the most common cause of identity-related breaches, the IDSA reports.
CyberArk Acquires Idaptive for Identity-as-a-Service Tech
The $70 million deal is intended to help CyberArk strengthen its portfolio with secure and SaaS-based identity management.
Microsoft Identity VP Shares How and Why to Ditch Passwords
Passwords are on their way out, says Joy Chik, who offers guidance for businesses hoping to shift away from them.
Zoom Acquires Keybase, Plans for End-to-End Encrypted Chats
The company's first acquisition to date is part of a 90-day plan to improve security in its video communications platform.
Breach Hits GoDaddy SSH Customers
The October 2019 breach left some customer data open to hacking eyes.
Apple Makes It Easier to Unlock iPhone While Wearing a Mask
The beta release of iOS 13.5 brings an updated FaceID so that users wearing masks can bypass facial recognition and unlock their phone with a code.
Industrial Networks' Newest Threat: Remote Users
We know remote working isn't going away anytime soon, so it's crucial we be extra vigilant about security for industrial networks and critical infrastructure.
7 Secure Remote Access Services for Today's Enterprise Needs
Secure remote access is a "must" for enterprise computing today, and there are options for you to explore in the dynamic current environment.
Increased Credential Threats in the Age of Uncertainty
Three things your company should do to protect credentials during the coronavirus pandemic.
|
Latest Comment: This comment is waiting for review by our moderators.
2021 Top Enterprise IT TrendsWe've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
The Malware Threat Landscape
Download this report to learn about the real makeup of online threats, as reported by the defenders who see them every day.
Tweet This
1 Comments
