Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Video conferencing platform Zoom this week announced that all user accounts can now benefit from improved protection, courtesy of support for Two-Factor Authentication (2FA). [Read More]
Yubico releases YubiKey 5C NFC, a new security key that features both NFC and USB-C connections. [Read More]
Vulnerabilities in the implementation of the payment card EMV standard allow for the mounting of attacks targeting both the cardholder and the merchant. [Read More]
Microsoft this week announced that the Transport Layer Security (TLS) 1.3 protocol is now enabled by default in Windows 10 Insider Preview builds, and that it will be rolled out to all Windows 10 systems. [Read More]
Password management solutions provider Keeper Security has raised $60 million in growth funding. [Read More]
Anti-fraud platform provider SpyCloud on Tuesday announced that it raised $30 million in a Series C funding round. [Read More]
Secure Access Service Edge (SASE) and Network-as-a-Service (NaaS) solutions provider Perimeter 81 has closed a $40 million Series B funding round that brings the total raised by the company to $65 million. [Read More]
Symmetry Systems, a provider of Data Store and Object Security (DSOS) solutions, has emerged from stealth mode with $3 million in seed funding. [Read More]
Silverfort, a provider of an agentless, proxyless authentication platform, has raised $30 million in a Series B funding round led by Aspect Ventures. [Read More]
Google this week announced a series of security and ease-of-use improvements for the Autofill feature in Chrome. [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Torsten George's picture
The tactics, techniques, and procedures (TTPs) used in the Twitter attack were not much different than in the majority of other data breaches and serve as valuable lessons for designing a modern cyber defense strategy.
Jim Ducharme's picture
Let’s look at some real-world examples of the identity management challenges remote work is creating, and at what it means to rethink identity governance and lifecycle to meet those challenges.
Torsten George's picture
The integration of identity with security is still work in progress, with less than half of businesses having fully implemented key identity-related access controls according to a research study.
Torsten George's picture
Today’s economic climate exacerbates risks of insider threats, as pending furloughs or pay cuts may tempt employees to exfiltrate data to secure a new job, make up for income losses, etc.
Torsten George's picture
With IT budgets being cut back in response to the economic contraction caused by the current health crisis, security teams need to deliver more with less.
Torsten George's picture
Static passwords lack the ability to verify whether the user accessing data is authentic or just someone who bought a compromised password.
Jim Ducharme's picture
If there’s one thing you can be sure of about user authentication methods today, it’s that determining the best choice isn’t as simple or straightforward as it used to be.
Josh Lefkowitz's picture
As the technology and tools to leverage stolen credentials advance, defenders should seek out innovative new ways to proactively flag exposed passwords leveraging insights gleaned from illicit communities and open-web dumps.
Jim Ducharme's picture
As the workforce continues to evolve, a one-size-fits-all approach won’t work for different identity and access management needs across organizations.
Torsten George's picture
Perimeter-based security, which focuses on securing endpoints, firewalls, and networks, provides no protection against identity- and credential-based threats.