Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The new funding gives Minneapolis-based NetSPI an extended runway to compete and find profits in the fast-growing attack surface management business. [Read More]
Thirty-nine cybersecurity-related M&A deals were announced in September 2022. [Read More]
Israeli startup LayerX has joined the list of companies scoring investor interest in the tricky enterprise browser market. [Read More]
In this Q&A from the SecurityWeek CISO Forum, venture capital investors discuss the state of cybersecurity investments, business strategies in a confusing economic climate, predictions on hot and not-so-hot product categories, and what happens with all those cybersecurity unicorns. [Read More]
Microsoft intercepts a Lazarus sub-group rigging popular open source software utilities to plant dangerous malware implants. [Read More]
The funding frenzy in the software supply chain space now includes Ox Security, an Israeli startup that just raised a whopping $34 million in seed funding. [Read More]
Recent high-profile cyberattacks have demonstrated the effectiveness of an interesting method for getting past MFA. [Read More]
SentinelLabs researchers are kick-starting a crowdsourced effort to understand a new mysterious APT hitting hitting telcos, ISPs and universities in the Middle East and Africa. [Read More]
The Ukrainian government is proactively warning that Russia is planning “massive cyberattacks” against critical infrastructure targets in the energy sector. [Read More]
Twitter has logged out some users from their accounts after learning of a security issue related to password resets. [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Joshua Goldfarb's picture
Change may not always be on the docket, but when it is, how can we embrace it, understand it, and work to create a constructive environment around it?
Jim Ducharme's picture
In just about every case of digital identity, there seems to be a set of credential recovery mechanisms that are weaker than the authentication method itself.
Torsten George's picture
Organizations should recognize that not all authenticators are equally vulnerable to the mechanisms used to break the trust chain, which range from simple guesswork to coercion.
Jim Ducharme's picture
Now is the time to evaluate what methods of authentication will best serve your organization on the path to a passwordless future.
Jim Ducharme's picture
If you want to succeed with FIDO, you have to be ready. Now is the time to assess your organization’s authentication needs, how they are evolving, and the dynamics of your user population.
Jim Ducharme's picture
It’s time to address some myths about how facial recognition works, to help increase consumer comfort with biometric-authentication technology.
Torsten George's picture
Companies should consider moving to a Zero Trust approach, powered by additional security measures such as multi-factor authentication, to stay ahead of the security curve and leave passwords behind for good.
Jim Ducharme's picture
The ultimate goal for identity and access management (IAM) is not to find the unbreakable or “unhackable” code for authentication; rather, it’s to layer security to create a much stronger identity assurance posture.
David Holmes's picture
The debate about the deprecation of SMS as an authentication system is less about the agreed-upon insecurity of SMS and more about what can replace it. SMS survives because of its ubiquity, period.
Torsten George's picture
Shifting traditional perimeter-based enterprise security strategies to a Zero Trust approach provides more robust prevention, detection, and incident response capabilities to protect continuously expanding attack surfaces.