Apple, Google and Microsoft are joining forces to back a standard that will allow websites and apps to offers passwordless sign-ins across devices and platforms. The three OS and browsing giants have put their weight behind a common passwordless sign-in standard created by the FIDO Alliance.
John Kindervag, creator of Zero Trust, and two ISMG editors discuss whether we have advanced or regressed in security technology, implementing Zero Trust security in OT environments, and how federal agencies are progressing with Zero Trust adoption a year after the cybersecurity executive order.
Private equity giant Thoma Bravo has agreed to purchase identity security powerhouse SailPoint for $6.9 billion in the sixth-biggest cybersecurity acquisition of all time. The deal will give SailPoint the flexibility needed to support its customers, expand its markets and accelerate innovation.
Keeping up with myriad data privacy and information security regulations has never been easy. Security mandates are complicated and constantly evolving. Adding to the complexity: organizations often face deadlines to meet compliance objectives – and fast.
Across industries and regions, compliance frameworks...
Life comes at you fast, especially when you're a breached business such as Okta, which may have exposed customer data or otherwise put the businesses paying for your product at risk. Here's how after detecting the breach, Okta fumbled its response, and what others should learn from this experience.
Okta says it should have notified customers of a breach earlier and that Lapsus$ compromised a laptop belonging to Sitel, a third-party customer support firm, via remote desktop protocol, enabling it to infiltrate Okta's network. Cybersecurity experts discuss the impact of the breach and offer mitigation advice.
In the coming weeks, U.S. President Joe Biden will announce a new executive order to prevent and detect identity theft involving public benefits. Jeremy Grant, coordinator of the Better Identity Coalition, discusses the challenges ahead for the government in combating criminal and identity fraud.
This report analyzes how sanctions levied against Russia and Belarus for the invasion of Ukraine are affecting security researchers in those countries who participate in bug bounty programs. It also examines lessons to be learned from data breaches and developments in passwordless authentication.
Healthcare sector entities increasingly need to implement a zero trust approach with their security, says federal adviser Erik Decker, CISO of Intermountain Healthcare. Zero trust, he says, integrates "a lot of different architecture and systems … that have to work in concert with each other."
In the new "Proof of Concept," John Kindervag, Zero Trust creator and senior vice president of cybersecurity strategy at ON2IT, and Jeremy Grant, managing director of technology business strategy at Venable, join ISMG's Anna Delaney and Tom Field to discuss trending Zero Trust and identity issues.
Older consumers are considered a more vulnerable population. They are the best kind of customers, and cybercriminals know that. They are known for having better credit and more funds, tend to be more trusting, and lack familiarity with new digital technologies. Fortunately, there is a way to help financial...
Zero trust, identity-first and perimeter-less security - they all need digital identities to establish digital trust. Join Sectigo's CSO and former Gartner analyst David Mahdi to learn about the importance of identity-first security and establishing digital trust for human and machine identities.
The accelerated consumption of digitized services has not only changed the banking landscape - it has affected anti-money laundering risks and defenses. David Stewart and Paul Franks of SAS weigh in on emerging risks, defenses and shifts in the AML compliance landscape.
Employees with too much access can pose an insider threat. When employees have access to more than they need to do their job, there are more opportunities for mistakes, whether accidental or not. Lack of accountability means you
don’t know who did what, when. If too many people have the same level of access and...
Yelp gives its employees the flexibility to use the applications or tools required to be as productive as possible. With that flexibility, however, came the risks of Shadow IT, which is the use of software without explicit IT department approval. In order to allow their employees to maintain flexibility with...