In the latest "Proof of Concept," Lisa Sotto, Jeremy Grant and ISMG editors discuss the significance of Apple, Google and Microsoft supporting the FIDO protocol's passwordless sign-in standard, progress made on Biden's cybersecurity executive order and updates on U.S. cybersecurity and privacy laws.
A surprising improvement in loss ratios for cyber insurance providers in 2021 means the rapid rise in premiums might at last subside later this year. The loss ratio declined for the first time since 2018 despite the frequency and severity of claims filed for cyberattacks increasing again in 2021.
In the coming weeks, U.S. President Joe Biden will announce a new executive order to prevent and detect identity theft involving public benefits. Jeremy Grant, coordinator of the Better Identity Coalition, discusses the challenges ahead for the government in combating criminal and identity fraud.
Establishing Zero Trust in hybrid cloud environments starts with strong access management. From multi-factor authentication to least privilege access, this eBook covers best practices for securing Identity in the cloud with CyberArk Identity Security Solutions and AWS IAM Solutions, including:-Single Sign-On (SSO) and...
As Russia's invasion of Ukraine continues, what should global CISOs and security teams do to ensure that their organizations stay protected? Beyond following cybersecurity agencies' guidance, experts offer advice on how to brief the board of directors, appeal for resources, support teams and more.
On this week's "Sound Off," we ask John Kindervag, the founder of Zero Trust, for his reaction to the recently released Office of Management and Budget federal strategy to move the U.S. government toward a mature Zero Trust architecture.
Four ISMG editors discuss: how too many organizations fail to implement basic cybersecurity defenses - such as MFA; a proposed lawsuit against health insurer Excellus that calls for an improvement to its data security program; and strategies for securing open-source and other software components.
OMB on Wednesday released a federal strategy to move the U.S. government toward mature zero trust architectures. White House officials say the new strategy - with a focus on MFA, asset inventories, traffic encryption, and more - is a key step in delivering on Biden's May 2021 executive order.
Risk management is essential to the existence of every business. It requires organizations to consider which risks they can accept and which risks they can mitigate. But the problem with risk acceptance is that attackers are "actively looking for risks that you haven't mitigated that they're able to exploit," says...
When Lyndon Brown, chief strategy officer at Pondurance, discusses modern MDR, he frames the conversation around the evolution of incident response - both with a big "R" and with a small "r" - as well as who should now be providing this service.
Social engineering scams are on the rise worldwide. In the last year, the number of social engineering scams have increased 57%, and impostor scams were the number one type of fraud reported by consumers, according to the U.S. Federal Trade Commission.
Legacy fraud prevention controls that rely on device, IP and...
Multi-factor authentication is defined as two out of the three categories of knowledge, possession, and inherence
factors. For example, a password plus SMS OTP would be a combination of knowledge and possession; a
password with biometric would be a combination of knowledge and inherence.
However, there’s also a...
In this video, LogicGate and Protiviti explores the fundamentals of risk quantification and highlight how the practice empowers you to leverage the power of risk confidently and strategically.
Risk can be a confusing topic, summarized in heatmaps with low, medium, and high as the most accurate indicators.
While valuable to GRC pros, it’s only a small piece of the puzzle. And, more importantly, it’s decidedly not speaking the same language as the rest of the organization.
Risk professionals can now...
The latest edition of the ISMG Security Report features insight from U.S. Sen. Angus King on why the federal government needs to declare a clear response to cybercriminals in order to deter them. Also featured: Ransomware affiliates gain power and promoting diversity of thought in cybersecurity.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.