As security leaders navigate the evolving authentication landscape, passwords remain a vital part of the conversation. While passwordless authentication is gaining attention, our IT and cybersecurity leaders survey reveals that passwords are evolving, not disappearing. High-level security and IT professionals must...
Data warehousing platform Snowflake rolled out default MFA - as well as a 14-character password minimum - to shore up security in the wake of a series of cyberattacks in June that hit high-profile customers including Santander Bank, Advance Auto Parts, LA Unified School District and Neiman Marcus.
Authentication requiring stored credentials is not only vulnerable to phishing and other compromises, but using these credentials can also be cumbersome for busy clinicians, said Tina Srivastava, co-founder of Badge, a provider of deviceless, tokenless authentication technology.
An AI-powered virtual care provider's unsecured database allegedly exposed thousands of sensitive mental health and substance abuse treatment records between patients and their counselors on the internet - where they were available to anyone, said the security researcher who discovered the trove.
Companies care deeply about keeping their identities safe. During the past few years, they have invested in identity and access management (IAM) tools at an incredible pace. By 2028, spending on these tools is projected to grow to $34.5 billion.
So why have a staggering 84% experienced an identity-related breach in...
Microsoft's Sherrod DeGrippo delves into the rise of SIM swapping, the role of social engineering in cyberattacks, and the emerging use of AI by threat actors. She emphasizes the need for real multifactor authentication and advanced strategies to counter these evolving threats.
Organizations globally are seeing exponential increases in online identity threats now sourced from AI-generated content on the Dark Web. This is causing financial losses to consumers and businesses that are actively being targeted. The FTC disclosed “consumers reported losing more than $10 billion to fraud in...
The Department of Health and Human Services is facing some of the same cloud security problems as the healthcare organizations it regulates: weaknesses in a dozen different cloud security controls and inventories of cloud systems, according to an inspector general's audit report.
The Monetary Authority of Singapore said banks will phase out one-time passwords for bank account logins over the next three months for customers who use digital tokens to authenticate their identity. The move follows a rise in phishing scams that impersonate banks in messages to steal credentials.
Keith Bergin, vice president of corporate claims at Tokio Marine HCC, explains how cyber insurers evaluate security measures such as MFA and administrative access control, and describes the integration of threat intelligence and pre-breach services to enhance policyholder security.
In the latest weekly update, ISMG editors discussed the fallout from the recent Snowflake breach and its impact on 165 companies and their users, the ongoing challenges in combating online fraud, and takeaways from ISMG's cybersecurity summit in Chicago.
Who's responsible for the data breaches experienced by customers of the data warehousing platform Snowflake due to credential stuffing attacks? While users have security responsibilities, multiple platforms - including Snowflake - have shortcomings they must urgently address.
Even the most accomplished executive can find the vetting and purchasing of appropriate cyber insurance overwhelming. Understanding that "cyber insurance" is not a legal term or a standard insurance industry term can make this conundrum even more onerous. However, with some background knowledge, preparation, and...
In the latest weekly update, ISMG editors discussed critical infrastructure security challenges, a report on the 2022 Medibank breach compromising personal data for 10 million people, and Fortinet's acquisition to integrate Lacework's cloud-native security into its Security Fabric and SASE platform.
Generali Poland’s innovative approach to cyber insurance includes an anti-phishing initiative and market education efforts to enhance cyber resilience. Learn how these measures aim to support small and medium-sized businesses in Poland - and bridge the knowledge gap in cybersecurity.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.