A compromise of sensitive health information affecting nearly 38,000 individuals discovered nearly a year after a terminated company executive accessed the data spotlights some of the top security and privacy challenges covered entities and business associates face with insiders.
As organizations look to streamline the way they work, they can introduce unknown cybersecurity gaps that make them vulnerable to a ransomware attack. CyberArk's Bryan Murphy shares insight on how CISOs and CIOs can implement a strong identity security program and prevent breaches.
Microsoft has indicated it will make changes to reduce the risk around what a security vendor says is a vulnerability that lets attackers run brute-force credential attacks against Azure Active Directory. The issue was reported to Microsoft in June by SecureWorks' Counter Threat Unit.
Dwell time, double extortion, supply chain attacks - ransomware has changed considerably over the course of the year, and CyberArk's Andy Thompson says there is much we can learn from the attacks - both the unsuccessful and successful ones - and how they take root.
Cyberattacks on third-party providers are far-reaching and dangerous for the global economy and supply chain. They are also not new; Target’s significant data breach in 2013 just brought them into the headlines. The fact that a vendor became an attack vector for hackers was a major "aha moment" for both...
Microsoft has officially gone fully passwordless, allowing Windows users to replace their alphanumeric passwords with one of several substitute sign-in technologies to gain entry into a Microsoft product - a move received positively by industry insiders.
A cloud access security broker, usually referred to as a CASB, offers a security gateway between your company’s IT infrastructure and that of a cloud provider. It is a critical tool organizations can use to holistically secure an organization from endpoint to cloud.
Travis CI, a Berlin-based continuous integration testing vendor, has patched a serious flaw that exposed signing keys, API keys and access credentials, potentially putting thousands of organizations at risk. Those using Travis CI should change their secrets immediately.
The White House is preparing executive branch agencies to adopt "zero trust" network architectures by 2024, with CISA and the OMB overseeing the creation of technology road maps that departments must follow. This is a major component of President Biden's cybersecurity executive order.
Implementing a comprehensive identity security program might be described as a Holy Grail. But what does it mean to reduce the complexity for organizations and their employees? CyberArk's David Higgins outlines how to modernize an organization’s identity and access management, or IAM.
The Ragnar Locker ransomware operation has been threatening to dump victims' stolen data if they contact police, private investigators or professional negotiators before paying a ransom. But as one expert notes: "Perhaps the criminals watched too many TV shows, because this isn’t how the real world works."
As organizations find themselves amid cloud migration, what should they be discussing in regard to what they want to move to the cloud and how to protect identities? CyberArk's Khizar Sultan offers his vision of a migration road map and milestones.
The Department of Defense did not effectively control access to the health information of high-profile personnel, says a new watchdog agency report, which hints that the findings also may indicate ineffective access control over other DoD employees' health records.
At least 10 U.S. government agencies are planning to increase the use of facial recognition technologies by 2023, according to a GAO report. The growing utilization comes as facial recognition technology raises privacy concerns.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.