When he co-founded the firm Beyond Identity in 2020, serial entrepreneur Jim Clark said he felt somewhat responsible for the proliferation of passwords. Now he and partner Tom Jermoluk are doing something about it. They are providing access to their passwordless technology for free. Clark explains why.
The SolarWinds supply chain compromise has raised questions over how to detect software that has been tainted during the vendor's development and build process. A concept called verified reproducible builds could help, says David Wheeler of the Linux Foundation.
When deploying automation in their security operations centers, organizations should start with "small and simple things," advises Nat Smith of Gartner, who also offers tips on retaining skilled SOC analysts.
The threat posed by software supply chain attacks is growing, but organizations can take steps to minimize the risks. Trey Herr of the Atlantic Council outlines ways to gain more insight into supply chain problems.
As the U.S. marks its first anniversary of fighting COVID-19, pandemic expert Regina Phelps says the next several, critical weeks come down to two vital words: vaccines and variants. "Those are going to determine our destiny for the long and foreseeable future," she says.
To help mitigate supply chain risks, organizations should leverage web scraping tools, social media analytics tools and robotics to verify third-party providers, says Arpinder Singh of Ernst & Young.
Organizations with largely remote workforces must strengthen their dynamic authentication processes to enhance security, says Sridhar Sidhu, senior vice president and head of the information security services group at Wells Fargo.
Chris Kubic, former CISO of the National Security Agency, describes how deception technology can change the defensive landscape: "Where deception comes into play is for the unknown threats, the things that are either an attack you haven't seen before or the attacker evolved their technique."
The physical breach of the U.S. Capitol by a violent mob, members of which allegedly accessed lawmakers' systems and stole devices, offers cybersecurity professional lessons to learn on authentication, encryption and more, says cybersecurity expert Brian Honan.
Many companies claim to be successfully using artificial intelligence for security, but the use cases are still not convincing because the technology is incapable of detecting unknown malware, says Guy Sheppard of SWIFT.
Adam Turteltaub, chief engagement and strategy officer at the Society of Corporate Compliance and Ethics, says compliance teams should create a dashboard of data that will help keep track of actions taken by staff members who are working remotely.
Among remote workers, senior managers apparently are taking cybersecurity hygiene far less seriously than rank-and-file employees, a recent survey shows. Kathy Ahuja of OneLogin offers an analysis.
From contact tracing to data transfer to the new California Privacy Rights Act, 2021 already is shaping up to be a big year for privacy. Trevor Hughes, CEO and president of the International Association of Privacy Professionals, offers a "state of privacy" overview.
"Multisectoral" authentication can help to ensure that government benefits are provided to the right recipients, says Joni Brennan, president of the Digital ID & Authentication Council of Canada.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
