What are the expectations, technical implementations, and challenges of using cloud security access brokers (CASB)? Cloud Security Alliance's latest study reveal unrealized gaps between the rate of implementation or operation and the effective use of the capabilities within the enterprise.
From the early days of the web, the concept of authentication has been synonymous with the notion of ‘logging in,’ typically with a username and password. Today, this ubiquity has exploded to the point that the average individual has 191 usernames and passwords acting as one-to-one keys for any website they’ve registered with.
Today, Zero Trust is the subject of much discussion and debate; for instance, is Zero Trust doable in reality or more so in theory?
As many are aware, Zero Trust is a concept that deems everyone (employees, freelancers and vendors) and everything (datacenters, applications and devices) must be verified before being allowed into a network perimeter – whether they are on the inside or the outside of an organization.
The Fourth District Court of Louisiana has been hit by ransomware. Hacking group/ransomware strain Conti has claimed the attack on the US Court, and published apparent proof of the attack on its dark web page this week, CBR reports.
Organizations may consider adopting an adaptive risk-based trust approach to securing their privileged access. This approach uses least-privilege, zero-trust as a baseline for how organizations build trust scores which will then be used to determine the level of security which is required to gain access to the cloud, and specific applications and systems.
Enhanced analytics, intrusion detection, broad surveillance, access control, facial recognition - a few of the solutions explored here to help with all airport and seaport applications.
Executive search and consulting firm Raines International launched its Security Officers Practice, co-developed with The Lake Forest Group, a security services firm specializing in all aspects of security, safety, and compliance.
In the 19 years that have passed since Sept. 11, 2001, Americans have seen significant increases in counterterrorism security in public venues, including more security guards, closed-circuit TV cameras, metal detectors and bag checks. A study by the USC Center for Risk and Economic Analysis of Terrorism Events (CREATE) finds out that people are still willing to pay more for increased security at public venues almost two decades later.
The Human Trafficking Institute rolled out the 2019 State Summaries, which provide an overview of federal human trafficking cases in all 50 states, the five U.S. territories, and the District of Columbia. While the number of forced labor cases has remained steady for a few years, the number of criminal sex trafficking cases as a nation has trended down since 2017.
Recently, two teens and a young adult infiltrated one of Silicon Valley’s biggest companies in a high-profile hack – and the biggest ever for Twitter. Authorities say the 17-year-old “mastermind” used social engineering tactics to convince a Twitter employee that he also worked in the IT department and gained access to Twitter’s Customer Service Portal. The 130-account takeover proved unique, as it was fundamentally a dramatic manipulation of trust and could have had far more world-changing consequences if the attackers had the aspirations of say, a dangerous fringe group versus that of a teenager. There are a few takeaways to learn here, especially when it comes to considering redefining what we classify as “critical infrastructure” and what must be protected at all costs.