OMB on Wednesday released a federal strategy to move the U.S. government toward mature zero trust architectures. White House officials say the new strategy - with a focus on MFA, asset inventories, traffic encryption, and more - is a key step in delivering on Biden's May 2021 executive order.
With the explosion of ransomware and stampede of account takeover attacks, MFA has become the “go-to” solution, and a must-have if you want to renew your cyber insurance policy. But many MFA solutions rely on passwords and other “phishable” factors, that are easily bypassed by hackers. In this session, Roger...
Risk management is essential to the existence of every business. It requires organizations to consider which risks they can accept and which risks they can mitigate. But the problem with risk acceptance is that attackers are "actively looking for risks that you haven't mitigated that they're able to exploit," says...
When Lyndon Brown, Chief Strategy Officer at Pondurance, discusses modern MDR, he frames the conversation around the evolution of incident response: Both with a big "R" and with a small "r," as well as who should now be providing this service.
The U.S. Federal Trade Commission reports that impostor scams were the #1 type of fraud reported by consumers last year, with losses to American consumers nearly $30B. UK Finance reported an increase in authorized push payment fraud last year with loss of more than £479M, and top UK bank Barclays reported a 20%...
Multi-factor authentication is defined as two out of the three categories of knowledge, possession, and inherence
factors. For example, a password plus SMS OTP would be a combination of knowledge and possession; a
password with biometric would be a combination of knowledge and inherence.
However, there’s also a...
Risk can be a confusing topic, summarized in heatmaps with low, medium, and high as the most accurate indicators.
While valuable to GRC pros, it’s only a small piece of the puzzle. And, more importantly, it’s decidedly not speaking the same language as the rest of the organization.
Risk professionals can now...
The latest edition of the ISMG Security Report features insight from U.S. Sen. Angus King on why the federal government needs to declare a clear response to cybercriminals in order to deter them. Also featured: Ransomware affiliates gain power and promoting diversity of thought in cybersecurity.
Ransomware incidents are becoming a major cause of health data breaches affecting millions of individuals that have been reported so far in 2021, according to the latest additions to the federal tally. What else is topping the list?
With personal and professional lives merging at unprecedented
rates, strong password hygiene is critical to your business’s success
and security. IT teams must adapt to ensure employees’ credentials
remain secure in a work-from-anywhere world.
Download this report that explores the
password behavior of...
Customer authentication is a critical component of almost every application that exists because it serves as a product gateway impacting 100% of customers. While it is a standard feature, it is not easy to get right and the stakes for getting it right are higher than ever: 46% of customers abandon a transaction...
Explore the shifts in the security landscape that led to the creation of ZeroTrust, what the Zero Trust Extended Ecosystem (ZTX) framework looks like today,
and how organizations can utilize Okta as the foundation for a successful Zero Trust program now, and in the future.
And learn more about:
"There are so many basics we need to get right," says Daniel Dresner, professor of cyber security at Manchester University. In this interview, he discusses the cybersecurity practices that he recommends to make the task of securing small- to medium-sized enterprises less overwhelming.
The White House is preparing executive branch agencies to adopt "zero trust" network architectures by 2024, with CISA and the OMB overseeing the creation of technology road maps that departments must follow. This is a major component of President Biden's cybersecurity executive order.