At the 2018 Gartner Security and Risk Management Summit in National Harbor, MD, privileged account management was named as the top project CISOs should have on their list this year.
As part of Windows 10, Microsoft has touted modern management as an approach that drives improved security and nimble IT operations, resulting in happy users and lower cost for organizations. However, fully realizing the promised benefits of modern management requires more than Microsoft can deliver...
What can admin users do when they have the keys to the kingdom?
This blog covers key questions around the necessary steps in achieving compliance with the latest Defense Federal Acquisition Regulation Supplement (DFARS) and the National Institute of Standards & Technology (NIST) Special Publication 800-171.
For too long we’ve seen organizations unable to successfully operationalize their security investments because they are difficult to implement or their security products work in isolation. Organizations need to connect the dots for greater contextual insight into the threats they face in order to build a defense strategy based on meaningful, real-time intelligence.
I know from my experience of deploying privilege management in global organizations that people think it’s going to be hard. Every organization is facing an endpoint security balancing act. On one hand employees, and their endpoints, need to be secure. But on the other hand, many employees require a free and flexible operating environment.
The National Cyber Security Centre (NCSC) this week marked its first year of operation by revealing a snapshot of its findings from the past 12 months.
The U.S. Securities and Exchange Commission (SEC) has revealed that it’s fallen victim to a hack. In its recent “Statement on Cybersecurity, published by its Chairman, Jay Clayton, it was revealed that its controversial Electronic Data Gathering, Analysis, and Retrieval (EDGAR) system had been compromised last year and "may have provided the basis for illicit gain through trading".
CeX, the second-hand electronics, and video games retailer has reportedly had the details of two million customers compromised by hackers. The information stolen included names, addresses, email addresses and some phone numbers, as well as a small number of encrypted credit card details.
So many times, I have seen security become an afterthought, rather than being an integral part of a design from the outset. Good security design is not always visible and therefore often not very well understood by the c-suite, who pile on the pressure to release systems or improve user freedom.