Duo's Security Blog

AUGUST 24, 2022

However, adding two-factor or multi-factor authentication (MFA) cybersecurity may be a good place to start. All students, faculty, staff and parents should use secure authentication tools like MFA to verify their identity before accessing sensitive school data. What is the K-12 Cybersecurity Act? Want to learn more?

Cybersecurity 52

Cybersecurity Education Insurance Authentication 52

CyberSecurity Insiders

JULY 21, 2021

By: Matt Lindley, COO and CISO at NINJIO. But a survey conducted by Google and Harris found that many people still refuse to adopt even the most essential credential security measures: just 37 percent use two-factor authentication, around a third change their passwords regularly, and a mere 15 percent use a password manager.

Social Engineering 145

Social Engineering Password Management Passwords Phishing 145

SC Magazine

MAY 18, 2021

Such efforts involved encryption, two-factor authentication, secure network access and cloud-based networking. For many companies, “if security was done during the pandemic, it was probably too late,” explained McCarthy’s colleague Sajed Naseem, CISO of New Jersey Courts.

VPN 52

VPN Encryption Authentication CISO 52

BH Consulting

DECEMBER 14, 2021

IOCTA also warned of evolving mobile malware that’s allowing criminals to try to get around additional security measures such as two-factor authentication. In last month’s newsletter, we looked at why using a VPN doesn’t always protect the user. MORE Advice and lessons learned from a young, female CISO.

Cybercrime 59

Cybercrime Mobile DDOS CISO 59

Security Boulevard

MARCH 24, 2021

In a survey of UK&I CISOs, 55% said that human error posed a risk no matter what protections are in place. Always use a virtual private network (VPN). Video conferencing tools with multi-factor authentication and encryption potential. Build an authorization system that is secure and traceable.

Education 57

Education Risk Cybersecurity VPN 57

Duo's Security Blog

NOVEMBER 17, 2020

In the future — which is now, actually — ‘remote access’ will just become ‘access.'" — Wendy Nather, head of advisory CISOs at Cisco's Duo Security The Remote Access Guide Version 3.0 VPN, RDP, third-party vendor, and cloud and web app access are also targets of malicious hackers. In our new 3.0 In our new 3.0

Risk 42

Risk Passwords CISO VPN 42

Cisco Security

OCTOBER 26, 2022

To help protect against this threat when an individual leaves an organization, steps like disabling accounts and ensuring that connections to the enterprise remotely through VPN has been removed can be very valuable. Implementing a mechanism to wipe systems, especially for remote employees, is important as well. .

Ransomware 83

Ransomware Malware Accountability Firewall 83

CyberSecurity Insiders

FEBRUARY 16, 2021

Enea: In a recent survey on CISO concerns and plans for Cloud/SaaS security , carried out by Cybersecurity Insiders, 94% of respondents said that their organization was concerned about cloud security with 22% extremely concerned.

Cybersecurity 143

Cybersecurity IoT Malware Risk 143

SecureWorld News

FEBRUARY 9, 2024

Gartner has projected that by 2025, more than 60% of organizations will move away from VPN and rely on ZTNA. RELATED: Death of the VPN: A Security Eulogy ] VPNs have notably higher operating costs and lower scalability when using device-based architecture. In this case, CISOs must manage the risks due to the technology debt.

IoT 93

IoT VPN Architecture Risk 93

eSecurity Planet

MARCH 25, 2022

RDP intrusions are typically the result of two attacker methods: brute force authentication attempts or a meddler-in-the-middle (MITM) attack. Remote desktop software’s sensitive influence over other devices means identity and access management (IAM), password security , and multi-factor authentication are critical for risk management.

VPN 120

VPN Software Authentication Encryption 120

SecureWorld News

JUNE 3, 2024

Brad Jones, CISO at Snowflake, issued a Joint Statement regarding Preliminary Findings in Snowflake Cybersecurity Investigation on its Snowflake Forums. The access was possible because the demo account was not behind Okta or Multi-Factor Authentication (MFA), unlike Snowflake's corporate and production systems.

Data breaches 81

Data breaches Authentication Accountability Passwords 81

Duo's Security Blog

OCTOBER 6, 2023

Threat actors have dramatically escalated their attacks – targeting security controls like multi-factor authentication (MFA), conducting wily social engineering attacks and extorting businesses large and small with ransomware. Since then, teams have had years to adjust to this new reality, yet the attackers have as well.

Authentication 108

Authentication Risk Social Engineering InfoSec 108

Cisco Security

AUGUST 26, 2021

CyberArk reduces VPN risk with MFA enforcement on any VPN client that supports RADIUS; including Cisco Secure Firewall. Active Lock protects individual files by requiring step-up authentication until the threat is cleared. There are many options for step-up authentication, including Cisco Duo OTP and push notifications.

Technology 110

Technology Firewall VPN Authentication 110

Thales Cloud Protection & Licensing

MARCH 31, 2021

There are two major considerations for us: enhanced authentication security, and user workflow efficiency. “In In the case of user efficiency, now with a full remote workflow for user authentication, all devices are authenticating over an enterprise VPN client. Justin Sherman, Tech Policy and Geopolitics Expert. “One

Digital transformation 77

Digital transformation VPN Technology Architecture 77

Duo's Security Blog

APRIL 5, 2021

In this talk, Brad will discuss how Cisco’s Zero Trust rollout was not only a logistical challenge with 100,000 global users and a complex mix of cloud and on-premises applications, but also a huge shift in how the company itself thought about networks, perimeters, and security (including reducing its own VPN usage).

CISO 61

CISO InfoSec Financial Services Marketing 61

Duo's Security Blog

JANUARY 28, 2022

Imagine a shift away from logging into a “network” to having security seamlessly built into the network, and multi-factor authentication and authorization continuously performed at the application level on the fly — without users typing passwords. The vision being set forth by OMB is ambitious — but vital.

Authentication 52

Authentication Government DNS Encryption 52

eSecurity Planet

MAY 28, 2021

The truth is that solutions like single sign-on (SSO) and multi-factor authentication (MFA) can spell disaster if initial access is all a malicious actor needs to traverse the network’s resources. Whether it’s a VPN , firewall , or remote access server, unauthorized entry via network gateways is a problem.

Software 119

Software DNS Firmware VPN 119

ForAllSecure

DECEMBER 2, 2021

Vamosi: So you’re CISO at a major corporation and all of sudden there’s been a ransomware attack in your network, and it’s spreading throughout your infrastructure. Also multi factor authentication, that is a must. Maybe your first concern is to make sure the company is functional.

Penetration Testing 52

Penetration Testing Encryption Ransomware Passwords 52

Duo's Security Blog

NOVEMBER 30, 2022

Adding to that complexity, we still have many organizations using the old method of a VPN to check a user’s identity before providing access to all applications regardless of who the user is, what device they are using and what permissions they SHOULD have based on their role. Go VPN-less!

VPN 54

VPN Passwords CISO Healthcare 54

Cisco Security

JUNE 25, 2021

This month, we interviewed Esmond Kane, CISO of Steward Health Care. Across Healthcare, infosec had to help IT rapidly improve endpoint hygiene, VPN posture assessment, handle all the COVID-related Phishing, increase and mitigate cloud exposure, and more. Esmond Kane is Cisco’s CISO of the month. Some might call it smart.

CISO 74

CISO Healthcare InfoSec Computers and Electronics 74

Security Boulevard

JANUARY 2, 2024

Legacy, perimeter-based architectures like traditional virtual private networks (VPNs) and firewalls are not only expanding the attack surface, but also exacerbating challenges for organizations that are up against increasingly sophisticated threats and cloud-first demands. Do they have sufficient defense in depth and security governance?

CISO 103

CISO Social Engineering Architecture Ransomware 103

CyberSecurity Insiders

SEPTEMBER 3, 2021

Colonial Pipeline hackers gained entry to the company’s computer network through a VPN that wasn’t using multifactor authentication, using a leaked password found on the dark web. Those are astounding numbers, considering a cyberattack can often result from something as simple as a single compromised password or software vulnerability.

Cybersecurity 40

Cybersecurity Data breaches Threat Detection Technology 40

CyberSecurity Insiders

APRIL 20, 2023

CISOs are faced with managing and securing new complex IT environments where business-critical applications and communications are spread throughout multiple clouds. As a result, IT professionals and CISOs are having difficulty managing the volume of security tools, not to mention how costly it is with regard to licensing and administration.

CISO 121

CISO Authentication VPN Cyber Attacks 121

SecureWorld News

OCTOBER 15, 2020

And they traced the cybersecurity failures to a lack of leadership and a vacant Chief Information Security Officer role: "The problems started at the top: Twitter had not had a chief information security officer (“CISO”) since December 2019, seven months before the Twitter Hack. This is something end users at many organizations experienced.

Social Engineering 98

Social Engineering Media Scams Financial Services 98

eSecurity Planet

MAY 2, 2024

Multi-factor authentication : Protects stolen credentials against use by requiring more than a simple username and password combination for access to resources. Passwordless authentication : Eliminates passwords in favor of other types of authentication such as passkeys, SSO, biometrics, or email access.

Cybersecurity 121

Cybersecurity DDOS Penetration Testing Passwords 121

Cisco Security

JUNE 30, 2021

Duo is the leading provider of multi-factor authentication (MFA) and zero trust for the workforce, combining security expertise with a user-centered philosophy to provide two-factor authentication, endpoint remediation and secure single sign-on tools for the modern era. Ash joined Cisco in 2018 via Cisco’s acquisition of Duo Security.

Authentication 96

Authentication Technology Risk Passwords 96

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Perimeter81 VPN and zero trust 2020 Private Wiz Cloud security 2020 Private OneTrust Privacy management 2019 Private Darktrace AI network security 2017 Private Recorded Future Threat intelligence 2017 Acquired: Insight Thycotic Access management 2015 Private Checkmarx Application security 2015 Acquired: P.E.

Cybersecurity 128

Cybersecurity Technology Marketing Healthcare 128