Duo's Security Blog

NOVEMBER 16, 2023

This blog explores why endpoint security is of utmost importance when accessing applications and highlights the potential risks associated with compromised endpoints. Protecting sensitive data Applications often contain highly sensitive information, including financial data, customer details, and intellectual property.

Authentication 56

Authentication Architecture Risk Engineering 56

Duo's Security Blog

JUNE 12, 2023

Passwordless is the modern authentication method that does not rely on passwords, eliminating the risks that come with weak, lost, or stolen credentials. Authentication is the process of verifying your online identity. This ensures the right people get access to the right online resources. What is passwordless? It is MFA Phishing Resistant.

Authentication 115

Authentication Passwords Password Management Phishing 115

Zigrin Security

OCTOBER 11, 2023

In this article, we will explore the motivations of the hackers, which threat actors target which data, how to protect yourself or your organization against these threat actors, and most importantly what these threat actors do with your data. They wouldn’t say no to corporate intellectual property since it can be used for further attacks.

Cyber threats 52

Cyber threats Penetration Testing Passwords Backups 52

Centraleyes

APRIL 16, 2024

The Business Impact of Data Loss Financial losses, regulatory fines , reputational damage, and intellectual property loss are among the risks that underscore the need for a robust data loss prevention program. This involves defining clear policies, procedures, and data ownership throughout its lifecycle.

Encryption 52

Encryption Education Risk Healthcare 52

Security Affairs

NOVEMBER 8, 2018

” states the blog post published by Diachenko. Now secured (just when I was preparing responsible disclosure), but question remains how long it was open. The records appeared to be from an American Express branch in India.” The archive included 2,332,115 records containing encrypted data (i.e. pic.twitter.com/3kbXaS4cIz.

Encryption 84

Encryption Data breaches Advertising Engineering 84

Duo's Security Blog

MARCH 15, 2021

As security practitioners we have a fiduciary responsibility to protect the users, devices and applications that, in conjunction with the intellectual property, compromise the workplace, workforce and workload of the organization. Moving ahead we can get people to learn to use a password manager. This is the way.

Authentication 71

Authentication Passwords Password Management Firewall 71

McAfee

NOVEMBER 12, 2020

Security breaches can hurt companies financially, negatively impact brand reputation, and result in data loss (both personal and company intellectual property) just to name a few of the impacts. Governance describes the policies and processes which determine how organizations detect, prevent, and respond to cyber incidents.

Cybersecurity 61

Cybersecurity Government Risk Penetration Testing 61

Jane Frankland

OCTOBER 1, 2021

.” His statement couldn’t be truer and as I chaired the European Security Forum 2021 in London this week, I was amazed at how the theme of unlearning what we know glued together (figuratively speaking) all the other speakers’ presentations. It was necessary. The legal sector is an important one.

Cybersecurity 100

Cybersecurity Ransomware Identity Theft Technology 100

Thales Cloud Protection & Licensing

APRIL 25, 2018

Jim DeLorenzo, Solutions Marketing Manager, Thales eSecurity. Indeed, Article 32 states that organisations will be compelled to ‘implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk […] including the pseudonymisation and encryption of personal data’. Don’t waste any time.

Encryption 63

Encryption Data breaches Data privacy Risk 63

BH Consulting

SEPTEMBER 7, 2022

So while the risk remains, what can we do about it? This blog is the first in a series where I will cover what a cyberattack involves, outline how it’s carried out, and explain how it might differ depending on your chosen technology platform. and ‘How would I deal with it?’. Prepare to attack. Mission accomplished.

Risk 52

Risk Backups Technology Ransomware 52

Security Boulevard

DECEMBER 21, 2021

from personally identifiable information (PII) to intellectual property. Session management. Recommendations for Mitigating the Risk of Software Vulnerabilities ” outlines 19 practices organized into the following four categories: Prepare the organization (PO). Here is your compliance shortlist (yay!). Authentication.

Software 59

Software Architecture Risk Penetration Testing 59

Thales Cloud Protection & Licensing

DECEMBER 6, 2018

Protecting sensitive financial data, intellectual property or secrets. The decision about which controls to implement needs to be the result of a risk/benefit calculation which depends on the priorities of the organization, the risks that need to be mitigated against as well as the time and budget required for implementation.

Encryption 54

Encryption Media Risk Data breaches 54

McAfee

SEPTEMBER 29, 2021

Tier 1 SecOps analysts have to manage this barrage of alerts. This allows you to optimize your response to alerts, best manage the resources on the SecOps team, and reduce the risk of a dangerous breach event. There are several strategic views that SOC leadership can take on how to best approach prioritization.

DNS 67

DNS Manufacturing Data breaches Risk 67

McAfee

FEBRUARY 17, 2021

This blog will describe what domain age is, how domains are created and registered, domain age value, and how domain age can be used most effectively as a compliment to other web security tools. IANA manages the DNS root zone and TLDs (Top Level Domains like.com,org,edu, etc.) Domain Age Feature Definition.

Internet 65

Internet Internet DNS Risk 65

Thales Cloud Protection & Licensing

DECEMBER 21, 2017

Compounding the problem, configuring Identity and Access Management (IAM) in the cloud can be difficult. However, other providers have had very concerning issues as well, and all are at risk of human error leading to data leaks and breaches. Most organizations haven’t developed the expertise, and mistakes are commonly made.

Encryption 59

Encryption Architecture Data breaches Passwords 59

The Last Watchdog

MARCH 21, 2022

It’s an irony often noted about wealth: The more money you have, the more you have to worry about money – managing it, protecting it, nurturing it for further growth. Best data management practices. But data management begins with strategy, not technology. Related: Using employees as human sensors. Inventory and map your data.

Encryption 214

Encryption Data privacy Cloud Migration Risk 214

The Last Watchdog

MAY 20, 2022

The unification revolution of cybersecurity solutions has started – and managed security service providers are leading the way. Managed security services (MSS) refer to a service model that enable the monitoring and managing of security technologies, systems, or even software-as-a-service (SaaS) products.

Marketing 247

Marketing Digital transformation Technology Cybersecurity 247

Security Boulevard

APRIL 17, 2024

A Pandora's Box: Unpacking 5 Risks in Generative AI madhav Thu, 04/18/2024 - 05:07 Generative AI (GAI) is becoming increasingly crucial for business leaders due to its ability to fuel innovation, enhance personalization, automate content creation, augment creativity, and help teams explore new possibilities.

Risk 69

Risk Data collection Artificial Intelligence Accountability 69

Thales Cloud Protection & Licensing

APRIL 17, 2024

A Pandora's Box: Unpacking 5 Risks in Generative AI madhav Thu, 04/18/2024 - 05:07 Generative AI (GAI) is becoming increasingly crucial for business leaders due to its ability to fuel innovation, enhance personalization, automate content creation, augment creativity, and help teams explore new possibilities.

Risk 71

Risk Data collection Artificial Intelligence Accountability 71

McAfee

NOVEMBER 10, 2021

These range from inconsistent security across cloud properties to lack of visibility into the public cloud infrastructure where cloud-native applications are hosted—and more. They all have different security controls, so our cloud security was not uniform, and security management was complicated.”. Unacceptable levels of risk.

Data breaches 93

Data breaches Risk CSO Media 93

The Last Watchdog

MAY 12, 2022

This growing environment of risks and increasingly aggressive adversaries demand our readiness, yet our national response continues to be largely reactive to threat conditions. History shows how a small event built on daisy-chained circumstances can kick off a catastrophe, or even a shooting war. Rebuilding Security.

Cybersecurity 275

Cybersecurity Technology Cyber threats Mobile 275

Centraleyes

FEBRUARY 21, 2024

Here’s a comprehensive overview of key milestones set to take effect in 2024, along with predictions for how these changes will shape the compliance landscape. ESG is Becoming an Integrity Measure Environmental, Social, and Governance (ESG) risk becomes a crucial metric for organizational integrity. in ESG adoption.

Cybersecurity 52

Cybersecurity Data privacy Risk Small Business 52

Notice Bored

OCTOBER 13, 2021

This piece is different to the others in this blog series. This is about the policy development process , more than the asset management policy per se. By literal substitution, 'anything that has value to the organization management' is the third example information security policy topic in section 5.1. Isn't it tautologous?

Energy and Utilities 56

Energy and Utilities Risk Information Security Government 56

Centraleyes

MARCH 4, 2024

Take the European Union’s ambitious AI Act , for instance, with its far-reaching rules designed to rein in AI applications that pose unacceptable risks. The government has prioritized AI risk assessment and management, recognizing the importance of understanding algorithms’ decision-making processes.

Artificial Intelligence 52

Artificial Intelligence Government Consumer Protection Risk 52

The Last Watchdog

JUNE 21, 2018

Musk reportedly sent out an internal email describing how an unnamed insider allegedly made unspecified code changes to the company’s manufacturing systems. The lawsuit describes how that email was part of an oil-industry effort to undermine the company’s push for energy-efficient transportation.

Network Security 150

Network Security Manufacturing Accountability Risk 150

Thales Cloud Protection & Licensing

AUGUST 4, 2021

Deadbolts & Security Cameras: How to Halt Software Revenue Robbery. In fact, in today’s digital economy, software vendors often find themselves at a loss as to how to segment, monetize, and protect their software so they can prevent intentional and unintentional software misuse, and ultimately boost revenue. Wed, 08/04/2021 - 11:33.

Software 71

Software Surveillance Insurance Technology 71

Thales Cloud Protection & Licensing

AUGUST 4, 2021

Deadbolts & Security Cameras: How to Halt Software Revenue Robbery. In fact, in today’s digital economy, software vendors often find themselves at a loss as to how to segment, monetize, and protect their software so they can prevent intentional and unintentional software misuse, and ultimately boost revenue. Wed, 08/04/2021 - 11:33.

Software 71

Software Surveillance Insurance Technology 71

Duo's Security Blog

OCTOBER 20, 2021

How do I choose which car is right for me? As such, it’s high time that we start to get specific in describing current environments and how folks in those specific places can begin their passwordless journey. But wait, you may now be asking yourself, how prevalent are biometrics among my student population? We hope so.

Education 52

Education Authentication Passwords CISO 52

CyberSecurity Insiders

JANUARY 28, 2022

This blog was written by an independent guest blogger. The level of activity is driven by growth in sectors such as identity management , zero trust , managed security services, DevSecOps and cloud security. Companies are taking great risks in terms of their economic future when acquiring assets of a target company.

Cybersecurity 89

Cybersecurity Digital transformation CSO Penetration Testing 89

LRQA Nettitude Labs

NOVEMBER 3, 2023

An ideal AI response would attempt to correct or challenge the misinformation, but depending on the training data and model, there’s a risk the AI could unintentionally validate the false claim. This response illustrates how AI might acknowledge the information, which can be problematic if the information is false.

Artificial Intelligence 68

Artificial Intelligence Architecture Cybersecurity Technology 68

McAfee

SEPTEMBER 7, 2021

These same individuals probably view it through a more skeptical lens seeing it now as a cesspool of malware and great risk. Figure 1: How Remote Browser Isolation works. To better understand the cost problem and how it may be solved, let’s take a closer look at the two most common use cases for RBI.

Technology 73

Technology Risk Malware Marketing 73

SecureList

DECEMBER 7, 2021

But how did we get here and what has changed about the ransomware landscape since it was first our story of the year in 2019? With double extortion, not only do the attackers encrypt data, but they also steal highly sensitive information (personal data of clients and employees, internal documents, intellectual property, etc.)

Ransomware 122

Ransomware B2B B2C Government 122

McAfee

SEPTEMBER 9, 2019

In our latest global study on cloud adoption and risk, 83% of the 1,000 enterprises we spoke to told us they store their sensitive data in the cloud. Learn how you can protect data in any cloud service faster than ever before, with full context of cloud-native collaboration and sharing. McAfee Device-to-Cloud Data Loss Prevention.

Technology 40

Technology Risk Banking Engineering 40

Security Boulevard

SEPTEMBER 20, 2022

The first of the nine reports ordered by President Biden's Executive Order 14067 "Ensuring Responsible Development of Digital Assets" was also released by the DOJ back on 06JUN2022, " How To Strengthen International Law Enforcement Cooperation for Detecting, Investigating, and Prosecuting Criminal Activity Related to Digital Assets " (58 pages). .

Cryptocurrency 52

Cryptocurrency Marketing Cybercrime Banking 52

Notice Bored

APRIL 14, 2022

A general principle is that the cost of implementing a risk treatment should never exceed the value of the asset being protected. impact to brand value when considering consequential reputational risk), however someone within an organisation often has an existing view on this value. What is the $ value of reducing information risks?

InfoSec 120

InfoSec Risk Engineering Information Security 120

ForAllSecure

FEBRUARY 10, 2021

How do the current DMCA laws impact those who hack digital devices? In a moment I’ll talk with someone who is leading the Right to Repair movement in the United States and discuss how current laws impact those who hack digital devices. And why doesn’t our basic right to repair our devices extend into the digital world?

InfoSec 52

InfoSec Manufacturing Technology Software 52

ForAllSecure

FEBRUARY 10, 2021

How do the current DMCA laws impact those who hack digital devices? In a moment I’ll talk with someone who is leading the Right to Repair movement in the United States and discuss how current laws impact those who hack digital devices. And why doesn’t our basic right to repair our devices extend into the digital world?

InfoSec 52

InfoSec Manufacturing Technology Software 52