CISO, Password Management and Technology

NIST Password Guidelines 2021: Challenging Traditional Password Management

Security Boulevard

DECEMBER 21, 2021

In 2017, the National Institute of Standards and Technology (NIST) released NIST Special Publication 800-63B Digital Identity Guidelines to help organizations properly comprehend and address risk as it relates to password management on the part of end users.

Password Management

Password Management Passwords Risk Technology

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

Thankfully, customers can still visit physical stores to purchase their favorite treats, but the incident reminds us of our operational reliance on interconnected technologies. Strong Password Management: Enforce strong, unique passwords and multi-factor authentication to protect against unauthorized access.

Password Management

Password Management Passwords CISO Cybersecurity

CISA Cuts: What They Mean for Cyber Defense for All

SecureWorld News

APRIL 10, 2025

Regardless of your political views, we must all agree that equipping our government with best cybersecurity talent, technology, and resources is critical to protecting our national interests," said Bruce Jenkins, CISO at Black Duck. The planned cuts to CISA underscore a critical juncture for U.S.

Energy and Utilities

Energy and Utilities Backups Healthcare Cybersecurity

Banks, Arbitrary Password Restrictions and Why They Don't Matter

Troy Hunt

SEPTEMBER 17, 2019

And while I'm here questioning CommBank's logic, what the hell is going on with this : 1Password has an open letter to banks on precisely this because its awful advice steeped in legacy misunderstandings of both technology and human brains. We take security seriously, and use industry-leading technology to protect your accounts.

Banking

Banking Passwords Accountability Authentication

ConnectWise Quietly Patches Flaw That Helps Phishers

Krebs on Security

DECEMBER 1, 2022

ConnectWise’s warnings come amid breach reports from another major provider of remote support technologies: GoTo disclosed on Nov. The third-party cloud storage service is currently shared by both GoTo and its affiliate, the password manager service LastPass. ET: Included statement from ConnectWise CISO.

Phishing

Phishing Architecture Passwords Accountability

The Security Gap JPMorgan Chase’s CISO Didn’t Mention — And Why It’s in Your Browser

Security Boulevard

MAY 13, 2025

The Security Gap JPMorgan Chases CISO Didnt MentionAnd Why Its in YourBrowser When the CISO of JPMorgan Chase issues a public letter to all technology vendors, the industry pays attentionand rightfully so. In other words, everything the CISOs letter warns about is already playing out inside thebrowser.

CISO

CISO Risk Phishing Software

NY AG Investigation Highlights Dangers of Credential Stuffing

eSecurity Planet

JANUARY 10, 2022

Also read: Best Password Managers & Tools for 2022. Leveraging credentials has only become easier in recent years, according to Alicia Townsend, technology evangelist with identity management firm OneLogin. Do not ever reuse old or similar variations of passwords,” Carson said. “If

Passwords

Passwords Password Management Authentication Accountability

NEW TECH: Devolutions’ ‘PAM’ solution helps SMBs deal with rising authentication risks

The Last Watchdog

MARCH 10, 2020

I spoke with Maurice Côté, VP Business Solutions, and Martin Lemay, CISO, of Devolutions , at the RSA 2020 Conference in San Francisco recently. Devolutions is a Montreal, Canada-based company that provides remote connection in addition to password and privileged access management (PAM) solutions to SMBs.

Authentication

Authentication Risk Digital transformation Passwords

SolarWinds blaming intern for leaked password is symptom of ‘security failures’

SC Magazine

MARCH 2, 2021

“The latest developments in relation to the SolarWinds intern’s poor password choice highlight’s how bad password hygiene is getting and how important it is for organizations to prioritize password management,” said Joseph Carson, chief security scientist and advisory CISO at Thycotic.

Passwords

Passwords Password Management CISO InfoSec

Better Late Than Never: Addressing NIST’s Updated Password Security Guidance

Approachable Cyber Threats

OCTOBER 7, 2024

One area where best practices have evolved significantly over the past twenty years is password security best practices. Additionally, password managers are recommended to store long and complex passwords securely without requiring users to remember them.

Passwords

Passwords Password Management Authentication Risk

What Are Passkeys?

Duo's Security Blog

JUNE 12, 2023

Passwordless is the modern authentication method that does not rely on passwords, eliminating the risks that come with weak, lost, or stolen credentials. At the foundation of passwordless technology is the FIDO Alliance and the WebAuthn protocol they’ve developed with input from industry giants like Cisco Duo.

Authentication

Authentication Passwords Password Management Phishing

Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off

Security Boulevard

OCTOBER 4, 2024

Plus, get the latest on Active Directory security, CISO salary trends and ransomware attacks! Specifically, they’re encouraging people to: Boost their password usage by using strong passwords , which are long, random and unique, and using a password manager to generate and store them. In the U.S.,

Cybersecurity

Cybersecurity CISO Ransomware Technology

Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass

The Security Ledger

SEPTEMBER 14, 2022

Paul talks with Chris Hoff the Chief Secure Technology Officer at LastPass about the CSTO role and the security implications of “software eating the world.”. In our latest podcast, Paul caught up with Chris Hoff ( @Beaker ) on the sidelines of the Black Hat Briefings to talk about his new role as Chief Secure Technology Officer (CSTO?)

CISO

CISO Password Management Technology Software

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

The Last Watchdog

AUGUST 19, 2021

Clearly, there was a failure somewhere, either human error or faulty technology or both. It is not be simply a matter of hiring a CISO, but ensuring that proper procedures and tools are implemented across the organization, including its third-party suppliers and contractors. Joshua Arsenio, Director, Security Compass Advisory.

Mobile

Mobile Data breaches Authentication Accountability

Pro-Russian LockBit 3.0 Claims Responsibility for Attack on Japan Port

SecureWorld News

JULY 6, 2023

John Bambenek, Principal Threat Hunter at Netenrich, said: "Part of the reason technology is so cheap is because technology companies outsource the risks of using their products to their customers. Additionally, international cooperation to fight against such cybercrimes is of utmost importance. It's on them to use it safely.

Ransomware

Ransomware Cybercrime Password Management Risk

Spotlight on Cybersecurity Leaders: Kevin Dreyer

SecureWorld News

MARCH 7, 2024

Kevin Dreyer , SSCP, CISSP, is the IT Director and CISO at Maple Reinders Group, a construction services provider based in Ontario, Canada. A : Password managers with 100% unique passwords and MFA everywhere possible until a better solution comes mainstream, but you really can't ignore patching and updating your systems.

Cybersecurity

Cybersecurity Internet Internet Password Management

Cybersecurity Culture: How Princeton University's Security Team Created It

SecureWorld News

MAY 19, 2020

Sherry brought to Princeton his 25 years of technology experience, 12 of which was in higher education as the former CISO at Brown University. Sherry explained that he (the CISO) would have no operational responsibilities in the beginning to focus solely on the execution of the mission.

Cybersecurity

Cybersecurity CISO Risk Education

Spotlight Podcast: Global Audit Finds Small Firms struggle with Password Hygiene

The Security Ledger

OCTOBER 16, 2019

Gerald Beuchelt is the CISO at LogMeIn. Beuchelt is responsible for managing and maintaining the security program across LogMeIn. In this conversation, he and I talk about the continuing challenges of managing passwords and some of the conclusions of the company’s latest Password Security Report.

Passwords

Passwords Technology Password Management Information Security

The Rise of the Sovereign Cloud

Thales Cloud Protection & Licensing

MAY 24, 2023

On an individual human level, maintaining proper cyber hygiene through improved password management is still a hurdle. It’s no surprise or secret that the most used passwords in the world are still things like 123456 or, for IT admins themselves, admin. This is a mindset with which C-level executives must become more familiar.

Encryption

Encryption Internet Internet Data privacy

Security Roundup February 2024

BH Consulting

FEBRUARY 15, 2024

And to complicate things, emerging technology is challenging organisations’ ability to stay resilient. Passwords: can’t live with ’em, can’t access vital online services without ’em Passwords were in the news again lately, for all the wrong reasons. MORE The evolving CISO role and how to align security with business priorities.

Passwords

Passwords Surveillance Risk Data breaches

On first-ever Identity Management Day, experts detail steps to a better IAM program

SC Magazine

APRIL 14, 2021

Greg McCarthy, CISO of Boston. It’s really making sure you learn the business process – and that’s the starting point before you even before you even think about implementing technology to drive that business process and make it more efficient,” said McCarthy.

Passwords

Passwords Architecture Password Management Government

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

Additional security all organizations should consider for a modest investment include: Active directory security : Guards the password storage and management system against attack for Windows, Azure, and other equivalent identity management systems. 30% data breaches and +23% ransomware for the first two months of 2024.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

3 Steps to Prevent a Case of Compromised Credentials

Duo's Security Blog

MAY 23, 2023

The answer, like most other cybersecurity-adjacent answers, lies in a combination of factors including social engineering , weak passwords, and other risky security moves or attacks. User-generated passwords can be deceptively weak, with less caution given to password management as remote and hybrid work become more common.

Authentication

Authentication Passwords Data breaches Phishing

A Question of Identity: The Evolution of Identity & Access Management

SecureWorld News

FEBRUARY 9, 2024

Self-Sovereign Identity (SSI) is a bold new frontier in identity and access management (IAM). People, process & technology framework A successful IAM program requires all three dimensions—people, process, and technology—working in concert to enhance the user experience, fuel efficiency gains, and minimize enterprise risk.

IoT

IoT VPN Architecture Risk

Securing Nonprofits Protects Us All

Cisco Security

AUGUST 19, 2021

According to Wendy Nather, Head of Advisory CISOs at Cisco, “Technology is for everyone, so security has to be for everyone.” Q: For nonprofits with limited resources, which security technologies and best practices should they really be focusing on? Cisco’s purpose is to power an inclusive future for all. And now they have MFA!

Authentication

Authentication Banking Information Security Technology

U.S. Security Agencies Warn About Russian Threat Gangs Amid Ukraine Tensions

eSecurity Planet

JANUARY 12, 2022

In some cases, Russian state-sponsored cyber operations against critical infrastructure organizations have specifically targeted operational technology (OT)/industrial control systems (ICS) networks with destructive malware.”. Also read: Best Password Managers & Tools for 2022. Russian Groups Behind High-Profile Attacks.

Passwords

Passwords Software Ransomware Cybersecurity

Cyber Security Informer

NIST Password Guidelines 2021: Challenging Traditional Password Management

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

Trending Sources

CISA Cuts: What They Mean for Cyber Defense for All

Banks, Arbitrary Password Restrictions and Why They Don't Matter

ConnectWise Quietly Patches Flaw That Helps Phishers

The Security Gap JPMorgan Chase’s CISO Didn’t Mention — And Why It’s in Your Browser

NY AG Investigation Highlights Dangers of Credential Stuffing

NEW TECH: Devolutions’ ‘PAM’ solution helps SMBs deal with rising authentication risks

SolarWinds blaming intern for leaked password is symptom of ‘security failures’

Better Late Than Never: Addressing NIST’s Updated Password Security Guidance

What Are Passkeys?

Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off

Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

Pro-Russian LockBit 3.0 Claims Responsibility for Attack on Japan Port

Spotlight on Cybersecurity Leaders: Kevin Dreyer

Cybersecurity Culture: How Princeton University's Security Team Created It

Spotlight Podcast: Global Audit Finds Small Firms struggle with Password Hygiene

The Rise of the Sovereign Cloud

Security Roundup February 2024

On first-ever Identity Management Day, experts detail steps to a better IAM program

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

3 Steps to Prevent a Case of Compromised Credentials

A Question of Identity: The Evolution of Identity & Access Management

Securing Nonprofits Protects Us All

U.S. Security Agencies Warn About Russian Threat Gangs Amid Ukraine Tensions

Stay Connected