access control

Exposed APIs and issues in the world’s largest organizations

access control, API security, authentication, cybersecurity, Don't miss, Escape, Hot stuff, Video /

Exposed APIs and issues in the world’s largest organizations 2024-12-12 at 06:32 By Help Net Security In this Help Net Security video, Tristan Kalos, CEO of Escape, discusses the results of its 2024 State of API Exposure report. The study highlights significant API security gaps affecting Fortune 1000 organizations, with over 28,500 exposed APIs and […]

React to this headline:

Loading spinner

Exposed APIs and issues in the world’s largest organizations Read More »

The future of cyber insurance: Meeting the demand for non-attack coverage

access control, Allianz, cyber insurance, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Privacy, Ransomware, risk assessment /

The future of cyber insurance: Meeting the demand for non-attack coverage 2024-10-25 at 07:35 By Mirko Zorz In this Help Net Security interview, Michael Daum, Head of Global Cyber Claims for Allianz Commercial, discusses the significant rise in cyber claims in 2024, driven by an increase in data breaches and ransomware attacks. Daum highlights the

React to this headline:

Loading spinner

The future of cyber insurance: Meeting the demand for non-attack coverage Read More »

Evolving cloud threats: Insights and recommendations

access control, cloud security, cybersecurity, Don't miss, Hot stuff, IBM X-Force, threat, Video /

Evolving cloud threats: Insights and recommendations 2024-10-23 at 07:03 By Help Net Security Recently, IBM X-Force released its 2024 Cloud Threat Landscape Report. This uses incident data and insights to reveal how attackers successfully compromise organizations by leveraging adversary-in-the-middle (AITM) attacks to bypass multi-factor authentication (MFA). This often leads to business email compromise (BEC), which

React to this headline:

Loading spinner

Evolving cloud threats: Insights and recommendations Read More »

15% of office workers use unsanctioned GenAI tools

access control, authentication, cybersecurity, generative AI, Ivanti, News, remote working, report, strategy, survey /

15% of office workers use unsanctioned GenAI tools 2024-10-03 at 06:31 By Help Net Security Rigid security protocols — such as complex authentication processes and highly restrictive access controls — can frustrate employees, slow productivity and lead to unsafe workarounds, according to Ivanti. Understanding workplace behavior key to strengthening security In fact, one in two

React to this headline:

Loading spinner

15% of office workers use unsanctioned GenAI tools Read More »

3 easy microsegmentation projects

12Port, access control, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, network, News, opinion, regulation, resilience, software, zero trust /

3 easy microsegmentation projects 2024-10-01 at 07:31 By Help Net Security Like many large-scale network security projects, microsegmentation can seem complex, time-consuming, and expensive. It involves managing intricate details about inter-device service connectivity. One web server should connect to specific databases but not to others, or load balancers should connect to some web servers while

React to this headline:

Loading spinner

3 easy microsegmentation projects Read More »

3 tips for securing IoT devices in a connected world

access control, authentication, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity management, IoT, News, opinion, tips, WatchGuard /

3 tips for securing IoT devices in a connected world 2024-09-27 at 08:01 By Help Net Security IoT devices have become integral to how many organizations operate. From Smart TVs in conference rooms to connected sensors and wireless security cameras, these connected devices are now a fixture in the modern workplace. They also, however, present

React to this headline:

Loading spinner

3 tips for securing IoT devices in a connected world Read More »

Compliance management strategies for protecting data in complex regulatory environments

access control, auditing, Compliance, cybersecurity, Don't miss, Features, Hot stuff, monitoring, News, NordLayer, opinion, regulation, strategy, tips /

Compliance management strategies for protecting data in complex regulatory environments 2024-09-26 at 07:02 By Mirko Zorz In this Help Net Security interview, Andrius Buinovskis, Head of Product at NordLayer, discusses how organizations can assess their compliance management and ensure they meet regulatory requirements. Buinovskis also addresses the challenges of managing multiple frameworks and offers strategies

React to this headline:

Loading spinner

Compliance management strategies for protecting data in complex regulatory environments Read More »

Apple releases iOS 18, with security and privacy improvements

access control, apple, Don't miss, Hot stuff, iOS, iPhone, News, password management, password manager /

Apple releases iOS 18, with security and privacy improvements 2024-09-17 at 15:46 By Zeljka Zorz Apple has launched iOS 18, the latest significant iteration of the operating system powering its iPhones. Along with many new features and welcome customization options, iOS 18 brings several changes for improving users’ security and privacy. A standalone Passwords app

React to this headline:

Loading spinner

Apple releases iOS 18, with security and privacy improvements Read More »

How AI and zero trust are transforming resilience strategies

access control, Active Directory, Compliance, cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Quest Software, regulation, Risk Management, strategy, zero trust /

How AI and zero trust are transforming resilience strategies 2024-09-11 at 07:01 By Mirko Zorz In this Help Net Security interview, John Hernandez, President and General Manager at Quest Software, shares practical advice for enhancing cybersecurity resilience against advanced threats. He underscores the need to focus on on-premises and cloud environments, adapt to new regulations,

React to this headline:

Loading spinner

How AI and zero trust are transforming resilience strategies Read More »

SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)

access control, CVE, Don't miss, firewall, Hot stuff, News, security update, SonicWall, vulnerability /

SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) 2024-08-26 at 21:32 By Zeljka Zorz SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific conditions, to crash the appliances. About CVE-2024-40766 CVE-2024-40766 is an improper access control vulnerability in the “SonicWall SonicOS

React to this headline:

Loading spinner

SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) Read More »

Organizations fail to log 44% of cyber attacks, major exposure gaps remain

access control, cybersecurity, network, News, Picus Security, report, threat /

Organizations fail to log 44% of cyber attacks, major exposure gaps remain 2024-08-02 at 07:31 By Help Net Security 40% of tested environments allowed attack paths that lead to domain admin access, according to Picus Security. Achieving domain admin access is particularly concerning because it is the highest level of access within an organization’s IT

React to this headline:

Loading spinner

Organizations fail to log 44% of cyber attacks, major exposure gaps remain Read More »

How CISOs enable ITDR approach through the principle of least privilege

access control, access management, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, News, Opal Security, opinion, regulation, threat detection /

How CISOs enable ITDR approach through the principle of least privilege 2024-07-25 at 07:31 By Help Net Security Somewhere, right now, a CISO is in a boardroom making their best case for stronger identity threat detection and response (ITDR) initiatives to lower the risk of intrusion. For a good reason, too: Look no further than

React to this headline:

Loading spinner

How CISOs enable ITDR approach through the principle of least privilege Read More »

The CISO’s approach to AI: Balancing transformation with trust

access control, Artificial Intelligence, CISO, cybersecurity, Devo Technology, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, policy, risk, Risk Management /

The CISO’s approach to AI: Balancing transformation with trust 2024-07-23 at 07:31 By Help Net Security As organizations increasingly adopt third-party AI tools to streamline operations and gain a competitive edge, they also invite a host of new risks. Many companies are unprepared, lacking clear policies and adequate employee training to mitigate these new dangers.

React to this headline:

Loading spinner

The CISO’s approach to AI: Balancing transformation with trust Read More »

Overlooked essentials: API security best practices

access control, Akto, API security, authentication, cybersecurity, Don't miss, Encryption, Features, Hot stuff, News, opinion, policy /

Overlooked essentials: API security best practices 2024-07-17 at 07:31 By Mirko Zorz In this Help Net Security, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 and OpenID Connect, strict HTTPS encryption, and the use of JWTs for stateless authentication. Gupta recommends role-based access control (RBAC) and

React to this headline:

Loading spinner

Overlooked essentials: API security best practices Read More »

Risk related to non-human identities: Believe the hype, reject the FUD

access control, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, identity management, News, opinion, Sweet Security /

Risk related to non-human identities: Believe the hype, reject the FUD 2024-07-15 at 08:01 By Help Net Security The hype surrounding unmanaged and exposed non-human identities (NHIs), or machine-to-machine credentials – such as service accounts, system accounts, certificates and API keys – has recently skyrocketed. A steady stream of NHI-related breaches is causing some of

React to this headline:

Loading spinner

Risk related to non-human identities: Believe the hype, reject the FUD Read More »

Maximizing productivity with Copilot for Microsoft 365: A security perspective

access control, Artificial Intelligence, cybersecurity, Don't miss, generative AI, Hot stuff, Microsoft 365, risk, Varonis, Video /

Maximizing productivity with Copilot for Microsoft 365: A security perspective 2024-06-13 at 06:31 By Help Net Security In this Help Net Security video, Brian Vecci, Field CTO at Varonis, talks about maximizing the potential of Microsoft Copilot for 365. He highlights its productivity benefits and addresses critical security challenges, providing actionable steps to ensure safe

React to this headline:

Loading spinner

Maximizing productivity with Copilot for Microsoft 365: A security perspective Read More »

The importance of access controls in incident response

access control, authentication, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, Incident Response, News, opinion, Rootly /

The importance of access controls in incident response 2024-05-17 at 12:31 By Help Net Security The worst time to find out your company doesn’t have adequate access controls is when everything is on fire. The worst thing that can happen during an incident is that your development and operations teams are blocked from solving the

React to this headline:

Loading spinner

The importance of access controls in incident response Read More »

Who owns customer identity?

access control, authentication, Compliance, cybersecurity, Descope, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, identity management, MFA, News, opinion /

Who owns customer identity? 2024-04-18 at 07:31 By Help Net Security When I’m talking with prospective clients, I like to ask: which department owns customer identity? Everyone immediately looks towards a different team. While every team touches customer identity at some point, the teams that own it differ from organization to organization. From my experience,

React to this headline:

Loading spinner

Who owns customer identity? Read More »

AI set to enhance cybersecurity roles, not replace them

access control, Artificial Intelligence, Cloud Security Alliance, Compliance, cybersecurity, Don't miss, Features, generative AI, Hot stuff, News, opinion, regulation, risk, training /

AI set to enhance cybersecurity roles, not replace them 2024-04-16 at 07:02 By Mirko Zorz In this Help Net Security interview, Caleb Sima, Chair of CSA AI Security Alliance, discusses how AI empowers security pros, emphasizing its role in enhancing skills and productivity rather than replacing staff. AI is seen as empowering rather than replacing

React to this headline:

Loading spinner

AI set to enhance cybersecurity roles, not replace them Read More »

Strengthening critical infrastructure cybersecurity is a balancing act

access control, attacks, critical infrastructure, cybersecurity, Don't miss, Features, Hot stuff, information sharing, News, opinion, regulation, resilience, strategy, zero trust /

Strengthening critical infrastructure cybersecurity is a balancing act 2024-03-26 at 07:31 By Mirko Zorz In this Help Net Security interview, Aaron Crow, Senior Director at MorganFranklin Consulting, discusses critical infrastructure cybersecurity strategies, barriers to threat information sharing, and innovative technologies enhancing resilience against cyberattacks. How do current cybersecurity strategies address the critical infrastructure sectors’ unique

React to this headline:

Loading spinner

Strengthening critical infrastructure cybersecurity is a balancing act Read More »

Scroll to Top