Identity and access management is not about compliance anymore - It's really about security, says Gartner's Felix Gaehtgens. With cloud, virtualization, DevOps and other IT trends, IAM has evolved from being a one-off project to an ongoing initiative.
Better, stronger fraud-detection intelligence - that's the promise of the new 3-D Secure 2.0 protocol for digital merchants, networks and financial institutions. But what should organizations do to prepare? James Jenkins of CA Technologies weighs in.
A computer security researcher has discovered a vast marketing database containing 340 million records on U.S. consumers. The database is the latest in a long line of databases to have been left exposed to the internet without authentication, thus putting people's personal data at risk.
The whole way we look at identity across the extended enterprise is in the midst of change, says Naresh Persaud of CA Technologies. What is dynamic authentication, and how does it herald the future of digital identity?
How do we establish and maintain digital trust without burdening our users? What are the critical questions that need to be addressed by anyone managing identity and access management in a modern enterprise? David Duncan of CA Technologies offers answers to these questions.
Mexico's central bank says attackers attempted to hack its interbank electronic transfer system, but says no client money was lost. It's activated "contingency measures" at the targeted banks and says payment transfers could slow as a result.
The Reserve Bank of India is requiring that payment system operators store all their data domestically. Many security practitioners and payment companies in India have lauded the move, stating that the mandate could lead to quicker resolution of breach cases.
A handful of popular music videos published on YouTube were defaced on Tuesday, with two hackers claiming credit. But Google, which owns YouTube, says that tampering didn't occur directly on its platform.
Malaysia's central bank, Bank Negara Malaysia, says it detected and successfully blocked an attack that attempted to steal funds via fraudulent SWIFT interbank money-moving messages. The attack against BNM led the central bank of the Philippines to issue an alert to banks in that country.
A U.S. power company, unnamed by regulators, has been fined a record $2.7 million for violating energy sector cybersecurity regulations after sensitive data - including cryptographic information for usernames and passwords - was exposed online for 70 days.
Whoever unleashed malware built to disrupt last month's Winter Olympics in Pyeongchang, South Korea, designed it to look like it had been executed by a group of hackers tied to North Korea. But researchers at the security firm Kaspersky Lab say any such attribution would be false.
Kaspersky Lab says it has uncovered an elegantly written piece of malware that leverages a Latvian-designed router to launch stealthy attacks. The security firm hints that the malicious code could only have come from a well-resourced attacker, but it stops short of naming one.
Russian President Vladimir Putin has issued an unequivocal promise about the extradition potential for 13 Russian nationals accused of working for a Kremlin-backed troll factory: "Never." It's unclear how the U.S. might best battle Russia's influence operations.