Identity and access management is not about compliance anymore - It's really about security, says Gartner's Felix Gaehtgens. With cloud, virtualization, DevOps and other IT trends, IAM has evolved from being a one-off project to an ongoing initiative.
Businesses MUST address the proliferation of mobile devices in the workplace, whether authorized or not. For every laptop, there is a mobile phone, literally doubling the attack surface for hackers to breach your business and cause harm to you and/or your customers. While protection for traditional devices has long...
Behavioral analytics have taken the fast lane from emerging tech to mature practice.
The key element that has made behavioral analytics move so fast and become something so important to security is that the focus has been not on the technology itself but on the value it provides the enterprise, notably when being...
A computer security researcher has discovered a vast marketing database containing 340 million records on U.S. consumers. The database is the latest in a long line of databases to have been left exposed to the internet without authentication, thus putting people's personal data at risk.
Drawing participants from healthcare, communication, transportation, finance, and many other industries, the 2018 State of IBM i Security Study analyzed 158 servers.
Now in its 15th year, the study provides compelling insight into security weaknesses affecting many IBM i systems. The alarming results show...
The beauty of the cloud is that it's possible to expand capabilities like short-term capacity or long-term backups quickly and without the costly infrastructure and additional employees associated with on-premise equipment.
Unfortunately, many organizations are discovering their cloud environments are unattended...
A handful of popular music videos published on YouTube were defaced on Tuesday, with two hackers claiming credit. But Google, which owns YouTube, says that tampering didn't occur directly on its platform.
A U.S. power company, unnamed by regulators, has been fined a record $2.7 million for violating energy sector cybersecurity regulations after sensitive data - including cryptographic information for usernames and passwords - was exposed online for 70 days.
Whoever unleashed malware built to disrupt last month's Winter Olympics in Pyeongchang, South Korea, designed it to look like it had been executed by a group of hackers tied to North Korea. But researchers at the security firm Kaspersky Lab say any such attribution would be false.
Kaspersky Lab says it has uncovered an elegantly written piece of malware that leverages a Latvian-designed router to launch stealthy attacks. The security firm hints that the malicious code could only have come from a well-resourced attacker, but it stops short of naming one.
Today's enterprise defenses are broken. Static rules simply do not work. Criminals are clearly capable at finding their way through these defenses, which is easy when the defenses never change.
However, a new security model focused around threat analytics can turn the tables. Especially when it comes to privileged...
An analysis of a massive 8.8 GB trove of files containing usernames and plaintext passwords suggests hundreds of services may have experienced unreported or undiscovered data breaches. Data breach expert Troy Hunt says the trove of 80 million records appears to contain fresh data.
Information security truisms: 2017 was the year of more cybersecurity - more attacks, more spending, more defenses, more breaches - and 2018 will see more of everything "cyber," plus GDPR enforcement, proxy wars online and more.
Security probes into IoT vulnerabilities too often swerve into creepy territory. Take security researchers at Check Point who discovered they could seize control of an internet-connected LG vacuum cleaner's camera, allowing them to turn a roving robotic cleaner into a spy cam.
A new directive from the U.S. Department of Homeland Security elevates federal agencies' email security to the DMARC standard that's widely adopted by commercial email providers, including Google, Yahoo and Microsoft.