Tag: Cybersecurity

How CIAM Creates a 360-Degree View of the Customer

CIAM
Each of us has multiple identities — personal, consumer, business-related, etc. To his family, a man might simply be “Sam,” but to his employer, Sam is a complex array of user IDs, passwords, and access privileges. Identity and access management (IAM) provides a disciplined approach for the creation, maintenance, and use of those digital identities. It integrates business processes...

NIST Cybersecurity Framework Gets an Update

Security
Organizations are facing a “triple threat” when it comes to cybersecurity. Growing numbers of vulnerabilities and increasingly sophisticated attacks have made cybersecurity breaches virtually inevitable. However, many organizations lack the skilled personnel needed to combat these attacks, and open positions for security specialists tend to go unfilled due to the limited number of professionals in the marketplace. As a...

FIDO Alliance Specifications Enable Standards-Based Approach to MFA

password
In our last post, we discussed how so-called “aftershock” attacks are driving the need for multifactor authentication (MFA). Because most users rely on a handful of slightly varied passwords to access multiple sites and accounts, cybercriminals often use stolen passwords in hacking attempts. MFA adds an extra layer of protection by requiring more than a password for authentication. Traditionally,...

“Aftershock” Attacks Up the Ante for Multifactor Authentication

MFA
Aftershocks, in geological terms, often occur in the vicinity of an earthquake; they can happen weeks, months, or even years after the original seismic event. Security experts warn that high-profile data breaches can also produce aftershocks, and multifactor authentication (MFA) is the best defense against these attacks. Aftershock attacks occur when hackers use credentials obtained in previous data breaches...

The Proper Role of Identity Management in Regulatory Compliance

IAM
According to Gartner’s “Survey Analysis: Trends in End-User Security Spending, 2017,” organizations are increasing their cybersecurity budgets due to fears of data breaches and related business risks. Regulatory compliance is also a top concern that’s driving security spending. Organizations face significant financial penalties if they fail to meet increasingly strict regulatory requirements for data security and privacy. The 2016...

Why the Internet of Things Needs Enterprise Asset Management

Asset management
The Internet of Things (IoT) makes it possible to turn virtually any object into a source of data. Machines can communicate and share data with each other without the need for human intervention and deliver a wide range of information to data centers for processing. Organizations can be alerted when equipment malfunctions or routine maintenance must be scheduled. Real-time...

The Opportunities and Challenges of Enterprise Asset Management

EAM
Emerging technologies and competitive pressures are driving increased interest in enterprise asset management (EAM). With the right strategy and an experienced partner, organizations can capitalize on the opportunities of EAM while minimizing its challenges. According to multiple industry reports, the market for EAM systems is experiencing steady growth. Scalar Market Research pegged the market at $3.89 billion in 2016...

New York’s New Security Rules Emphasize Identity and Access Management

NY Security
In September 2016, New York Governor Andrew Cuomo announced new regulations that established minimum security requirements for the protection of sensitive data in the financial services sector. The first state-mandated regulations of their kind in the nation, the new rules cover banks, insurance companies, and other financial services firms licensed by the New York Department of Financial Services (DFS),...

Data Manipulation: A More Troubling Problem than Data Theft

Many people are concerned about the theft of sensitive information, and rightfully so. According to the 2016 Identity Fraud study by Javelin Strategy and Research, identity theft cost U.S. consumers $15 billion in 2015. Businesses also fall victim to identity theft, to the tune of $221 billion worldwide each year. But a more insidious data security problem is gaining...

Automation Helps Meet Regulatory Requirements for Privileged Accounts

Automation
Privileged account security has become a focal point of many government and industry regulations. Take, for example, the latest version of the Payment Card Industry Data Security Standard (PCI-DSS), which mandates security practices and controls that must be implemented by organizations that store, process, or transmit payment card data. PCI-DSS 3.2 requires that organizations change vendor-default passwords for privileged...