Tag: Cybersecurity

How an Incident Response Plan Helps Reduce the Cost of a Security Breach

Incident Response
Data breaches are enormously expensive. According to data from the Ponemon Institute’s 2017 Cost of Data Breach Study, organizations paid $3.62 million on average to recover from security incidents in which sensitive data was compromised. That represents a 10 percent decline from the 2016 results — the first overall decrease in the history of the global study. Nevertheless, organizations...

The Most Common Cybersecurity Threats Impacting Organizations Today

Cybersecurity
Organizations face an increasing number of cybersecurity threats, taxing the ability of IT teams to protect their systems and networks. An understanding of the most common threats and sources of compromise enables them to focus their efforts and increase the odds of preventing a security breach. To that end, the SANS Institute conducted a survey of more than 250...

Employees’ Access Credentials Linger Long after They Leave

Employee Access
Identity and access management (IAM) has become the front line of security. To reduce the risk of data leaks and security incidents, organizations must ensure that only the right individuals have the right level of access to the right resources. IAM plays a particularly critical role in preventing the insider threats that pose the greatest security risk. One of...

GDPR Compliance Will Impact Physical Access Controls

GDPR
The European Union (EU) General Data Protection Regulation (GDPR) places strict new security and privacy requirements on any data related to persons living in the EU. In documenting and managing such data, organizations should not overlook physical access control systems. As we noted in a previous post, physical security typically falls under the purview of a Chief Security Officer...

Four Healthcare Tech Trends and Their Impact on Security

Healthcare
Though technology is typically viewed as a cost-saving and paper-reducing tool in the healthcare industry, there has been an increased emphasis on using technology to improve patient care and the overall patient experience. Federal law has mandated that healthcare organizations demonstrate “meaningful use” of electronic health records (EHRs) to better engage with patients and their families, coordinate care, and...

EAM: More than Reduced Maintenance Costs

Clango
Enterprise asset management (EAM) is generally used to reduce the operational and maintenance costs of corporate assets. By more effectively coordinating the maintenance of manufacturing plants, vehicle fleets, oil and gas pipelines, and other infrastructure, EAM can also help minimize costly service disruptions. However, the value of EAM can extend beyond the bottom line by enabling organizations to more...

NIST Offers New Guidelines on Identity Management

NIST
The National Institute of Standards and Technology (NIST) is updating its Cybersecurity Framework, as we reported in a previous post. Designed to provide a “prioritized, flexible, repeatable, performance-based and cost-effective approach” to managing cybersecurity, the framework has seen broad adoption by organizations worldwide. NIST issued a draft of version 2.0 in January 2017, incorporating feedback received since the original...

How CIAM Creates a 360-Degree View of the Customer

Healthcare IAM
Each of us has multiple identities — personal, consumer, business-related, etc. To his family, a man might simply be “Sam,” but to his employer, Sam is a complex array of user IDs, passwords, and access privileges. Identity and access management (IAM) provides a disciplined approach for the creation, maintenance, and use of those digital identities. It integrates business processes...

NIST Cybersecurity Framework Gets an Update

Security
Organizations are facing a “triple threat” when it comes to cybersecurity. Growing numbers of vulnerabilities and increasingly sophisticated attacks have made cybersecurity breaches virtually inevitable. However, many organizations lack the skilled personnel needed to combat these attacks, and open positions for security specialists tend to go unfilled due to the limited number of professionals in the marketplace. As a...

FIDO Alliance Specifications Enable Standards-Based Approach to MFA

password
In our last post, we discussed how so-called “aftershock” attacks are driving the need for multifactor authentication (MFA). Because most users rely on a handful of slightly varied passwords to access multiple sites and accounts, cybercriminals often use stolen passwords in hacking attempts. MFA adds an extra layer of protection by requiring more than a password for authentication. Traditionally,...