In September 2016, New York Governor Andrew Cuomo announced new regulations that established minimum security requirements for the protection of sensitive data in the financial services sector. The first state-mandated regulations of their kind in the nation, the new rules cover banks, insurance companies, and other financial services firms licensed by the New York Department of Financial Services (DFS),...

Many people are concerned about the theft of sensitive information, and rightfully so. According to the 2016 Identity Fraud study by Javelin Strategy and Research, identity theft cost U.S. consumers $15 billion in 2015. Businesses also fall victim to identity theft, to the tune of $221 billion worldwide each year. But a more insidious data security problem is gaining...

In a previous post Why the IoT Needs IAM, Part 1: Rise of the Botnets, we discussed the growth of the Internet of Things (IoT) and the enormous attack surface created by billions of Internet-connected devices. Many of these devices have been recruited into botnet armies that are used to launch distributed denial of service (DDoS) attacks. Others are...

Privileged account security has become a focal point of many government and industry regulations. Take, for example, the latest version of the Payment Card Industry Data Security Standard (PCI-DSS), which mandates security practices and controls that must be implemented by organizations that store, process, or transmit payment card data. PCI-DSS 3.2 requires that organizations change vendor-default passwords for privileged...

In my last two articles, I discussed various aspects of privileged account and endpoint security, with a focus on implementing a new solution. But what if you already have one of these solutions in place? Are you aware of all its features? Have you deployed it for the correct use cases? Are there integrations with other systems you already...

Rather than simply stealing data, malicious actors are changing it to disrupt processes and cast doubt on information integrity. The threat extends to identity data and user credentials, which could be manipulated to gain physical access to secure facilities or logical access to sensitive data. In light of this threat, organizations are advised to rethink their identity and access...

Interested? Email your critique (see below) and resume to info@dtec.com and we’ll contact you! Position: UI/UX Designer and Graphic Artist Location: Arlington, VA Relocation Assistance: No relocation assistance available Clearance Type: None Travel: 0-5% Job Description When you see a reset button on a web form, do you reflexively open Chrome Dev Tools and delete the HMTL? Do logos...

In the Internet of Things (IoT), billions of connected objects quietly collect and transmit data and perform a wide range of functions, generally without human intervention. Imagine vending machines that tell you when they need to be replenished, vehicles that schedule their own maintenance, and “smart home” products that let you lock your doors, control your thermostat, and peek...

The risks associated with insider-threat theft and data breaches are well known. At the very least we ought to be aware of who is currently able to access our information resources and operational controls. We need to understand the risks to the enterprise if information or access falls into the wrong hands, or is corrupted in some way. Whatever...

At the end of every year, IT industry analysts and research firms try to predict which technology trends will have the greatest impact in the coming months. Some of the top picks for 2017 include artificial intelligence and machine learning, augmented and virtual reality, 3-D printing, Blockchain, and wearables. Meanwhile, cloud computing will continue to grow unabated, and billions...