Two years removed from the announcement of the attack, we can now take a look at the lessons we learned from the OPM data breach.
Watch this FedScoop video interview of IT security expert Philip Lieberman to find out how federal government agencies can redesign their networks for better resilience against cyber attacks.
Now we’ll take a look at the three practices we regularly see in the most mature Privileged Identity Management programs.
With all the focus on cyber security at the conference, we had a lot of interesting conversations at our booth. Most of the MSPs were hearing the cyber focus loud and clear.
Last month the big focus in cybersecurity was the agreement reached between China and the United States. It’s correct to call it historic, but it would be far from correct to call it complete. There’s simply too much that the deal leaves out.
At this week’s RSA Conference we’re showing the latest release of our adaptive privilege management platform. We’re demonstrating how to remove excess local accounts and administrative memberships, provide local escalation, and create a moving target for cyber attackers that significantly limits the amount of time they have in your environment.
I’m always shocked when 20 year old exploits become news, but last week’s furor around the Equation cyber espionage group detailed in the Kaspersky report warranted a response. The infiltration technology mentioned in this report – introducing rogue firmware into the IT infrastructure supply chain – has been around for a very long time.
Cyber-defense today is not about stopping intrusions. It is about creating architectures and processes that minimize losses and limit how far into the network intruders can go after they do manage to penetrate the perimeter with zero day attacks and similar exploits.
We polled attendees at the recent Black Hat USA 2014 in Las Vegas and learned that 93% of them believe the hacking landscape is only going to get worse. Worryingly, 44% of respondents believe the USA is losing the battle against state-sponsored cyber attacks.
Financial services security must now be built and operated at the level of national defense and military-level security; commercial compliance and mitigation are no longer effective strategies.