To encourage individuals to improve their security practices, begin by not blaming them. That was one takeaway from security experts at the Infosecurity Europe conference, who offered practical tips for changing user behavior and creating a culture of security.
A discussion analyzing the difficulty of striking a balance between IT functionality and cybersecurity leads the latest edition of the ISMG Security Report. Also featured: Updates on sizing up weaknesses in biometrics and the potential to exploit LED lights to leak sensitive data from routers.
Leading the latest edition of the ISMG Security Report: Secretary John Kelly's congressional testimony on how DHS led government efforts to mitigate the WannaCry ransomware attacks. Also, reports on ransomware defenses as well as big data and machine learning combining to secure IT.
A watchdog agency's audit of Virginia's Medicaid information systems found security weaknesses that could potentially leave beneficiaries' data vulnerable. Security experts say the audit's recommended improvements are needed at many healthcare organizations.
Reporting software vulnerabilities can be legally dicey, particularly if the affected company has not previously had contact with computer security researchers. A Sydney consultant recently experienced both ends of the spectrum while investigating building management software.
The ISMG Security Report leads with an analysis of how tactics used by Kremlin-tied actors to target political groups in France, Germany and the U.S. to influence foreign elections could be employed to damage the reputation of businesses.
Biometric adoption and demand by consumers is increasing rapidly. Next-gen solutions now exist for organizations to bring secure, frictionless authentication to their consumers using biometric solutions. Michael Lynch of InAuth shares insights.
Enterprise security leaders largely understand the business problems posed by a lack of privileged access management. But understanding and overcoming the obstacles to deploying a successful PAM rollout? That's the real challenge, says Alex Mosher of CA Technologies.
Businesses that fail to block former employees' server access or spot any other unauthorized access are asking for trouble. While the vast majority of ex-employees will behave scrupulously, why leave such matters to chance?
Password manager LastPass has deployed a server-side fix to repair a vulnerability that could have allowed an attacker to steal a victim's passwords. It's the latest finding from Tavis Ormandy of Google's Project Zero, who's since reported another flaw in LastPass.
With apologies to Troy Hunt, the last thing you want to see in the morning as you're having your first cup of coffee and scanning the interwebz for cat videos is a notice from his "Have I Been Pwned" breach-alert service.