The U.S. Federal Trade Commission reports that impostor scams were the #1 type of fraud reported by consumers last year, with losses to American consumers nearly $30B. UK Finance reported an increase in authorized push payment fraud last year with loss of more than £479M, and top UK bank Barclays reported a 20%...
Multi-factor authentication is defined as two out of the three categories of knowledge, possession, and inherence
factors. For example, a password plus SMS OTP would be a combination of knowledge and possession; a
password with biometric would be a combination of knowledge and inherence.
However, there’s also a...
In this video, LogicGate and Protiviti explores the fundamentals of risk quantification and highlight how the practice empowers you to leverage the power of risk confidently and strategically.
Risk can be a confusing topic, summarized in heatmaps with low, medium, and high as the most accurate indicators.
While valuable to GRC pros, it’s only a small piece of the puzzle. And, more importantly, it’s decidedly not speaking the same language as the rest of the organization.
Risk professionals can now...
Threat actors are focusing a lot on Active Directory today as it is a path for them to reach an organisations key data & applications. The versatility of Active Directory makes it a crucial target for hackers. Organisations learn new ways on how to protect this valuable target and mitigate the risks. Organisations...
Years ago, when he was working in systems integration, Mirza Asrar Baig envisioned the concept of digital risk protection technology. Today, as CEO of CTM360, he is promoting it as a way to provide “offensive defense.”
There are hundreds of billions of passwords in the world
today, with more being created every day. In fact, the
average business user maintains an astounding average
of 191 passwords.1 Unfortunately, these passwords represent
a fundamentally weak link in most organizations because
they will always be...
PASSWORDS ARE FATALLY FLAWED. EVERYONE KNOWS IT.
Eliminating passwords completely is the only answer –
not using stronger passwords, password vaults, or adding
friction with multi-factor authentication. But eliminating
passwords is just the beginning.
Don't Stop At Passwordless Authentification. Implement...
Giving the right user secure access to a system, resource, application, or network hinges on one thing – accurately confirming the user’s identity. The problem is that attackers can steal and misuse these credentials for malicious purposes, and the organization would never know.
To protect against...
Customer identity and access management - CIAM - is coming of age, as enterprises seek a unified view of their customers. Keith Casey of Okta describes what CIAM maturity looks like - and how to get there via a new playbook.
In this eBook, Casey discusses:
How the CIAM conversation has changed in 2021;
Who and...
Making Passwordless Possible. 80% of breaches are still caused by weak or reused passwords, and 76% of employees experience regular password problems. When faced with the ongoing resource drain and security risks of passwords, what should IT teams do? Learn why your business should go passwordless, and how to give...
The clear message from this year's Global Password Security Report is businesses still have a lot of work to do in the areas of password and access security.
Businesses are increasing their use of important security measures like multifactor authentication - but unfortunately employees still have poor password...
The Internet of Things (IoT) is opening up new opportunities for businesses and consumers, and is the linchpin of almost every digital transformation initiative. However, IoT also presents considerable security risks and challenges for organisations, specifically attackers impersonating a trusted device could conduct...
Identity is you. Identity is the behaviour, devices, access, and attributes that are unique to you as an individual in the workplace. But identity is complex. Every employee has their own identity, so every identity needs to be properly managed. Otherwise, the wrong users can access the wrong apps and resources,...
One of the largest fines to date for violating the EU's General Data Protection Regulation has been announced by Germany's federal privacy and data protection watchdog, the BfDI, against 1 & 1 Telecommunications, in part for inadequate authentication mechanisms. The company plans to appeal.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing gdpr.inforisktoday.com, you agree to our use of cookies.
