NIST updates cybersecurity framework

It’s been a long time coming. The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) recently released version 1.1 of the Framework for Improving Critical Infrastructure Cybersecurity, or affectionatey called the Cybersecurity Framework. The initial framework was created to help organizations that operate critical infrastructure better secure their ... Read More

As GDPR deadline looms, readiness lags

The deadline to GDPR (the EU’s General Data Protection Regulation) is now about a month away. Guess what? One-third of SMBs still aren’t ready to comply, according to Janco Associates. The consultancy reviewed the compliance plans of 200 small and mid-sized businesses and found that 34 percent are not ready ... Read More

OPM provides guidance to address cybersecurity skills gap

It’s hard to find (read: near impossible) an organization that thinks it has all the cybersecurity expertise that it needs. Whether it’s finding good CISOs, cloud security architects, application security experts, or whatever — finding skilled cybersecurity talent is one of the biggest challenges that face technology teams today. Recently, ... Read More

Privileged identity management set to rise through 2022

In identity management, privileged accounts pose special risks. These types of accounts generally grant higher levels of access than typical accounts. They provide high levels of access to endpoint operating systems, servers, databases, identity directories, systems management software, and application software among others. When an insider abuses access, or an ... Read More

Confidence in Canadian business data safeguards erodes as identity theft concerns rise

According to a survey commissioned by the Chartered Professional Accountants of Canada (CPA Canada), concerns about identity theft are rising and the protections Canadian businesses have put into place to safeguard personal information are falling. The changes in concerns weren’t dramatic, but all indicators went the wrong way According to ... Read More

IoT primes identity management for continued investment growth

IoT is slowly taking hold within enterprises and it’s often doing so as the foundation of Industry 4.0. This is a trend that’s likely to accelerate as IoT not only transforms how consumers use and interact with the devices around them, but also promises to transform manufacturing through smarter factories ... Read More

Identity fraud adapts to new defenses, study finds

Identity fraud is one of the biggest fears associated with data breaches involving personally identifiable information. No one wants someone to compromise their financial or credit accounts, or worse yet — have their identity successfully stolen. But according to a recently published survey, the number of such victims increased by ... Read More

NIST takes aim at blockchain security hype

Blockchain technology is all the rage right now. Largely because of the glitz of Bitcoin. While the concept of blockchain has been around since the early 1990s, it wasn’t until the advent of Bitcoin in 2009 that the idea of blockchains and distributed immutable ledgers grew popular as a concept ... Read More

Majority of employees in US unaware of GDPR mandates

Well, there is good news and there is bad news. The good news we covered last month, with our post covering a survey that found increased cybersecurity awareness among business leaders could be attributed to the EU’s General Data Protection Regulation (GDPR). Now for the bad news. With only a ... Read More

How long is your window of vulnerability?

Enterprises are getting pummeled with security-related software patches. It seems every day there is a new bug discovered that sends teams scrambling to patch. It’s a wonder they manage to keep up with the continuous vulnerability delivery pipeline that the software industry inflicts on its users. According to the CVE ... Read More