Stolen Credentials on the Dark Web: A Wake Up Call for Organizations Using KBA

Recent news accounts of security researchers discovering a database containing 1.4 billion breached credentials — reportedly, the largest such find on the Dark Web — is yet more evidence that online identity proofing that relies only on KBA (knowledge based authentication) and static passwords is no longer fit-for-purpose. The level of sophistication that cybercriminals bring to the dark web is unfathomable. Not only is stolen data aggregated, it has been... Read more The post Stolen Credentials on the Dark Web: A Wake Up Call for Organizations Using KBA appeared first on VASCO Data Security - Blog.
Read more

Privacy Laws: Who Owns Personal Data?

Who owns your data, and what privacy laws govern it? Well, that depends on where you live. If you own it, you should have control over it. If you don’t own it, how secure is it? Recent data breaches that affected the majority of Americans have began a national dialogue around the security of personal data. In fact, the high profile Equifax breach and others like it have prompted the... Read more The post Privacy Laws: Who Owns Personal Data? appeared first on VASCO Data Security - Blog.
Read more

NYDFS Cybersecurity Regulation Affects Insurance & Finserv Sectors

Earlier this year, the New York State Department of Financial Services (NYDFS) significantly increased the cybersecurity requirements for any financial services company doing business in the state. Given that New York City is the “Financial Capital of the World”, there are few organizations unaffected by the Cybersecurity Requirements for Financial Services Companies regulation. Section 500.12, requires all covered entities to use multi-factor authentication (MFA) for any individual accessing the Covered Entity’s internal networks from an... Read more The post NYDFS Cybersecurity Regulation Affects Insurance & Finserv Sectors appeared first on VASCO Data Security - Blog.
Read more

Telehealth Needs Secure Patient Identification Practices: What I Found Out From My Telehealth Experience

I recently registered as a patient on a leading telehealth provider’s website. I was very surprised around the lack of identity assurance.  The only verification requested was my insurance card and I had the option of skipping that step since insurance is not a prerequisite for service. WOW! In an era of stolen credit cards, stolen identities and ever prospering cybercrime, this is really not acceptable. Telehealth can become a... Read more The post Telehealth Needs Secure Patient Identification Practices: What I Found Out From My Telehealth Experience appeared first on VASCO Data Security - Blog.
Read more