Aligning With NSA’s Cloud Security Guidance: Four Takeaways
The National Security Agency (NSA), in conjunction with the Cybersecurity and Infrastructure Security Agency (CISA), recently released its “Top Ten Cloud Security Mitigation Strategies” for organizations to make their cloud environments more secure. The report contains a Cybersecurity Information Sheet (CSI) for each strategy, which includes MITRE ATT&CK and D3FEND ... Read More
How to Use Context-Based Authentication to Improve Security
One of the biggest security weak points for organizations involves their authentication processes. According to Google Cloud’s 2023 Threat Horizons Report, 86% of breaches involve stolen credentials. Our own research found that 60% of organizations reported authentication-related breaches in the past year. Context-based authentication offers an important tool in the ... Read More
Five Things To Know About PCI DSS 4.0 Authentication Requirements
The Payment Card Industry Security Standards Council recently updated their Data Security Standard (PCI DSS) for protecting payment card data. The latest version, PCI DSS 4.0, introduces more than 60 new or updated requirements, with new directives around passwords and multi-factor authentication (MFA) among the most consequential ... Read More
The State of Passwordless Security 2023: Report Recap
Cyberattacks continue to increase at an alarming rate, and many security breaches can be traced back to an authentication issue. Whether a password or a password plus an additional authentication factor, attackers are adept at bypassing them at scale. For example, over 100 million multi-factor authentication (MFA) attacks were recorded ... Read More
Authentication Security in the Finance Industry: 2022 Report | HYPR
As the most targeted industry for attacks, and one of the most closely watched by regulators, financial organizations are generally fierce proponents of cybersecurity innovation. Yet we continue to hear about attacks that circumvent the protocols guarding authentication and access to financial institution services and systems. Just last month, Flagstar ... Read More
The State of Passwordless Security in 2022: Report Recap
The spate of recent high-profile, authentication-linked cyberattacks — Solar Winds, Colonial Pipeline, the list goes on — put a spotlight on the failure of current authentication security practices. Vast collections of leaked passwords and readily available automated hacking tools, together with the expanded attack surface of many organizations, has escalated ... Read More
