Collaborate Disseminate
Financial Services companies operating in the State of New York have until September 3, 2018 to be in compliance with the new mandates of the New York State Cybersecurity Requirements for Financial Services Companies, known as 23 NYCRR Part 500. While … Continue reading New York State Cybersecurity Law: Encryption Deadline Coming September 3, 2018
Cisco is planning to buy Duo Security, a company that provides enterprises with secure multi-factor authentication services, for $2.35 billion, the two companies announced on Thursday. Duo Security is largely seen as a leader in the multi-factor authentication space and is best known for its “zero-trust” security platform, which helps companies verify the identity and trust of the various user endpoints on their networks. Based in Ann Arbor, Michigan with other offices in the U.S. and London, the company has raised more than $121 million in venture capital funding since it was founded in 2010. “Cisco created the modern IT infrastructure, and together we will rapidly accelerate our mission of securing access for all users, with any device, connecting to any application, on any network,” said Duo CEO Dug Song in a statement. “By joining forces with the world’s largest networking and enterprise security company, we have a unique opportunity […]
The post Cisco to acquire Duo Security for $2.35 billion appeared first on Cyberscoop.
Continue reading Cisco to acquire Duo Security for $2.35 billion
It?s time to think beyond the password to be sure users can connect conveniently to the resources they need while you increase security. Learn how implementing multi-factor authentication across all points of connection?VPN, SaaS apps and more?assures … Continue reading Beyond the Password: Implementing MFA at Every Connection Point
When it comes to cybersecurity, the United States government is great at talking the talk, yet consistently falls short of walking the walk. Unless the U.S. government actually implements the cybersecurity best practices it touts, the nation and its citizens will continue to be at an increased risk of a cyberattack. The government has already acknowledged the need for multi-factor authentication. In 2003, it started fielding Common Access Cards (CAC) in the military, as well as Personal Identification Verification (PIV) cards in civilian agencies. At that time, the game plan was to complete the MFA implementation across the government before the end of 2008. In April 2015, MFA implementation levels hovered below 50 percent. The massive breach at the Office of Personnel Management (OPM), which leveraged compromised user name and password credentials, could have been stopped with more rigid MFA practices. It wouldn’t have made this attack impossible, but […]
The post Advice for the U.S. government: Stop talking and start doing appeared first on Cyberscoop.
Continue reading Advice for the U.S. government: Stop talking and start doing
As more IT admins look to shift their directory services to the cloud, many are coming across the leading solution, JumpCloud® Directory-as-a-Service®. As a part of preparing to move from an on-prem identity provider to Directory-as-a-Service… Continue reading Directory-as-a-Service® Replacement
Google says its workforce has been phish-proof for more than a year. The impressive security stat is due to small USB security keys issued to all 85,000 of the company’s employees. Companies that produce these small pieces of hardware, like Yubico, have seen tremendous growth over the last two years thanks to rapidly accelerating adoption — but they will now have fresh competition. Google will soon start widely selling its own Titan Security Key, which includes firmware developed by the omnipresent tech giant itself. The product is available now to Google Cloud customers and will eventually be available to general customers, the company announced Wednesday at its Google Cloud Next conference in San Francisco. Like similar keys from other companies, it will provide a second authentication factor for software use, network access, account management and other services. When the hardware is linked to an account, a password isn’t enough — the user must plug in the […]
The post Security keys have been good to Google, so now it’s promoting one of its own appeared first on Cyberscoop.
Continue reading Security keys have been good to Google, so now it’s promoting one of its own
Looking for an easier way to add multi-factor authentication (MFA) to legacy and custom applications? Look to a next-generation firewall and MFA integration to enforce it at the network layer.
The post Multi-Factor Authentication Made Simple for Legacy… Continue reading Multi-Factor Authentication Made Simple for Legacy and Custom Apps
A roundup of the security news from July 9 – July 15, including sextortion, Spectre, cryptomining, mobile malware, ICO scams and more.
Categories:
Security world
Week in security
Tags: ad blockersandroid malwarecrypto miningdata breachdomestic … Continue reading A week in security (July 9 – July 15)
A massive breach has impacted up to 21 million users’ personal data and their social media “access tokens.” Continue reading Timehop Breach Impacts Personal Data of 21 Million Users
How many multi-factor authentication solutions does it take to secure VPN access today? Just one, if it?s the right kind of solution. Here?s what you need in today?s access environment to ensure legitimate users?and only legitimate users?can find their… Continue reading Multi-Factor Authentication for Your VPN: 3 Keys to Getting It Right