These days, it’s not a matter of if your password will be breached but when. Major websites experience massive data breaches at an alarming rate. Have I Been Pwned currently has records from 705 sites comprising 12.6 billion accounts. This includes well-known names like Wattpad, Verifications.io, and Facebook.
Security teams are getting restless. Before founding Tines, I spent 15 years in the SOC leading teams charged with protecting organizations from ever-evolving threats. Over that time, the challenge facing SOC analysts became harder, not easier: workloads are increasing, but teams aren’t growing alongside them. SOC analysts are burning out as a result of tedious and repetitive tasks.
There are several ways in which passkeys are different from passwords in terms of how they are created, how they are filled into websites and how they are secured. Passwords are user-generated whereas passkeys are automatically generated using public key cryptography. Unlike passwords, passkeys are a new type of digital credential that is phishing-resistant and can’t be easily compromised. However, only a few websites currently support passkeys.
U.S. court employees need to access dozens of systems and applications in order to complete their duties. These employees may also have access to Personally Identifiable Information (PII), which must be securely stored and managed with strict access controls. Court systems need a way for employees to easily and securely access systems, and share passwords and files among teams.
Zero-days are out there. Lurking just under the surface, waiting for the right moment to strike. A security team can do everything right and still experience a zero-day attack in its supply chain. And with innumerable configurations, devices, and platforms that can be exploited, zero-day exploits are becoming more common than ever.
In a world where AI is everywhere, cybersecurity regulations are on the rise, and cyber insurance is booming, we need standardized metrics for cybersecurity. Remember, you can’t manage what you can’t measure. A recent report by SecurityScorecard and the Cyentia Institute discovered a startling fact: 98% of organizations have a third party with a breach in the last two years. In cybersecurity, metrics matter; knowing how to communicate and report on metrics is essential.
Decathlon is a global sporting goods retailer with over 100,000 employees and 1,700+ storefronts worldwide. In 2022, Decathlon reported 15.4 billion euros of net sales revenue, shared with 55,000 shareholding teammates. However, Decathlon suffered a significant data leak a year before its substantial revenue report. Credentials from that attack have resurfaced recently, putting the private information of nearly 8,000 individuals at risk.
In mid-August, state officials in Connecticut began receiving worrisome complaints from constituents about a potentially dire situation unfolding at local hospitals. One such message, from a woman on Facebook, relayed a desperate plea for help on behalf of her 71-year-old father, who, she claimed, had spent the last two days on a gurney in an emergency room hallway.
The phrase “digital transformation” gets thrown around a lot these days when discussing IT infrastructure. A popular — albeit slightly vague — buzzphrase for a reason, digital transformation, in this context, simply refers to the idea that businesses are working to modernize their operations and leverage the power of new technologies.
New research from TechTarget’s Enterprise Strategy Group (ESG) has identified that organizations’ application security programs struggle to keep up with the pace of software development, and it reveals best practices to secure modern software applications.
