New NIST Companion Guide, IAM Roadmaps, and IoT headline this week’s digest of IGA and cybersecurity articles.
Thanks for checking out this week’s digest of IGA and cybersecurity articles. Click here to view the healthcare-focused digest.
Peruse our resources for webinars, case studies, infographics, and educational videos. Subscribe to our Identity Management biweekly and/or our Healthcare Cybersecurity and IAM digest, delivered Tuesdays at 8 PM ET.
11 Must-Read IGA and Cybersecurity Articles
NIST Has a New Cybersecurity Companion Guide via Federal News Network
Having just finished a multi-year revision of what you might call the bible of cybersecurity controls, there’s something new. The National Institute of Standards and Technology (NIST) cybersecurity crew has a new, companion guide. With an update, NIST Fellow Ron Ross joined Federal Drive with Tom Temin.
5 Benefits of IAM Roadmaps via Idenhaus
IAM Roadmaps marry the strategic plan to the tactics that need to be carried out by stakeholders to build new organizational muscle. They layout new ways of working with the IAM/IGA solution, and they drive responsibility for moving the program forward.
Hang up the Phone: MFA’s Insecure Reliance on SMS via SecurityBoulevard
The problem with MFA and authentication by cellphone is that it requires the device itself to be secure and authenticated. It has to be a secure device with secure authentication on a secure and authenticated network, without data leakage or credential leakage and with a device and network authentication that cannot be altered and spoofed.
Defining Security Policies to Manage Remote Insider Threats via ITSecurityNews
Regardless of the complexities that each organization faces, one thing is clear: Every company must have a robust security policy that considers remote employees.
The Senate by unanimous consent passed legislation to mandate certain security requirements for internet of things devices purchased by the federal government, moving forward legislation that had been stalled on Capitol Hill since 2017.
Europe Has No Strategy on Cyber Sanctions via LawfareBlog
On July 30, the European Council announced its first ever cyber sanctions package, which comprised travel bans and asset freezes, against various entities and individuals for their respective cyberattacks against the European Union and its member states.
IT modernization has become the focal point of large-scale enterprises. This meant digitizing processes via cloud services. The goal is to maintain security and flexibility while supporting a partially remote workforce.
Business interruption drives 60% of cyber losses: Allianz via Business Insurance
AGCS’s analysis of more than 1,700 cyber insurance claims worth €660 million ($781.5 million) in the past five years also reveals that the average cost of cybercrime for organizations has increased 70% to $13 million. Meanwhile, the number of attacks has risen by 60%.
Findings: The Forrester Wave: Privileged Identity Management (PIM), Q4 2020 via SolutionsReview
Among the key capabilities appearing in The Forrester Wave: Privileged Identity Management (PIM), Q4 2020 researchers note the importance of user experience and PIM support in the most significant solutions. Therefore, they emphasize a seamless PIM experience and the ability to address new use cases like cloud, DevOps, bots, and the IoT. The former can be achieved in part through multifactor authentication and Single Sign-On.
There were some newcomers to the list this year like ‘naruto’ and ‘yugioh,’ coming in at 112 and 142 respectively. Anime fandom aside, the list shows just how lacking passwords are for the current moment. Coming in at number one is ‘123456,’ and it was used 2,543,285 times…come on, people.
As HR starts making changes that impact IAM integrations without coordinating with IT, it degrades service levels, decreases end-user productivity, creates an increased risk of audit findings, and can undermine the organization’s security posture.
To receive the top identity and cloud security articles in your inbox every two weeks (Tuesdays 8 PM EST), subscribe to our Identity Management biweekly and/or our Healthcare Cybersecurity and IAM Digest.
Idenhaus was named one of the 10 Most Promising Identity Governance and Administration Consulting/Service Companies 2019 by CIO Review!
By going to work quickly to solve the most challenging cybersecurity and identity management problems, Idenhaus takes the pain out of securing corporate information and assets for companies that aspire to maximize their potential in this digital age. Click here to contact us