Business Email Compromise (BEC), Cloud Security, and Privacy headline this week’s Identity Management digest.
Thanks for checking out this week’s Identity Management digest. Click here to view healthcare-focused cybersecurity articles.
Peruse our resources for webinars, case studies, infographics, and educational videos. Subscribe to our Identity Management biweekly and/or our Healthcare Cybersecurity and IAM digest, delivered Tuesdays at 8 PM ET.
Idenhaus Cybersecurity and Identity Management Digest
Cybersecurity Incident Response: Everything You Need To Know via Idenhaus
Incident response, which is one of the most critical domains of cybersecurity, begins with a proactive strategy and well-defined processes to deal with a security incident.
What Is the EU Cybersecurity Act and What Does It Mean for US-Based Businesses? via TripWire
Any business offering ICT products, services, or processes within the EU, whatever their size, are affected by the Cybersecurity Act and should begin monitoring the ENISA and EU websites for updates on EU cybersecurity certification schemes.
Is API Usage Putting Your Organization Out of Compliance? via CyberDefense Magazine
The fragmented API management space, along with an increase in decentralized development, has created a situation where most enterprises lack even the most basic understanding of their API landscape.
Google: Eleven zero-days detected in the wild in the first half of 2020 via ZDNet
According to data collected by Google’s Project Zero security team, there have been 11 zero-day vulnerabilities exploited in the wild in the first half of the year.
Elon Musk Confirms, Tesla Factory a Target of Foiled Cyberattack via ThreatPost
An employee at the Nevada factory was allegedly approached by a Russian national who offered up $1 million to infect the company with malware and compromise its networks. But the employee instead reported the incident to Tesla officials, who alerted the FBI.
Critical Update: Why a Government Vulnerability Disclosure Program Is a Big Deal via NextGov
The new policy could change the government’s relationship with hackers but some agencies have reservations.
Brand impersonation is a go-to tactic for attackers, especially for credential phishing and BEC attacks via HelpNetSecurity
Trends in BEC and email security during Q2 2020 included a peaking and plateauing of COVID-19-themed email attacks, an increase in BEC attack volume and acceleration of payment and invoice fraud, according to an Abnormal Security report.
Know the threats to mobile security via HelpNetSecurity
In order to offer that seamless, omnichannel experience consumers crave, financial institutions have to understand the malicious actors and fraudulent tactics they are up against. Here are a few that have to be on the mobile banking channel’s radar.
Stop the Cyber-Attack Cycle with Privileged Access Management via Infosecurity Magazine
Based on analysis by CyberArk Labs of common cyber-attack vectors and tactics, here are four ways that prioritizing privileged access management can better arm businesses to defend against them.
What is Machine Identity Management? via SecurityBoulevard
The role of machine identity management is to handle the discovery, management, and automation of credentials used by machines. These solutions should also be designed to address the scale and complexity of modern IoT, application development (or DevOps) and multi-cloud use cases.
Identity Mismanagement: Why the #1 Cloud Security Problem Is about to Get Worse via InfoQ
Organizations looking to improve their IAM should focus on four areas: Scaling Single Sign On; Centralizing IAM; Scaling Multi-Factor Authentication; and improving employee skill sets.
Business Email Compromise Attacks Involving MFA Bypass Increase via DarkReading
In these attacks, a threat actor who might have obtained the username and password to an MFA-protected email account — via a paste site, for instance — would access the account by signing in from a legacy app that does not enforce MFA.
How Facebook and Other Sites Manipulate Your Privacy Choices via Wired
Researchers call these design and wording decisions “dark patterns,” a term applied to UX that tries to manipulate your choices. When Instagram repeatedly nags you to “please turn on notifications,” and doesn’t present an option to decline? That’s a dark pattern. When LinkedIn shows you part of an InMail message in your email, but forces you to visit the platform to read more? Also a dark pattern.
What is the cost of a data breach? via CSOOnline
Data breach costs can be ongoing for years, a new study finds. Here’s the breakdown of costs and advice on how to minimize them.
Mastering Identity Management: A Better Process for Vendor Evaluation via Idenhaus
Selecting a vendor for your Identity Management solution can be an overwhelming task. The market is crowded, product functionality covers a wide range of features, and the investment in both money and time is guaranteed to lock in the business for 2-3 years. If the chosen product comes up short in a key area, the impact on your organization can be profound.
To receive the top IAM and Cybersecurity articles in your inbox every two weeks (Tuesdays 8 PM EST), subscribe to our Identity Management biweekly and/or our Healthcare Cybersecurity and IAM Digest.
Follow @Idenhaus on Twitter and subscribe to our YouTube channel.
Idenhaus was named one of the 10 Most Promising Identity Governance and Administration Consulting/Service Companies 2019 by CIO Review!
By going to work quickly to solve the most challenging cybersecurity and identity management problems, Idenhaus takes the pain out of securing corporate information and assets for companies that aspire to maximize their potential in this digital age. Click here to contact us