Every two weeks we curate the top Identity Management and Cybersecurity articles from around the industry. Today’s digest covers topics from OT/IT collaboration to DDoS and ransomware to biometrics and digital identity. Check out these 10 must-read IAM and cybersecurity articles from early August 2016.
If you would prefer to receive an even shorter digest, please subscribe to the Idenhaus Identity Management & Cybersecurity biweekly to receive the top 5 IAM and Cybersecurity articles.
Key escrow — the process of keeping a set of keys for yourself “just in case” — has always been the U.S. government’s modus operandi when it comes to security. That plan backfired for the TSA. The TSA offers a set of screener-friendly locks. These locks use one of seven master keys that only the TSA can use — until 2014. In an article in The Washington Post, a reporter included a shot of all seven keys on a desk. It wasn’t long before nearly all the keys were made available for 3D printing and, last week, security researchers released the final key. Read more >>
The second quarter of 2016 saw cybercriminals paying close attention to financial institutions working with cryptocurrency. Several of these organizations cited DDoS attacks as the reason for ceasing their activities. Intense competition leads to the use of unfair methods, one of which is the use of DDoS attacks. Another trend is the use of vulnerable IoT devices in botnets to launch DDoS attacks. Read more >>
Barclays is the latest major bank to use biometrics technology to authenticate its customers after sharing plans to roll out voice recognition to its telephone banking service this week. Read more >>
The new cyber reality has made operational technology (OT) operators crucial to securing manufacturing networks—the most targeted sector of industrial cyber-attacks in 2015. OT Operators, long considered outside of the cyber fold, are playing an essential role in the adoption of new industrial technologies that increase the productivity and efficiency of Industrial Control Systems. Read more >>
Almost half of all companies have been the victims of a ransomware attack during the past 12 months, according to a new report. And while globally, 40 percent of them have paid the ransom, 97 percent of U.S. companies did not. Read more >>
The purpose of a cyber risk profile is to assess your organization’s insurability. The work you do upfront can go a long way toward ensuring you get adequate cyber insurance coverage and a better rate to boot. Read more >>
“Ransomware is the new DDoS. You have experienced, sophisticated hackers using ransomware as the upfront distraction that sets the organization into chaos and occupies the time of their IT people. It allows for the mercenary to go in, map the network, find vulnerable devices and set up beachheads for future attack.” Here’s how to defend against attackers and avoid ransom demands. Read more >>
The following is an excerpt from of Digital Identity Management by authors Maryline Laurent and Samia Bousefrane and published by Syngress. This section from chapter three outlines the definition and principles of biometry and the TLS protocol. Read more >>
The National Guard has always played a role when natural or manmade disasters cause a disruption in local critical infrastructure. With its recent but growing investments in cyber capabilities, the Guard is well positioned to play a larger role in protecting critical infrastructure from cyber as well as physical attacks. This is particularly true of the electric power grid, for which Guard units in a growing number of states have begun building sophisticated cyberdefense capabilities. Read more >>
Out of 41,000 U.S. households, 19% reported security breaches, identity theft, or other malicious activity in the previous 12 months. What’s of greater concern is the chilling effect this has had on online activities. Nearly half of online households said that their worries had stopped them from engaging in financial transactions, buying goods or services, posting on social networks, or commenting on political issues online; 30% refrained from at least two of these activities. Read more >>
If you enjoyed these articles, signup below to get the Idenhaus Identity Management & Cybersecurity News delivered to your inbox.
Idenhaus specializes in Identity and Access Management (IAM) Consulting to help our clients solve the most challenging IAM problems and avoid the most common pitfalls. We take the pain out of implementation by using experienced consultants who follow a mature methodology to lead your team from initiation to implementation. Contact us for more information.