August 30, 2024 at 10:09AM CISOs face growing pressure as data breaches dominate headlines. The SEC’s new disclosure requirements put more accountability on them, recognizing identity management as crucial. IAM should report to CISOs and separate from IT to ensure effective governance. Implementing identity protection and micro-segmentation can mitigate breaches. CISOs need more organizational power … Read more
May 16, 2024 at 11:01AM Nissan North America reported to the Maine Attorney General about a ransomware attack last year, compromising personal information of over 53,000 employees. Though no confirmed instances of fraud or identity theft were reported, the company has offered free protection services to affected employees. The attack is thought to follow a … Read more
March 8, 2024 at 08:07AM The NSA released guidelines for zero-trust network security, aiming to bridge the gap between desire and implementation. As businesses increasingly adopt zero trust in the cloud era, the approach to network security is evolving. The document emphasizes network segmentation as a fundamental practice and recommends a methodical approach in implementation … Read more
December 18, 2023 at 11:39AM Security researcher Ben Barnea revealed two security flaws in Microsoft Windows that were patched in 2023. These flaws, CVE-2023-35384 and CVE-2023-36710, could be exploited by threat actors to achieve remote code execution on Outlook without user interaction. Mitigation recommendations include microsegmentation and addressing NTLM vulnerabilities. For further updates, follow the … Read more