Protecting Tomorrow’s World: Shaping the Cyber-Physical Future

November 29, 2024 at 06:21AM The webinar “Shaping the Cyber-Physical Future: Trends, Challenges, and Opportunities for 2025” examined the integration of digital and physical realms, addressing emerging technologies, security concerns, and strategies for businesses. Key trends impact the evolving threat landscape, emphasizing the need for robust security measures, proactive threat detection, and comprehensive cyber-physical preparedness … Read more

Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority

November 19, 2024 at 07:49AM Organizations must evolve their approach to Privileged Access Management (PAM) by prioritizing security over merely managing access. With advanced cyber threats emerging, adopting a proactive strategy that includes continuous monitoring, real-time threat response, and robust security controls is essential to effectively protect privileged accounts and sensitive systems. ### Meeting Takeaways: … Read more

The true (and surprising) cost of forgotten passwords

November 14, 2024 at 11:16AM Password resets are costly, averaging $70 per reset, impacting productivity, innovation, and security. With employees averaging two resets annually, organizations can incur significant expenses. Implementing self-service password reset solutions can save about $65,000 annually by reducing helpdesk dependency, wait times, and enhancing user experience, particularly for hybrid workforces. ### Meeting … Read more

Managing third-party risks in complex IT environments

November 12, 2024 at 10:14AM Join the webinar on December 3rd at 11 AM ET with Steve Toole from SailPoint, discussing risks of third-party access to systems and data. Learn about identifying risks, mitigation strategies, and fostering a security-first culture. Ideal for IT managers and security professionals. Register to enhance third-party risk management practices. **Meeting … Read more

Can Automatic Updates for Critical Infrastructure Be Trusted?

November 4, 2024 at 10:06AM In July, a major tech outage caused $5.4 billion in damages, prompting a critical reevaluation of automatic updates and the C-I-A triad (Confidentiality, Integrity, Availability). The CrowdStrike incident emphasizes the need for better vendor transparency, rigorous testing, and a balanced focus to enhance cybersecurity resilience and trust. ### Meeting Takeaways … Read more

Recall that Recall recall? Now Microsoft thinks it can make Windows feature palatable

September 27, 2024 at 04:23PM Microsoft has revised its Recall feature for Copilot+ PCs, assuring its security. Recall captures PC activity and can be searched or visually reviewed with AI. It faced privacy concerns but will be released to Windows Insiders in October. The system is opt-in, encrypts snapshots, and has strict security measures, aiming … Read more

Platform Engineering Is Security Engineering

September 10, 2024 at 10:06AM Platform engineering’s success hinges on prioritizing operational and application security. Embracing a “security-first” approach minimizes toil, enhances efficiency, and limits the impact of potential attacks. Key strategies include implementing least privilege access, secure defaults in configuration management, integrating security into CI/CD pipelines, and adopting GitOps for enhanced version control and … Read more

Microsoft makes Windows Recall opt-in, secures data with Windows Hello

June 7, 2024 at 12:40PM Microsoft is updating its AI-powered Recall feature for Copilot+ PCs following customer pushback. The feature will now require user opt-in and Windows Hello verification for use. Additionally, Recall’s data encryption and security measures are being enhanced. These updates will be released with Recall’s preview on June 18, with potential changes … Read more

Security is hard because it has to be right all the time? Yeah, like everything else

February 25, 2024 at 11:13AM The text describes the importance and complexity of integrating security into system designs, emphasizing the need to prioritize security throughout the entire process. It also discusses the challenges and unique aspects of security, emphasizing the importance of understanding requirements, assumptions, and mechanisms, and decomposing the system into elemental components to … Read more