The annual RSA Conference is huge for the cybersecurity community—in reputation, in scale, and in physical presence. If this were a normal year, over 40,000 security professionals would have convened in California for four days of vital conversations, workshops, and sessions.
Instead, as many other large-scale events have, the RSA Conference 2021…
As the COVID-19 pandemic and shelter-in-place regulations continue to keep people at home, businesses around the world have adapted to new ways of operating—with many looking to quickly deploy solutions to keep large remote workforces connected, productive, and secure.
Organizations in the banking and finance industries are no different—and with…
Modern organizations have embraced Software as a Service (SaaS) in a big way—and for good reason. Cost savings, increased efficiency, and boosted productivity are just some of the benefits of outsourcing IT solutions like email, app hosting, and data storage to independent third parties. In fact, solutions offered by cloud providers like Microsoft…
The Zero Trust security framework was first developed by John Kindervag in 2009 while he was at Forrester Research. Zero Trust challenged the traditional security model of a firewall forming a perimeter between a trusted internal network and an untrusted external one. This security approach breaks down if a threat actor is able to penetrate that…
The Forrester Zero Trust model, which has been around since 2009, argues that organizations should regard all network traffic as untrusted, regardless of where it’s coming from. The idea of a trusted internal perimeter leaves the organization at risk if that perimeter is compromised or an insider turns malicious.
Of course, the situation has…
Online data privacy has always been a controversial topic. The fact that users store data with third parties has demanded increased transparency on how these platforms actually store and process personal data. Data breaches resulting in compromised personal information have added fuel to the fire, proving that privacy concerns are warranted. These…
Defense in depth, the coordinated use of multiple security layers to protect system and data integrity, is a multi-layered strategic approach which is deployed to minimize the risk of compromise. The basic premise is that if one security countermeasure is defeated, there is another to ensure your systems remain secure.
MFA – Defense in Depth for…
The vision of a secure, passwordless experience on the web has long been on the minds of security professionals and password-fatigued users. An open standard called Web Authentication (or “WebAuthn”) is rapidly progressing towards achieving that vision after hitting a major milestone this week.
Specifically, on April 10 the World Wide Web…
Traditional authentication methods that rely on usernames and password integrity are widely considered to be broken. In fact, “Broken Authentication” sits at #2 in the OWASP Top 10 for application security risks. As organizations begin to move more sensitive data to cloud apps to take advantage of the productivity gains, the traditional perimeter…
