Is now the time to deploy passwordless options?
Over the past several years, experts have recognized that perhaps the best password strategy for your application logins is to have no password at all, what has been often labeled as “passwordless.” It is a bit of a misnomer, as you’ll see as we investigate the commercial options. The passwordless concept has seen various innovations,…
Attackers Use Unicode & HTML to Bypass Email Security Tools
Cybercriminals have been spotted using HTML/CSS and Unicode tricks to bypass tools meant to block malicious emails, marking a new twist in phishing techniques, security researchers report. Attackers are continuously testing enterprise security systems and exploring new ways to get through. Some rely on hidden text and zero-font attacks, in which they put invisible characters…
The cybersecurity skills shortage is getting worse
For the past four years, ESG and the Information Systems Security Association (ISSA) collaborated on a research project focused on the experiences, opinions, and careers of cybersecurity professionals (download this year’s report). At the risk of appearing like Chicken Little, I am quite alarmed. The security industry continues to address major issues with a combination…
Digital Transformation: Breaking Down Silos for Better Data Security
Today, enterprises are under pressure to improve the power and reduce the cost of running mission-critical business applications by migrating to modern software architectures. By breaking down the silos between adjacent teams and the tools they use, security teams can do this at the same time as they take steps toward zero trust and true…
16 top endpoint protection platforms
Endpoint security has long been an important part of cybersecurity within any enterprise’s overall security architecture, particularly to provide protection for remote devices that connect to an enterprise network. When laptops, smartphones, or desktop computers connect to a network, they establish network nodes and create points of vulnerability. Endpoint security might also be used with…
3 tips to increase speed and minimize risk when making IT decisions
There is nothing like a crisis to create a sense of urgency and spawn actions. This is especially true for enterprise IT teams, who are tasked with new responsibilities and critical decisions. Speed matters in the heat of the moment and many leaders may not take the necessary steps to assess the risk of their…
SAP Releases August 2020 Security Updates
The most important of these is a cross-site scripting (XSS) flaw in the Knowledge Management component of NetWeaver. Tracked as CVE-2020-6284 and featuring Hot News priority, the issue has a CVSS score of 9. A default component of all SAP Enterprise Portal installations, Knowledge Management allows users to manage data sources in multiple formats, to…
Businesses prioritize security and collaboration tools to manage sustained remote work environments
77 percent of IT professionals believe they were prepared to manage the rapid shift to remote work during the COVID-19 outbreak, according to TeamViewer. Among those surveyed, the percentage working from home had abruptly jumped from 28 percent prior to the pandemic to 71 percent during the outbreak. The survey included more than 200 IT…
Why the rapid transition to cloud demands that DevOps shift left
To accommodate remote work policies amid COVID-19, companies have increasingly adopted the public cloud to support off-site business continuity. A MarketsandMarkets analysis found that due to the impact of the current crisis, the cloud market is expected to grow from $233 billion in 2019 to $295 billion by 2021. The transition to remote work by…
Qualcomm, MediaTek Wi-Fi Chips Vulnerable to Kr00k-Like Attacks
Cybersecurity firm ESET reported in February that billions of Wi-Fi-capable devices may have been at one point affected by a vulnerability that could have been exploited to obtain sensitive information from wireless communications. The security hole, named Kr00k and tracked as CVE-2019-15126, caused affected devices to use an all-zero encryption key to encrypt some of…
