Research, news and updates on threats and cybersecurity
Enable automated password policy enforcement with daily password auditing and customizable remediation. With compromised password detection, custom password dictionary, fuzzy matching with common character substitutions, and continuous ongoing monitoring; enterprises can easily adopt NIST password requirements and eliminate vulnerable passwords in Active Directory. Organizations can adopt NIST password standards to screen for weak, commonly-used, expected, and compromised passwords. Then they …
The US National Institute of Standards and Technology (NIST) just finalized new draft guidelines, completely reversing previous password security recommendations and upending many of the standards and best practices security professionals use when forming policies for their companies.
Why organizations need to react urgently to the state of password security, according to data from 451 Research In a recent brief titled “Love ‘em or Hate ‘em, Passwords Are Here to Stay,” 451 Research indicated that despite the stirrings of a passwordless revolution, the widespread use of passwords won’t be changing in the foreseeable future. The 451 brief points …
This list is a combination of proactive steps you can take, as well as activities you should avoid for protecting your password and personal data. One of the main barriers to robust cybersecurity is an educated populace and willing participants. We all want our data to be secure, but it’s also human nature to downplay the risks associated with poor …
When it comes to passwords, individual habits and organizational policies vary widely—unfortunately, the pattern is one of weakness. But organizational online security can be immediately improved by the implementation of a few key principles. Stronger passwords mean that users are keeping themselves safer online—and if users are safer online, it results in your organization staying safer as well. Updated NIST …
According to Verizon’s recently released 2020 Data Breach Investigations Report (DBIR), over 80% of hacking-related breaches involved the use of lost or stolen credentials. We analyzed the findings and uncovered some additional data points that underscore how pervasive and detrimental poor password practices are to businesses today. Looking at the DBIR data in detail, approximately 35% of all breaches were …
Over time passwords have become a ubiquitous part of our digital activities. They’re something we expect to create and manage for all of our accounts, and yet with all of our online accounts, having unique passwords can be difficult. Despite this, they remain the most common way of locking unauthorized persons out of our systems and away from our sensitive …
Organizations using Active Directory must update their password policies to block and detect compromised passwords, but comparing password monitoring vendors in this area can sometimes be challenging. Often, organizations are not sure how to compare vendors and are not sure what questions should be asked when working with password monitoring vendors. By asking the right questions, you can pick the …
Connected devices are becoming increasingly prevalent in the home, at the office, and everywhere in between. With 2020 widely predicted to see the arrival of mainstream 5G adoption, we can only expect the popularity of smart IoT products to grow. While the IoT certainly brings a number of efficiencies and conveniences, it also can represent a significant security vulnerability. As …
In early September 2019, the DLA Internet Bid Board System (DIBBS) implemented new password requirements in line with the updated Department of Defence (DoD) security requirements. As a portal for contractors to submit quotes and proposals to the Defence Logistics Agency (DLA), DIBBS is home to potentially sensitive information that must be protected with robust cybersecurity measures. The September 2019 …
According to an IDC report, global digital transformation spending reached $1.8 trillion in 2019—up nearly 18% from 2018. What’s more, the firm expects digital transformation investments to total more than $6 trillion over the next for years, with the study’s authors noting, “Digital transformation is quickly becoming the largest driver of new technology investments and projects among businesses.” But how …
Cybersecurity isn’t always a battle to keep hackers out at all costs. Sometimes it’s actually about making the costs just not worth the effort. This is particularly true when it comes to how passwords are stored on your server. Let’s take a look at how to make it more unreasonably costly to the hacker who just compromised the server that …
