Research, news and updates on threats and cybersecurity
Preventing common passwords in Active Directory is critical for protecting sensitive employee, user, and customer accounts. Why Should Organizations Screen for Regularly-Used Passwords? Many employees use weak passwords and are completely unaware of it. They can’t imagine their specific password is a common password that’s being chosen by other people as well. The organization and the employee both think their …
Most employees will create or reuse passwords that are expected or similar to previous passwords. This can be expected passwords in the form of a root password that gets changed by just a few characters or even just capitalization. Once again, attackers know that this is a common practice on any system with users logging in, so organizations also need …
The need for increased technology regulation is a hot topic, as concerns continue to grow about the risks from deepfakes to machines going rogue. Our connected world appears fraught with problems that make more legislation seem inevitable if we are to have any hope of protection. California is leading the charge and is the first state to introduce sweeping privacy …
The Health Insurance Portability and Accountability Act (HIPAA) describes how organizations must keep protected health information (PHI) secure. So how exactly are employee passwords supposed to be handled in light of HIPAA? It’s important to understand how HIPAA handles the topic of passwords in order for organizations to properly implement the guidelines in their data protection strategies. What Organizations are …
New cybersecurity threats are continuously emerging in light of our increasingly connected world, AI, 5G, and other enterprise trends. In this ever-changing landscape, there is one constant: passwords remain the primary authentication method for accessing corporate systems and applications—and employees are notorious for utilizing pwned passwords. The use of pwned passwords, or passwords that have been previously exposed in data …
For many cybersecurity professionals, one of the more surprising ideas to come out of 2019 is the recommendation to drop forced password expiration policies. Forced password expiration policies have been around for many years now and are a widespread element of cybersecurity frameworks within organizations across the world over. However, we’re now being told they may not be necessary. Password …
Digital identity and digital privacy, while always a hot topic, has been particularly newsworthy lately with Facebook refusing to create a backdoor for law enforcement to gain access to its encrypted messaging products. According to the company, “People’s private messages would be less secure and the real winners would be anyone seeking to take advantage of that weakened security.” Positioning …
2020 will be another interesting year for Cybersecurity, here are our predictions as we kick off a new year. We have entered a new decade with many innovations expected to come to fruition. However, when it comes to cybersecurity, the challenges encountered in the 2010s will remain, with high profile breaches and attacks continuing at a relentless pace. From deep …
Our recommended healthcare password policies that complement and support HITRUST. Since its founding in 2007, HITRUST (Health Information Trust Alliance) champions programs that safeguard sensitive information and manage information risk for global organizations across all industries. HITRUST works with privacy, information security, and risk management leaders from the public and private sectors, to develop common risk and compliance management frameworks, …
