Hot Topics

Hot Topics

Centrify’s industry experts discuss the biggest issues and hottest topics around the convergence of identity and compliance for data center, cloud and mobile users and applications across devices.


By , November 11, 2016

As an Artillery Officer in the United States Army, I am tasked with the challenge of understanding the enemy, their assets and capabilities, and from what vectors they can and will attack. Based on this knowledge and understanding, it is my responsibility to recommend to the commander on the ground: Where he should place his indirect fire assets (howitzers and mortars). Where he should place his observation platforms (forward observers, radars, and UAVs). What additional enablers (Fixed Wing and Rotary Wing Aircraft) he should request from higher headquarters to ensure his units are properly defended and conditions are set for…

By , November 7, 2016

What would happen to your company’s reputation or market share if its data was hacked? This article originally appeared on Inc. Magazine and is reprinted with permission. The recent release of Snowden, the 2016 film about exiled former cyber-security contractor Edward Snowden, highlights some of the inherent cyber-security risks that organizations face. These concerns have been reinforced by the controversy over hacked emails during the current election cycle. In Snowden’s case, it was the National Security Agency (NSA) that was breached, but the vulnerabilities he exploited exist in many enterprise-level companies as well. Security Breaches in recent memory While I worked at Symantec for the…

By , October 20, 2016

With European Cybersecurity Month in full swing, this week’s topic of discussion is “Cybersecurity Training.” Whilst cybersecurity training and awareness has undoubtedly improved, a common mistake is that it is often treated as a one-time tick-box exercise, rather than an ongoing process. As cyberthreats become part of the reality of daily business, the limitations of traditional security controls have been exposed and businesses need to recognise that cybersecurity is not simply a one-off task on the to-do list. A security breach is now assumed to be inevitable and whilst layering defensive security controls and tools are a step in the…

By , October 20, 2016

New HIPAA regulations are driving heightened security around electronic protected health information (ePHI) and Cloud Service Providers (CSP). These regulations detail the types of security for data in the cloud, as you might expect, but they also focus on securing and controlling the access to cloud systems, infrastructure and data. In the simplest terms, this means healthcare companies and their business associates (BA), need to focus on securing and managing resources IN the cloud, as well as securing and managing access TO the cloud. This can be broken down to mean that healthcare companies need to: Ensure cloud resources are…

By , October 19, 2016

The Secret to Security What if I told you that the secret to security was just one, simple and attainable thing? Fort Knox is the de facto standard of security. It has granite walls that are four feet thick, vaults housing gold constructed with 27 inches of steel and one of the largest surveillance network on earth. Not to mention, it has the U.S. Army guarding the facility.  Yet, there is “one thing” that really helps protect this compound. Area 51 is one of the most highly classified areas in the world. Its protective measures include elaborate fences, an actual army of…

By , October 13, 2016

In the midst of the WikiLeaks’ release of thousands of emails purportedly from his inbox, Hillary Clinton Campaign Chairman John Podesta has now become the victim of a hack into his Twitter account. CNN is reporting that Podesta’s account was hacked on Wednesday, September 12, and that, just as Clinton landed in Las Vegas, Podesta ostensibly tweeted, “I’ve switched teams. Vote Trump 2016. Hi pol.” While the specific details of the hack have yet to be discovered, a likely scenario is that Podesta’s Twitter account was protected solely by a username and password – without any form of two-factor authentication….

By , October 12, 2016

Cybersecurity Risk From the Break Room to the Board Room How can CFO’s enable an organization to effectively combat cybercrime, while reducing IT security budgets? If this sounds too good to be true, let me explain how it can be done. Cyber risk is present at every level in every company from the break room to the board room. In retail, data breaches occur in companies of every size; from Yellowfront, a one-store grocer in Maine to the massive Home Depot and Target breaches. Cyber awareness of social engineering attack modes is a management priority, and all employees have responsibility in preventing…

By , September 22, 2016

I have personally been on Yahoo email since it was released in 1997 (almost 20 years!). I remember how cool it was to have an email address that would live independently from my school, work and ISP accounts. This was especially cool because I lived in Silicon Valley and all three of those emails tended to change every few years. I have been a loyal user of Yahoo mail even when seemingly better or more popular alternatives were available (Gmail, AOL, me.com, Hotmail, etc.). Well, today is the day that I may finally consider making the move to another service. Turns out…

By , September 21, 2016

Snowden Movie Night Oliver Stone has brought “Snowden” to the big screen. Blimey. I’d finally stopped culling my social networks to the bone, put Mr. Robot hoodies in a box in the garage and stopped checking behind the shower curtain before getting in. Oh well. With hindsight and better insight, let’s reflect on some steps the government could take to mitigate this kind of situation happening again. In this blog, though, for a change, I’m going to start with the human angle instead of diving headlong into the technology. I want to highlight first the “people” in “people, process and…

By , September 16, 2016

New York Governor Andrew Cuomo’s announcement of proposed new and far-reaching regulations to protect New York State banks, financial institutions and insurance companies against escalating threat of cyberattacks is both timely and imperative. The regulation requires institutions to establish and maintain a cybersecurity program designed to protect consumers and ensure the safety and soundness of New York’s financial services industry. The proposal is a landmark initiative to elevate the security posture and preparedness of New York’s thousands of financial institutions in combatting cyber-crime through a cybersecurity program that performs five core functions: Identification of cyber risks. Implementation of policies and procedures…