Hot Topics

Hot Topics

Centrify’s industry experts discuss the biggest issues and hottest topics around the convergence of identity and compliance for data center, cloud and mobile users and applications across devices.


By , December 1, 2016

Breach notification rules in the upcoming EU GDPR (General Data Protection Regulation) will mean data breaches are far more likely to become public, where today it is possible (although probably ill-advised) to try and sweep them under the carpet. The 2016 Verizon Data Breach Investigations Report stated “63% of confirmed data breaches involved weak, default or stolen passwords.” Centrify protects against the leading point of attack used in data breaches – compromised credentials – and can therefore reduce the risk of breaches taking place. EU GDPR Background The EU GDPR will apply from 25th May 2018, and although that seems like a long time from now, companies may find they…

By , November 30, 2016

By now, many have heard about the recent ransomware attack against the San Francisco’s “Muni” system on Black Friday where the hacker locked out the railway’s system and demanded 100 BTC as payment. The second, less known, part of the story was published by Brian Krebs on his blog yesterday: “On Monday, KrebsOnSecurity was contacted by a security researcher who said he hacked this very same cryptom27@yandex.com inbox after reading a news article about the SFMTA incident. The researcher, who has asked to remain anonymous, said he compromised the extortionist’s inbox by guessing the answer to his secret question, which then allowed him to reset the attacker’s…

By , November 28, 2016

It’s the most wonderful time of the year! Well, almost! With Christmas just a matter of weeks away, millions of people worldwide have commenced their Christmas shopping and are preparing for the festive season. Whilst Christmas gives us the perfect excuse to splash out on gifts, there’s no doubt that we are all looking to bag ourselves some bargains, and Black Friday and Cyber Monday will certainly have you itching to whip out your credit card. The hype surrounding Black Friday and Cyber Monday shopping deals has certainly intensified over the years, and shoppers both in store and online are…

By , November 21, 2016

There is little debate that this election will be described as a referendum on the status quo, with very strong anti-establishment and anti-elitist sentiment driving record numbers of unexpected voters to the polls. But that doesn’t tell the complete story. Yes, the Hillary campaign brought the current administration out in force in the final weeks, thus cementing her image as an entrenched Washington insider. But I can’t help but think that this status quo image began to be shaped and hardened as a direct result of the leaked insider communications exposed on WikiLieaks and as a result of the hacked…

By , November 11, 2016

As an Artillery Officer in the United States Army, I am tasked with the challenge of understanding the enemy, their assets and capabilities, and from what vectors they can and will attack. Based on this knowledge and understanding, it is my responsibility to recommend to the commander on the ground: Where he should place his indirect fire assets (howitzers and mortars). Where he should place his observation platforms (forward observers, radars, and UAVs). What additional enablers (Fixed Wing and Rotary Wing Aircraft) he should request from higher headquarters to ensure his units are properly defended and conditions are set for…

By , November 7, 2016

What would happen to your company’s reputation or market share if its data was hacked? This article originally appeared on Inc. Magazine and is reprinted with permission. The recent release of Snowden, the 2016 film about exiled former cyber-security contractor Edward Snowden, highlights some of the inherent cyber-security risks that organizations face. These concerns have been reinforced by the controversy over hacked emails during the current election cycle. In Snowden’s case, it was the National Security Agency (NSA) that was breached, but the vulnerabilities he exploited exist in many enterprise-level companies as well. Security Breaches in recent memory While I worked at Symantec for the…

By , October 20, 2016

With European Cybersecurity Month in full swing, this week’s topic of discussion is “Cybersecurity Training.” Whilst cybersecurity training and awareness has undoubtedly improved, a common mistake is that it is often treated as a one-time tick-box exercise, rather than an ongoing process. As cyberthreats become part of the reality of daily business, the limitations of traditional security controls have been exposed and businesses need to recognise that cybersecurity is not simply a one-off task on the to-do list. A security breach is now assumed to be inevitable and whilst layering defensive security controls and tools are a step in the…

By , October 20, 2016

New HIPAA regulations are driving heightened security around electronic protected health information (ePHI) and Cloud Service Providers (CSP). These regulations detail the types of security for data in the cloud, as you might expect, but they also focus on securing and controlling the access to cloud systems, infrastructure and data. In the simplest terms, this means healthcare companies and their business associates (BA), need to focus on securing and managing resources IN the cloud, as well as securing and managing access TO the cloud. This can be broken down to mean that healthcare companies need to: Ensure cloud resources are…

By , October 19, 2016

The Secret to Security What if I told you that the secret to security was just one, simple and attainable thing? Fort Knox is the de facto standard of security. It has granite walls that are four feet thick, vaults housing gold constructed with 27 inches of steel and one of the largest surveillance network on earth. Not to mention, it has the U.S. Army guarding the facility.  Yet, there is “one thing” that really helps protect this compound. Area 51 is one of the most highly classified areas in the world. Its protective measures include elaborate fences, an actual army of…

By , October 13, 2016

In the midst of the WikiLeaks’ release of thousands of emails purportedly from his inbox, Hillary Clinton Campaign Chairman John Podesta has now become the victim of a hack into his Twitter account. CNN is reporting that Podesta’s account was hacked on Wednesday, September 12, and that, just as Clinton landed in Las Vegas, Podesta ostensibly tweeted, “I’ve switched teams. Vote Trump 2016. Hi pol.” While the specific details of the hack have yet to be discovered, a likely scenario is that Podesta’s Twitter account was protected solely by a username and password – without any form of two-factor authentication….