Hot Topics

Hot Topics

Centrify’s industry experts discuss the biggest issues and hottest topics around the convergence of identity and compliance for data center, cloud and mobile users and applications across devices.


By , December 13, 2017

A German court has ruled that an employee can be held liable for damages caused by instances of CEO fraud that affect their employer. In October 2017, the Regional Labor Court of Saxony ruled that a financial director can be partially liable for the damage caused by a case of CEO fraud. Their accountability was ultimately limited however, the court found, because the liability privilege developed by German labor courts applies to CEO fraud. Under that common law, employees are responsible for damages only if they demonstrate gross negligence. While the employee did violate their employer’s internal safeguards, the court…

By , December 11, 2017

‘Tis the season of holiday cookies, warm sweaters hot cocoa and… holiday shopping deals. According to Deloitte, retailers can expect to see holiday sales growth as much as 4.5 percent and could top $1 trillion between the months of November and January this year. It’s even looking better for online shopping. “E-commerce sales… are expected to increase 18 to 21 percent during the 2017 holiday season… Digital sales climbed 14.3 percent in 2016” It is certainly looking jolly for the retail industry all around, but with an increase in online shopping, does that mean an increase in cyber threats this…

By , December 4, 2017

The theft of highly sensitive personal information on 57 million Uber drivers and customers in the Uber data breach — and its subsequent cover-up — is in many ways what the GDPR was invented for. Here is a multi-billion dollar US tech company that reportedly protected access to key data in the cloud by using just static log-ins. Not only did its data protection controls therefore fall short of the best practice “state-of-the-art” approach outlined in the GDPR, but the firm also failed to report the incident — something which would incur a fine of €10m (£8.9m) or 2% of…

By , November 21, 2017

Background on the Uber Breach History is replete with examples of individuals and organizations turning manageable problems into serious crises simply by trying to hide the truth. While the Uber data breach was large in terms of the 57M customer and driver records lost, if Uber had followed standard breach protocol by notifying authorities and impacted users, remediated the problem and laid out steps that they were taking to avoid future breaches, the impact would have been much less. Uber was under a legal obligation to notify regulators and to the impacted users and drivers. Instead they took extreme measures…

By , November 17, 2017

Today Forrester Research released The Forrester Wave™: Identity-As-A-Service, Q4 2017. Evaluating the “seven vendors that matter”, Forrester named Centrify a Leader. Here at Centrify, we believe this is a strong validation of Centrify’s zero-trust approach to securing access to apps and systems. A complimentary version of this report is available for download here. Centrify provides the industry’s only single platform to secure each user’s access to apps and infrastructure through the power of identity services. With this recent report from Forrester, Centrify becomes the only identity services provider to be evaluated in and positioned as a leader in both IDaaS…

By , November 8, 2017

According to Lloyd’s of London, a massive global cyberattack could result in economic losses as high as $53 billion. Given that, it’s no surprise that an increasing number of businesses are adding cybersecurity coverage to their liability insurance. But as businesses rush to insure, what exactly these policies cover, as well as the cost of premiums, is coming under scrutiny. A key question is whether or not non-malicious human activity is covered. On one hand, cybersecurity policies that do not cover human error —  which would include falling victim to sophisticated phishing schemes, visiting Trojan-infected sites, or even deferring patches…

By , October 30, 2017

It is interesting and at times bewildering, that in the many years following the failures of 9/11, we still have not found a way to share threat intelligence information without exposing classified information which may compromise the source. Look at these five primary pieces of infrastructure, which exist in every modern society, consider the interdependencies, and how a persist threat or disruption to one dependency can cascade throughout these infrastructure dominos. Primary Role: Electrical Power Generation/Distribution Dependencies on: Above and below ground electrical distribution wires. Network Access to connect power generation and distribution systems. Backup generation systems for internal systems….

By , October 25, 2017

Aside from the cool sounding name, the Bad Rabbit Ransomware has quickly become a problem across Russia and Eastern Europe. While not as many are being affected as with WannaCry or Petya, it is still causing headaches for hundreds of organizations. Ransomware is a particularly nasty type of cyber-attack that costs far more than the relatively minor payouts demanded. For example, as we have seen with WannaCry, certain organizations are particularly vulnerable to ransomware such as healthcare. Disruption of patient care, destruction of data and general disorder caused by a ransomware attack is felt particularly hard by targeted healthcare organizations….

By , October 25, 2017

Back in May, I blogged about the lack of women in technology and cybersecurity in particular. Weeks after that article was published, Cybersecurity Ventures released a report estimating that the number of unfilled cybersecurity jobs would increase from one million today to 3.5 million in 2021. That’s a lot of people required for an industry that already has a zero percent unemployment rate. And if the report is right, we have a few short years to address the problem before the current cybercrime epidemic truly explodes. Maybe it’s time to recognize that the number of women in tech is on a slippery…