Secure Identity to Protect Your Reputation

Reputation is built on trust – yet the paradox in the age of access is that the only way we can build trust is to eschew it. That age-old tool of identification–the password–no longer provides any level of security and, in fact, depending upon a password for protection is probably the worst mistake one can make. Likewise, relying on technology alone, such as firewalls, malware detectors and anti-virus programs, can create a false sense of security that often causes more problems than it solves. LESSONS FROM AUSTRALIA If you doubt that assumption, look at the volume of business disruption that…

World Password Day – 5 Facts About Weak Credentials

Happy World Password Day! Ok, I’ll admit until a few days ago, I wasn’t aware this was a thing. As with most events in my life, if Outlook or Android doesn’t serve me a popup reminder, I’m oblivious to it. But this one commanded my attention, not only because of the never-ending news coverage we see about high-profile breaches, but also because I now know that 4 out of 5 are due to weak, default, stolen, or otherwise compromised credentials. Around this time of year, we tend to see reports that detail the top 25 most common passwords. You’d think…

SEC Clarification: Companies Must Disclose Breaches

In late February, the U.S. Security and Exchange Commission (SEC) issued new cybersecurity guidance in the form of an “interpretive release.” According to the SEC website, the Commission frequently provides guidance on federal securities laws and SEC regulations for business and investment communities. The release covered three main topics: Disclosure of cybersecurity risks and incidents Companies have been largely remiss in alerting the public to breaches that may directly impact them. Equifax took five months to reveal that the data of 145 million people had been compromised. Yahoo took years to disclose that every one of its user accounts had…