Three Discussions CISOs Should Expect When Attending CyberConnect

I’m really excited to announce that CyberConnect 2017 is nearly sold out! And, I’m even more excited to attend the 30+ keynotes and panels, and collaborate with over 40 thought leader speakers during the event. In fact, collaboration is at the core of CyberConnect. Unlike traditional events, CyberConnect integrates thought leadership, collaborative roundtable sessions and in-depth training designed to arm executives and practitioners alike with the tools and confidence needed to defend their organizations against today’s hyper evolving adversary. So, with collaboration in mind, I’d like to share three topics that CISOs can expect to discuss at the conference. How…

Today’s Predictions for Tomorrow’s Internet: How To Keep Your Smart Devices Safe

When you first hire a personal assistant, they’re not all that helpful. Over time, they learn your daily routine, your needs and desires, and with that information, they make your life easier. Now, consider that your smart phone has morphed into your own mini personal assistant. Today’s smartphones are filled with potent sensors that collect data about you. Audio and image sensors, touch sensors, acceleration sensors, light, proximity, and location sensors all help your smartphone to get to know you and your habits. It knows where you go, when you go and how long you stay. It knows who you…

Equifax Breach Shows Firms Still Aren’t Getting the Basics Right Ahead of GDPR Deadline

As each week brings the 25 May 2018 deadline for GDPR compliance closer to hand, we seem to be faced with yet another report highlighting poor levels of preparedness among organisations. Recent findings reveal that an astonishing 64% of UK firms have not yet begun preparations for the sweeping new data protection law. Yet as shocking as these stats are, a far more effective way to focus the minds of IT security and business leaders is to highlight some recent big-name data breaches and consider how the companies affected would have been treated in a post-GDPR world. For Equifax, there’s particularly…

The Equifax Disaster: Technical Controls — ICIT’s Synopsis of America’s In-Credible Insecurity

The following excerpts are from the Technical Controls section of Part-1 of the ICIT Equifax report entitled “America’s In-Credible Insecurity,” written by James Scott, Sr. Fellow, Institute for Critical Infrastructure (ICIT). Technical Controls Data Encryption Data should be protected according to its value and the potential harm that would result if it were stolen. Encryption does not prevent adversaries or insiders from exfiltrating data; however, it does deter or prevent attackers from exploiting the stolen data unless they spend significant additional resources breaking the encryption or stealing the decryption keys. Data Loss Prevention Data loss prevention is the employment of…

4 Tips to Stay Safe Online for National Cybersecurity Awareness Month

Help! I Love the Internet, But My Identity and Data Are Up For Grabs — Should I Just Unplug?! In honor of National Cybersecurity Awareness Month, we at Centrify are doing what we can to help you to be #CyberAware. The theme for the first week is around simple steps to online safety. Have you ever considered how to protect your privacy or identity while “online”? Have you noticed over the last few years how many times your data has been stolen or exposed by hackers? Have you observed that most of these breaches were from systems where you were…

Stay Secure With Day One Support for iOS 11 and macOS High Sierra

It’s that time of year again: time for all the latest and greatest from our friends in Cupertino. Last week, Apple released iOS 11 and this week Apple released the latest update for macOS, the 10.13 High Sierra release. We here at Centrify are excited for the new capabilities, new look of iOS 11 and the significant performance improvements with macOS High Sierra; so, we have made sure that our customers are able to move forward with day one support for both offerings. Our day one support for is effective across the product line, including our Centrify Endpoint Services, Centrify…

Gartner Privileged Access Management Market Overview 2017

Gartner just published their 2017 Market Overview guide for PAM, and it is a great read! The drivers for PAM are similar to last year’s, with a new emphasis on the need for “a comprehensive cybersecurity defense strategy, specifically for critical infrastructure.” Here’s Gartner’s list of drivers, and we believe they are spot on in terms of what we are hearing from our customers and how we’ve delivered capabilities to help solve these issues: The risk of breaches and insider threats The need to prevent, isolate and limit malware attacks that leverage privileged accounts An increase of operational efficiency for…

How Do You Choose the Right IAM Solution? Here Are 4 Questions You Should Ask

Cloud based services dominate today’s world and over the past few years, delivering cloud based IAM solutions is no exception. The right solution can reduce risk, cut down costs and save time, but choosing the right IDaaS vendor requires careful consideration. Putting together some basic questions to ask while covering several key elements is a first step. So…where do we begin? Is It a True Hybrid Solution? Ask your prospective vendor if they truly provide a hybrid solution with control and access across on-premises and SaaS-based applications. Federation for SaaS apps is a great first step, but larger companies will…

How to Hack Passwords: How Long Would It Take Your Grandmother To Do It?

(Hint: You Won’t Believe the Answer) My last article “Do You Know How Easy It Is to Guess Your Password? (Hint: You Don’t Want to Read This!)”, was about how hackers can obtain massive databases of human generated passwords and run them through off-the-shelf tools on commodity hardware by using Graphics Card GPUs to gain speed and computing cost advantage. This article will delve into how easy it will be for your grandma to rig up a password cracking machine. First step for Grandma is to visit Amazon and pickup some hardware. Perhaps a nice BitCoin mining rig that can compute…