Centrify’s Bug Bounty Program with Bugcrowd

It’s an exciting time to be in information security. Black hats are attacking more web sites, constructing more 0-day threats and phishing more credentials and payment data. The proliferation of smart IoT devices and new technologies create opportunities for malicious activities. Nation State actors and the vulnerabilities they exploit are gaining visibility. What strikes me, though, is how the security community has risen to these challenges. The demand for security professionals is higher than ever, but so is the supply — new generations of security researchers, responders and leaders are coming from all corners of the globe. These are people…

Time to Ditch Passwords: Taking the Centrify Message to Infosecurity Europe

London Olympia will again be the venue this week as experts from around the world flock to the capital for the annual Infosecurity Europe show. With over 13,000 visitors expected over the three days, this is one of the biggest industry events around. Centrify will be there on Stand C65 to share why we think our range of advanced identity services are the only way IT leaders can secure their hybrid enterprise against modern threats. Attendees also have a great opportunity to hear first-hand from customer Remy Cointreau on the challenges of becoming a more secure and agile organisation through…

Joining the Dots to Better Breach Prevention: A Centrify Roundtable

The volume and frequency of data breaches seem to have hit a new high in recent months. But away from the sensational headlines, do we really know what the impact of such incidents can be on the victim organisation’s reputation and bottom line? Centrify recently commissioned the Ponemon Institute to shine a light on exactly this area — interviewing CMOs, IT practitioners and customers — and uncovered some fascinating findings. Not only do UK firms on average see a lasting share price slump of 5% following a breach, but many IT and marketing professionals are profoundly divided –from each other…

Don’t Open that Google Doc Link: Another Phishing Scam

Yesterday, Google users were targeted by a spear phishing campaign that some cybersecurity researchers believe to be one of the fastest-spreading attacks of its kind in history. This attack was highly effective, as the phishing emails were harder to spot since they were from familiar senders. Most users were likely easily fooled into trusting a message from a known contact, which made this scam easy to spread and propagate quickly. While the hole was quickly patched by Google, it is always prudent to check the URL of a link before clicking on it to verify it is spelled correctly and…

Am I Affected by the European General Data Protection Regulation?

It’s a year until the biggest shakeup to Europe’s privacy laws in nearly a generation takes effect. The European General Data Protection Regulation (GDPR) will bring sweeping new rules into force, including new consumer rights over how personal data is used, and mandatory 72-hour data breach notifications. Yet there’s still confusion over which companies and what types of data are covered by the law. With firms currently complying with less than 40% of GDPR principles on average, time is running out. That’s why Centrify is running a new monthly blog series designed to raise awareness about the GDPR, as the clock…

4 Reasons Why Security is Important for Innovation Management

Well, maybe we should start with, “What is innovation management anyways?” At its most basic, it is the purposeful organization and management of ideas within an organization to create meaningful change. Companies use it to gather new product ideas, improve processes and discover new markets and business models. The White House used innovation management processes to cut government spending, Home Depot used this process to identify new product lines, and the DREAMS Challenge used innovation management software to fund new projects that would halt the spread of HIV (just to name a few). But if innovation management often starts by…

Confronting the New Cyber Security Reality: Part 2

Since 2013, breaches have compromised nearly six billion records—that’s an average of almost four million records every day and over 162,000 records every hour! It’s time to face the facts. Today’s security is no longer secure. Enterprise networks have expanded beyond traditional perimeters to include more devices, apps (on-premises and in the cloud) and people. In the absence of these boundaries, the identities that make up modern enterprises are easier to compromise than ever before, and hackers are targeting these identities at an alarming rate. In fact, Forrester estimates 80% of security breaches involve privileged credentials. Traditional security approaches, like passwords…

Confronting the New Cyber Security Reality: Part 1

During the peak of the 2016 U.S. presidential election cycle, two groups of hackers accessed the Democratic National Convention servers. The leak made public emails detailing the DNC’s interactions with the media, both primary candidates’ campaigns and campaign contributions, and personal information about DNC donors, including credit card and Social Security numbers. This historical breach will forever be known for its impact on the 2016 Presidential election. Recently, we’ve seen the frequency of breaches like the DNC attack skyrocket—and no organization is safe. Over the past two years, sixty-six percent of organizations report experiencing five or more breaches, according to…

Researchers: Action Required to Protect Against IoT Threats

Recently, Pwnie Express researchers released their third annual report on the wired, wireless, Bluetooth, IoT and BYOD challenges facing IT security professionals. It’s not your typical study. These researchers combine a survey of hundreds of IT security pros with “on-the-ground” data captured from Pwnie Express sensors, distributed across a number of businesses. This mix of human perspective and real-world data offers a more accurate picture of what’s really going on out there. This year’s report had some interesting findings that I wanted to point out. If you have time to read the report — and I recommend it — you…

How to Stop the Breach in a Hybrid Enterprise

Has your enterprise experienced a data breach in the past two years? If so, it’s time for a wake-up call. In fact, 66% of organizations reported falling victim to a breach an average of five or more times during that time span. The security status quo is a slippery slope. Enterprise networks have expanded beyond the well-defined boundaries that used to protect our important assets from falling into the wrong hands and a new security reality has set in. Traditional security methods can’t protect your organization from breaches, and failure to recognize this new reality leaves your business at risk…