CISO, Password Management and Risk - Cyber Security Informer

NIST Password Guidelines 2021: Challenging Traditional Password Management

Security Boulevard

DECEMBER 21, 2021

In 2017, the National Institute of Standards and Technology (NIST) released NIST Special Publication 800-63B Digital Identity Guidelines to help organizations properly comprehend and address risk as it relates to password management on the part of end users.

Password Management

Password Management Passwords Risk Technology

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

James Scobey, CISO at Keeper Security, stated, "The reported downtime of online ordering demonstrates how even temporary interruptions can have a significant impact on revenue and brand reputation." To mitigate such risks, organizations must adopt proactive measures.

Password Management

Password Management Passwords CISO Cybersecurity

Cybersecurity Insights with Contrast CISO David Lindner | 4/19/24

Security Boulevard

APRIL 19, 2024

If you’re not using basic measures like password managers, two-factor authentication (2FA) and cybersecurity training, you’re risking more than you might realize. The post Cybersecurity Insights with Contrast CISO David Lindner | 4/19/24 appeared first on Security Boulevard.

CISO

CISO Cybersecurity Password Management Passwords

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

SecureWorld News

FEBRUARY 20, 2025

Tim Mackey, Head of Software Supply Chain Risk Strategy at Black Duck, explains: "Attacks on legacy cyber-physical, IoT, and IIoT devicesparticularly in an OT environmentare to be expected and must be planned for as part of the operational requirements for the device. Use Privileged Access Management (PAM) solutions.

Ransomware

Ransomware IoT Encryption Social Engineering

CISA Cuts: What They Mean for Cyber Defense for All

SecureWorld News

APRIL 10, 2025

Regardless of your political views, we must all agree that equipping our government with best cybersecurity talent, technology, and resources is critical to protecting our national interests," said Bruce Jenkins, CISO at Black Duck. The planned cuts to CISA underscore a critical juncture for U.S.

Energy and Utilities

Energy and Utilities Backups Healthcare Cybersecurity

NEW TECH: Devolutions’ ‘PAM’ solution helps SMBs deal with rising authentication risks

The Last Watchdog

MARCH 10, 2020

I spoke with Maurice Côté, VP Business Solutions, and Martin Lemay, CISO, of Devolutions , at the RSA 2020 Conference in San Francisco recently. Devolutions is a Montreal, Canada-based company that provides remote connection in addition to password and privileged access management (PAM) solutions to SMBs. I’ll keep watch.

Authentication

Authentication Risk Digital transformation Passwords

ConnectWise Quietly Patches Flaw That Helps Phishers

Krebs on Security

DECEMBER 1, 2022

“Our team quickly triaged the report and determined the risk to partners to be minimal,” said Patrick Beggs , ConnectWise’s chief information security officer. “Nevertheless, the mitigation was simple and presented no risk to partner experience, so we put it into the then-stable 22.8 Update, 7:25 p.m.

Phishing

Phishing Architecture Passwords Accountability

Cybersecurity Insights with Contrast CISO David Lindner | 10/21

Security Boulevard

OCTOBER 21, 2022

I would say this is true, but I would also agree with Gartner that consolidation is key and the more one tool can do, the more data you have to understand your risk profile.". . Creating strong passwords helps prevent brute force attacks against your passwords. Insight #3. ".

CISO

CISO Cybersecurity Passwords Password Management

GUEST ESSAY: 5 steps for raising cyber smart children — who know how to guard their privacy

The Last Watchdog

JANUARY 13, 2021

Once children have identified the rewards of being part of the online world and the risks they want to avoid, they can come up with ways to help protect and care for themselves. Can they create strong passwords? Encourage privacy behaviors. Can they keep their privacy by deciding not to share certain information?

Scams

Scams Education Password Management Passwords

CISO Thoughts with David Lindner – April 29

Security Boulevard

MAY 3, 2022

How do you measure risk between vulnerabilities in custom code vs vulnerabilities in third-party code? To determine the real risk, I strongly encourage developers to start utilizing other measuring tools such as the Exploit Prediction Scoring System (EPSS). Get yourself a password manager today.". . . . . Insight #1.

CISO

CISO Password Management Passwords Risk

The Hidden Cost of Ransomware: Wholesale Password Theft

Krebs on Security

JANUARY 6, 2020

4 interview, VCPI’s acting chief information security officer — Mark Schafer , CISO at Wisconsin-based SVA Consulting — confirmed that the company received a nearly identical message that same morning, and that the wording seemed “very similar” to the original extortion demand the company received. In our Dec.

Passwords

Passwords Ransomware Password Management Malware

Better Late Than Never: Addressing NIST’s Updated Password Security Guidance

Approachable Cyber Threats

OCTOBER 7, 2024

One area where best practices have evolved significantly over the past twenty years is password security best practices. Additionally, password managers are recommended to store long and complex passwords securely without requiring users to remember them.

Passwords

Passwords Password Management Authentication Risk

Passkeys and The Beginning of Stronger Authentication

Thales Cloud Protection & Licensing

FEBRUARY 1, 2024

Passkeys and The Beginning of Stronger Authentication madhav Fri, 02/02/2024 - 05:23 How passkeys are rewriting the current threat landscape Lillian, an experienced CISO, surveyed the threat landscape. Despite solid cybersecurity defenses within her enterprise, the reliance on age-old passwords left it vulnerable.

Authentication

Authentication Passwords CISO Password Management

SolarWinds blaming intern for leaked password is symptom of ‘security failures’

SC Magazine

MARCH 2, 2021

“The latest developments in relation to the SolarWinds intern’s poor password choice highlight’s how bad password hygiene is getting and how important it is for organizations to prioritize password management,” said Joseph Carson, chief security scientist and advisory CISO at Thycotic.

Passwords

Passwords Password Management CISO InfoSec

Major U.S. Port Thwarts Cyberattack

SecureWorld News

SEPTEMBER 27, 2021

Hacker found weak link in port's password management software. In coverage by CNN , it was reported that the hackers were able to breach the web server by finding a vulnerability through password management software, ManageEngine ADSelfService Plus. "In UTC on August 19, according to the Coast Guard report. Now What? ,

Password Management

Password Management Passwords Software CISO

What Are Passkeys?

Duo's Security Blog

JUNE 12, 2023

Passwordless is the modern authentication method that does not rely on passwords, eliminating the risks that come with weak, lost, or stolen credentials. It was exactly what I was looking for, which was a simple and elegant way to use YubiKeys or Windows Hello or Touch ID to replace the password. What is passwordless?

Authentication

Authentication Passwords Password Management Phishing

The four cybersecurity trends to watch in 2023

CyberSecurity Insiders

DECEMBER 6, 2022

By: Matt Lindley, COO and CISO of NINJIO. To avoid these risks, companies need to develop a culture of cybersecurity that will lead to sustainable behavioral change whether employees are in the office or not. 2 – The proliferation of attack vectors will put companies at risk.

Cybersecurity

Cybersecurity VPN Digital transformation Education

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

The Last Watchdog

AUGUST 19, 2021

Related: Kaseya hack worsens supply chain risk. This is the type of incident that could have been identified as a risk by a properly scoped penetration test and detected with the use of internal network monitoring tools. Once more, a heavily protected enterprise network has been pillaged by data thieves.

Mobile

Mobile Data breaches Authentication Accountability

Why World Password Day Is a Perfect Reminder to Up Your Security Game

SecureWorld News

MAY 1, 2025

The evolution of passwords: from complexity to innovation Over the years, we've seen significant changes in how we handle passwords. Password managers have surged in popularity, enabling users to create and store complex passwords without the hassle of remembering them. Avoid storing passwords in plain sight.

CopperStealer malware infected up to 5,000 hosts per day over first three months of 2021

SC Magazine

MARCH 19, 2021

Joseph Carson, chief security scientist and advisory CISO at Thycotic, added that CopperStealer has been known to steal passwords from well-known browsers, and it’s a reminder that storing sensitive data within the browser has become a major security risk, especially if employees become victims of this malware.

Malware

Malware Media Passwords Accountability

Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off

Security Boulevard

OCTOBER 4, 2024

Plus, get the latest on Active Directory security, CISO salary trends and ransomware attacks! Specifically, they’re encouraging people to: Boost their password usage by using strong passwords , which are long, random and unique, and using a password manager to generate and store them. In the U.S.,

Cybersecurity

Cybersecurity CISO Ransomware Technology

Don’t Bet on Passwords: Using MFA to Make Insuring Your Security Less of a Gamble

Duo's Security Blog

OCTOBER 18, 2022

By this point, we’re all familiar with the list of requirements for a strong password: unique, long, memorable, free from any personal information… But even the strongest passwords can pose a risk if they’re the only thing standing between your users and enterprise content.

Insurance

Insurance Passwords Cyber Insurance Authentication

Security researchers applaud Google’s move towards multi-factor authentication

SC Magazine

MAY 7, 2021

Joseph Carson, chief security scientist and Advisory CISO at ThycoticCentrify, said that MFA works as both a successful way of keeping threat actors from gaining access with weak passwords, as well as just a simple deterrent: the attackers will choose the path of least resistance and move on to trying credentials that don’t have MFA requirements.

Authentication

Authentication Passwords Password Management Mobile

Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass

The Security Ledger

SEPTEMBER 14, 2022

at the password management firm LastPass, what the CSTO role entails and how companies need to do more to confront the security implications of “software eating the world.” Prior to that, Chris was the head of BoA’s “Never Down” Critical Business Services group and a former CISO at Citadel. .

CISO

CISO Password Management Technology Software

Pro-Russian LockBit 3.0 Claims Responsibility for Attack on Japan Port

SecureWorld News

JULY 6, 2023

It's clear that such attacks not only pose security risks but also can have considerable economic impacts. John Bambenek, Principal Threat Hunter at Netenrich, said: "Part of the reason technology is so cheap is because technology companies outsource the risks of using their products to their customers. It's on them to use it safely.

Ransomware

Ransomware Cybercrime Password Management Risk

Cybersecurity Culture: How Princeton University's Security Team Created It

SecureWorld News

MAY 19, 2020

Sherry brought to Princeton his 25 years of technology experience, 12 of which was in higher education as the former CISO at Brown University. A recent risk assessment began to expand, and we started a publicity blitz…. One area of the diagram is Risk Management. "If If you are in security, you are in risk management.

Cybersecurity

Cybersecurity CISO Risk Education

Addressing Remote Desktop Attacks and Security

eSecurity Planet

MARCH 25, 2022

Because RDP server hosts can access and manage remote devices, including sensitive clients, the threat posed by RDP attacks can’t be overstated. As remote desktop solutions are prevalent among IT and managed service providers (MSP), downstream clients can be at risk, as Kaseya experienced in 2021. Reconnaissance.

VPN

VPN Software Authentication Encryption

Passkeys and The Beginning of Stronger Authentication

Security Boulevard

FEBRUARY 1, 2024

Passkeys and The Beginning of Stronger Authentication madhav Fri, 02/02/2024 - 05:23 How passkeys are rewriting the current threat landscape Lillian, an experienced CISO, surveyed the threat landscape. Despite solid cybersecurity defenses within her enterprise, the reliance on age-old passwords left it vulnerable.

Authentication

Authentication Passwords CISO Password Management

Security Roundup February 2024

BH Consulting

FEBRUARY 15, 2024

Creeping cyber risk grabbing global headlines The World Economic Forum’s latest Global Cybersecurity Outlook 2024 gives senior leaders a high-level overview of cybersecurity trends. Cyber attacks featured in the top five risks for the year ahead, along with factors like extreme weather and the cost of living crisis.

Passwords

Passwords Surveillance Risk Data breaches

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

Additional security all organizations should consider for a modest investment include: Active directory security : Guards the password storage and management system against attack for Windows, Azure, and other equivalent identity management systems. 52% said previous breaches cost their organization at least US$300,000.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

The Rise of the Sovereign Cloud

Thales Cloud Protection & Licensing

MAY 24, 2023

It’s one thing to be able to send information instantly across the globe, but that runs the risk of it coming to rest in, or simply traveling through, places we don’t want it to. On an individual human level, maintaining proper cyber hygiene through improved password management is still a hurdle.

Encryption

Encryption Internet Internet Data privacy

On first-ever Identity Management Day, experts detail steps to a better IAM program

SC Magazine

APRIL 14, 2021

Greg McCarthy, CISO of Boston. To properly address these issues and determine what to prioritize, you first must become intimately familiar with your business operations, pinpoint key sources of identity-based risk, and then form a governance structure around that. “It’s

Passwords

Passwords Architecture Password Management Government

Spotlight Podcast: Global Audit Finds Small Firms struggle with Password Hygiene

The Security Ledger

OCTOBER 16, 2019

In this Spotlight edition of our podcast sponsored by LastPass* we’re joined by LogMeIn Chief Information Security Officer Gerald Beuchelt to talk about LastPass’s third annual Global Password Security Report, which finds password hygiene improving at large companies, but lagging at smaller firms. Read the whole entry. »

Passwords

Passwords Technology Password Management Information Security

Tips and stories for your team on World Password Day

Security Boulevard

MAY 2, 2024

The post Tips and stories for your team on World Password Day appeared first on Click Armor. The post Tips and stories for your team on World Password Day appeared first on Security Boulevard.

Passwords

Passwords Password Management CISO Risk

7 Cyber Security Courses Online For Everybody

Spinone

NOVEMBER 21, 2019

Either businesses or individuals, we are all in the same boat when it comes to the risk of data loss. The growing risks leave us with the fact that cybersecurity education is not a matter of choice anymore – it’s a matter of necessity. To pursue a career in the cybersecurity field and find a course to get started.

Social Engineering

Social Engineering Accountability Phishing Cybersecurity

3 Steps to Prevent a Case of Compromised Credentials

Duo's Security Blog

MAY 23, 2023

The answer, like most other cybersecurity-adjacent answers, lies in a combination of factors including social engineering , weak passwords, and other risky security moves or attacks. User-generated passwords can be deceptively weak, with less caution given to password management as remote and hybrid work become more common.

Authentication

Authentication Passwords Data breaches Phishing

A Question of Identity: The Evolution of Identity & Access Management

SecureWorld News

FEBRUARY 9, 2024

People, process & technology framework A successful IAM program requires all three dimensions—people, process, and technology—working in concert to enhance the user experience, fuel efficiency gains, and minimize enterprise risk. People: Business relationship management between HR and IT is essential for a successful IAM program.

IoT

IoT VPN Architecture Risk

Securing Nonprofits Protects Us All

Cisco Security

AUGUST 19, 2021

According to Wendy Nather, Head of Advisory CISOs at Cisco, “Technology is for everyone, so security has to be for everyone.” Dr. Kelley Misata: Sightline Security is a nonprofit organization that is helping other nonprofits assess, evaluate, and find solutions to improve security risk in their organizations.

Authentication

Authentication Banking Information Security Technology

AI-Driven Tax Scams Are Surging: What You Need to Know this Season

SecureWorld News

APRIL 1, 2025

The AI-powered scam playbook From generative AI (GenAI) phishing emails to deepfake impersonations of IRS agents, attackers are raising the barand the risks. Cybercriminals are fully aware of the stress and anxiety that surrounds tax season, and every year they take full advantage," said Devin Ertel, CISO at Menlo Security.

Scams

Scams Identity Theft Phishing CISO

NIST Password Guidelines 2021: Challenging Traditional Password Management

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

Webinars

Trending Sources

Cybersecurity Insights with Contrast CISO David Lindner | 4/19/24

Webinars

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

CISA Cuts: What They Mean for Cyber Defense for All

NEW TECH: Devolutions’ ‘PAM’ solution helps SMBs deal with rising authentication risks

ConnectWise Quietly Patches Flaw That Helps Phishers

Cybersecurity Insights with Contrast CISO David Lindner | 10/21

GUEST ESSAY: 5 steps for raising cyber smart children — who know how to guard their privacy

CISO Thoughts with David Lindner – April 29

The Hidden Cost of Ransomware: Wholesale Password Theft

Better Late Than Never: Addressing NIST’s Updated Password Security Guidance

Passkeys and The Beginning of Stronger Authentication

SolarWinds blaming intern for leaked password is symptom of ‘security failures’

Major U.S. Port Thwarts Cyberattack

What Are Passkeys?

The four cybersecurity trends to watch in 2023

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

Why World Password Day Is a Perfect Reminder to Up Your Security Game

CopperStealer malware infected up to 5,000 hosts per day over first three months of 2021

Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off

Don’t Bet on Passwords: Using MFA to Make Insuring Your Security Less of a Gamble

Security researchers applaud Google’s move towards multi-factor authentication

Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass

Pro-Russian LockBit 3.0 Claims Responsibility for Attack on Japan Port

Cybersecurity Culture: How Princeton University's Security Team Created It

Addressing Remote Desktop Attacks and Security

Passkeys and The Beginning of Stronger Authentication

Security Roundup February 2024

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

The Rise of the Sovereign Cloud

On first-ever Identity Management Day, experts detail steps to a better IAM program

Spotlight Podcast: Global Audit Finds Small Firms struggle with Password Hygiene

Tips and stories for your team on World Password Day

7 Cyber Security Courses Online For Everybody

3 Steps to Prevent a Case of Compromised Credentials

A Question of Identity: The Evolution of Identity & Access Management

Securing Nonprofits Protects Us All

AI-Driven Tax Scams Are Surging: What You Need to Know this Season

Stay Connected