article thumbnail

On Risk-Based Authentication

Schneier on Security

A Study on Usability and Security Perceptions of Risk-based Authentication “: Abstract : Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. I’ve blogged about risk-based authentication before. Paper’s website.

article thumbnail

The Legal Risks of Security Research

Schneier on Security

Sunoo Park and Kendra Albert have published “ A Researcher’s Guide to Some Legal Risks of Security Research.” Our Guide gives the most comprehensive presentation to date of this landscape of legal risks, with an eye to both legal and technical nuance.

Risk 354
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

The Last Watchdog

One critical issue faced by organizations that rely on Exchange Server is the risk of a corrupt Exchange Server database cropping up. Navigating new risks Today, heavy reliance on cloud-centric IT infrastructure and cloud-hosted applications has become the norm. Here are a few ‘dos:’ •Rigorous vulnerability management.

Risk 264
article thumbnail

Nearly half of enterprise endpoint devices present significant security risks

Tech Republic Security

The post Nearly half of enterprise endpoint devices present significant security risks appeared first on TechRepublic. Organizations are struggling to manage devices and stay ahead of vulnerabilities, patches and attacks, according to a new report from Adaptiva and the Ponemon Institute.

Risk 184
article thumbnail

Risks of Evidentiary Software

Schneier on Security

Over at Lawfare, Susan Landau has an excellent essay on the risks posed by software used to collect evidence (a Breathalyzer is probably the most obvious example). Next the court should consider whether the evidence being presented could be materially affected by a software error. The software engineers proposed a three-part test.

Software 361
article thumbnail

Existential Risk and the Fermi Paradox

Schneier on Security

The risks we face today are existential in a way they never have been before. In these areas, like everywhere else in past and present society, the technologies of attack develop faster the technologies of defending against attack. We can’t be sure of that anymore. But suddenly, our inability to be proactive becomes fatal.

Risk 315
article thumbnail

Why Businesses Must Address Risks of Quantum Computing NOW Rather Than Wait Until Problems Arrive

Joseph Steinberg

There is little doubt that quantum computing will ultimately undermine the security of most of today’s encryption systems , and, thereby, render vulnerable to exposure nearly every piece of data that is presently protected through the use of encryption. This post is sponsored by IronCAP.

Risk 338