Identity Management & Cybersecurity News | 7.26.2018

Posted: 
Jul. 26th, 2018

Nine essential elements for a strong privileged account management strategy  cybersecurity

The ACSC isn't the only institution asserting the importance of managing privileged accounts and restricting access privileges; there are a number of other firms and security experts continuously lobbying for privileged access management (PAM). Gartner, at its Security and Risk Management Summit in June, laid out the top 10 security projects that chief information security officers (CISOs) should concentrate on in 2018, among which PAM stood first. However, despite these steady reminders, many privileged accounts still remain poorly protected, ignored, or mismanaged, making them easy targets. With that in mind, here's a list of essentials policies that every IT manager or security administrator should implement to protect privileged accounts.  Read the article

 

Recycled Passwords Are Putting Your Company at Risk

We’ve all done it. You create a strong password that passes the security test on one website and decide to use that password over and over again. A recent survey found that 91 percent know that using the same passwords for multiple accounts is a security risk, yet 59 percent mostly or always use the same password. However, if a hacker gets access to a password used across multiple accounts, they have access to much, much more of your information. While this can be problematic for your personal data security, it can become even riskier when this behavior moves from home to the office where confidential information is stored for the business and numerous employees.  Read the article

 

These Data Security Challenges Are Plaguing Healthcare

Many of the cybersecurity problems health facilities face stem from a lack of awareness. They see data security as an issue that affects the IT department rather than the entire organization. Because of this mindset, they fail to build a culture of security in which everyone understands and values secure data, equipment and processes. And this leads to weak passwords and authentication practices, as well as participation in what’s known as shadow IT — where employees access sensitive patient data using unauthorized devices and apps.  Widespread lack of awareness makes the people working at a healthcare facility the weakest security link. To combat security flaws introduced by employees, make it a top priority to boost organizational awareness through comprehensive training and the adoption of strict authorization and authentication policies.  Read the article
 

 

Cybersecurity And The New CISO: The Leadership Enigma

As the CISO role evolves from exposure mitigation to incorporating broader business risk management, the cybersecurity apparatus must also change as well. This means that certain traditional security tasks should move into operational IT areas. Risk management/risk culture through data capture and analytics should become the core functional capabilities. This will mean having to retool/rekit your organization's skill set to support more analytical thinking and promote a greater awareness of operational risk management.  Read the article

Author Information