Security News

Zero trust isn’t just for IT, it can also protect targeted critical infrastructure
2021-12-20 06:15

Let's examine some of the big challenges in OT security, and how zero trust can fix them. Zero trust is a security framework that assumes every user or device is a potential threat.

Immudb: Open-source database, built on a zero trust model
2021-12-17 05:00

Now, with full transactional support for everyday business applications, the open source immudb tamper-proof database can serve as the main transactional database for enterprises. "There is no need to have immudb running next to a traditional database anymore, as immudb now has full ACID transactional integrity compliance," said Jerónimo Irázabal, co-founder of immudb and lead architect at Codenotary.

Passwordless verification API transforms every mobile phone into a security token for zero trust access
2021-12-15 06:00

You don't have to log into the network to use the phone - it happens in the background via the SIM. Moreover, the mobile subscriber identity is one of the most widely used forms of digital identity. Firstly, it merely proves the user has access to a phone number, potentially through social engineering, not possession of a physical security token / device.

Cybersecurity: Organizations face key obstacles in adopting zero trust
2021-12-08 15:03

To compile its new "Zero Trust and IT Security" report, One Identity commissioned Dimensional Research to conduct a survey of 1,009 IT security professionals to get their opinions on adoption and experiences with zero trust security. Just 8% reported no plans to set up zero trust, while 2% didn't know what zero trust meant.

The current state of zero trust: Awareness is high, adoption is lagging
2021-12-08 04:30

One Identity released global survey findings that unpack the current state of zero trust awareness and adoption across the enterprise. As zero trust awareness continues to rise on the heels of the U.S. White House's Executive Order that was released in May, and a year plagued by one disastrous cybersecurity incident after another, new findings reveal that only 1 in 5 security stakeholders are confident in their organizations' understanding of zero trust.

Companies ditching VPNs for zero trust architectures to secure hybrid workplaces
2021-11-25 03:00

Hybrid workplaces are the new norm, with 99% of respondents' reporting their workforces will split time between the office and remote settings post-pandemic, a Teradici survey of more than 8,000 respondents across a range of industries reveals. "The pandemic has caused a fundamental shift in how people work, and the 'office' will never be the same," said Ziad Lammam, Global Head of Teradici Product Management, HP. "As a result of the enormous security concerns associated with unmanaged devices, as well as BYOD, organizations are changing how they think about securing their corporate assets. Expect to see companies move away from traditional VPNs to Zero Trust architectures to shore up their endpoints and protect their data."

Operational technology and zero trust
2021-11-16 06:15

Zero trust, otherwise known as zero trust architecture, is a shift in the way we think about security. Zero trust is the concept of centralizing policy control, limiting lateral movement throughout the organization, changing from traditional edge boundaries to fine grained segmentation, and providing least privileged access to resources based on context.

The role of visibility and analytics in zero trust architectures
2021-11-10 06:18

Zero trust architecture is not a new concept, but with the White House Executive Order published earlier this year, many in the networking space have started to ask about how network visibility analytics fits into the equation. With all the vendor confusion around what is and is not ZTA, I'd like to explore its impact on network visibility.

Surge in cyber attacks confirms the need for zero trust security
2021-11-04 05:00

Conversely, the technology industry was plagued by threats at a rate much higher than other types of businesses, accounting for 50 percent of attacks. "As a result, encrypted channels create a significant blind spot in their security postures. The report on the state of encrypted attacks demonstrates that the most effective way to prevent encrypted attacks is with a scalable, cloud-based proxy architecture to inspect all encrypted traffic, which is essential to a holistic zero trust security strategy."

Week in review: Popular npm package hijacked, zero trust security key tenets, wildcard certificate risks
2021-10-31 09:00

Apple fixes security feature bypass in macOSApple has delivered a barrage of security updates for most of its devices this week, and among the vulnerabilities fixed are CVE-2021-30892, a System Integrity Protection bypass in macOS, and CVE-2021-30883, an iOS flaw that's actively exploited by attackers. Good security habits: Leveraging the science behind how humans develop habitsIn this interview with Help Net Security, George Finney, CSO at Southern Methodist University, explains what good security habits are, how to successfully implement them and why are they important.