cybersecurity

Yesterday, implementing Zero Trust security was important—today, it’s an imperative. Tomorrow, organizations that still haven’t rethought their security strategies  could be left in the dust. But there’s still a chance to get ahead without investing in all the infrastructure you need at once; once you start the journey, it’s easy to continuously…

Australian Prime Minister Scott Morrison recently raised awareness of a state-based cyber attack that Australia is facing across all levels of government and the private sector. In response, the Australian Cyber Security Centre (ACSC) published an advisory on the nature of the attacks as well as guidance on how to mitigate these types of attacks…

In my previous post, I talked about how the COVID19 pandemic has impacted how our customers use MFA — more specifically how SMS authentication is on the rise as organizations look to rapidly roll out a quick and easy secondary auth method in response to the need to embrace remote work. In this post, I’ll go into more detail around issues with SMS…

The COVID pandemic has changed how we do many things. In the workplace, it’s pushed us to take a deeper look at how we enable employees to work remotely—and to ensure that they can do it securely. But what does that actually look like? According to our recent Businesses @ Work (from Home) report, companies are adapting and evolving quickly…

When we think of compromised API security, we typically see an image of a hoodie-wearing hacker toiling away in a darkened room, targeting a bank’s server. We can imagine them compiling a custom tool, launching it against the system, and celebrating as your 401k becomes theirs. Alternatively, we may even picture armies of hackers using…

In today’s threat landscape, passwords have become increasingly ineffective for protecting customer authentication and data—and they’re also unintended inhibitors for user experience. As such, it’s not surprising that many organizations are exploring passwordless authentication as a more secure, user-friendly alternative. In our previous post in…

Organizations are under ever-greater pressure to leverage new app technologies to drive competitive advantage and growth. Yet these ambitious plans all come crashing down if they can’t guarantee that modern IT systems are built on a secure foundation. Security analytics that incorporate data from access control systems are a crucial tool in the…

FIDO is an acronym that comes from the Latin fido, meaning ‘to trust’, which was popularised by Abraham Lincoln—who borrowed it to name his dog. It’s a fitting name for man’s best friend, and just as appropriate in the security world, where trust is key. A more technical reference, FIDO (Fast IDentity Online), emerged in 2012 and is backed by a…

On December 22, 2018, the U.S. government instituted a partial shutdown when Congress failed to approve an appropriations bill. The consequences of this lapse in funding are obvious and very visible, from parks closed due to lack of trash collection, to the suspension of key services like federal housing loans. In today’s heavily connected and…

Every website or mobile app with a login form is a potential target for account takeover attacks. An “account takeover” is the process by which hackers and fraudsters use ill-gotten credentials to gain access to legitimate customers’ accounts. Most of these attacks are automated and driven by malicious bots. The rise of bots is mirrored by the…