dcsimg

Could basic password security practices have helped prevent the latest Equifax lawsuit?

Fallout from the 2017 Equifax data breach is back in the news as a new class-action suit consolidated 373 previous lawsuits into one. Unlike previous lawsuits filed by Equifax customers, the latest action comes from shareholders that allege the company didn’t adequately follow or disclose security practices, including poor password management. If you google, “what is the most common password?” … [Read more...]

Why Usable Security Should Drive Your Decision in Selecting a PAM Tool for Your Organization

What is Usable Security At Thycotic ease of use has been a consistent focus with our products, but we have started to use the term Usable Security more frequently. Usable security is much more than a Thycotic marketing term. Usable security is an academic field of study that evaluates the usability of computer security. We believe that our focus on this concept differentiates us from our … [Read more...]

Limit access for third-party vendors without restricting their ability to get work done

Companies often work with outside experts, consultants and other third-party vendors who need privileged access to corporate resources. These third-party entities can’t do what they were hired to do if their access is too restrictive. You can’t maintain a strong security posture if access and oversight are too lax. How do you, a security professional, walk the line to provide just enough access … [Read more...]

Trick or Treat? Stay safe during National Cybersecurity Awareness Month in October, and beyond

Ah, October! Summer has officially come to an end and we’ve quickly moved on to jumpers, football, and pumpkin everything. October is also National Cybersecurity Awareness Month. The theme for 2019 is “Own IT. Protect IT. Secure IT.”  But it needn’t be scary, and the tricks or treats you get at the end of the month should be the fun and entertaining variety—not something that poses a risk to … [Read more...]

Can PAM and Zero Trust Coexist?

What is Zero Trust and why was it introduced? The concept of Zero Trust isn’t new; the term was coined by Forrester back in 2010 and was initially synonymous with a network security approach known as micro-segmentation. Micro-segmentation is a way to create secure zones in data centers and cloud deployments that allow you to isolate workloads and protect them individually. This approach is … [Read more...]

Privileged Access Management Best Practices

For the past two years, Gartner has named privileged access management (PAM) the top IT security priority. Privileged account credentials for domain admins, service, application, and root accounts are valuable targets. When attackers gain these credentials, they can exploit your most sensitive information and critical systems. Privileged access gives them power to alter data, change configurations … [Read more...]

The Black Hat 2019 Hacker Survey Report and Black Hat / Defcon 27 Recap

Brought to you by Thycotic Well folks, Black Hat 2019 conference has come and gone. Around 19,000 InfoSecurity professionals from around the world came to Las Vegas to learn, share, educate and disclose security research on the latest vulnerabilities, cyber threats, cyber attacks and techniques used to bypass popular cyber security methods—the same methods used by … [Read more...]

Top 5 Black Hat 2019 Sessions Not to Miss. Plus: Bonus Travel Tips to Hacker Cons

The Black Hat USA 2019 conference is about to start. Over 17,000 security professionals will come from all around the world to Las Vegas, USA. They will learn, share, educate and disclose security research on the latest cyber-threats and attacks, vulnerabilities, and techniques used to bypass security used by most governments and organizations globally. Without clear collaboration and … [Read more...]

Top 10 Best Cyber Security Podcasts of 2019

Podcasts have transformed the way we digest news, learn on the go, and optimize our commutes. With podcasts gaining popularity due to their ability to fit into our busy lives, a wave of new cyber security experts have launched a series of IT podcasts to keep us informed about the latest security threats, InfoSec tools, and cyber best practices. Below you’ll find our curation of the 10 best cyber … [Read more...]

Key Takeaways from the 2019 Verizon Data Breach Investigations Report

The Verizon Data Breach Investigations Report 2019 is now publicly available to download or read online. It’s the 12th edition, and not surprisingly, it reveals that cyber criminals are still successfully using their hacking techniques—many of which are very common—and that we have failed to stop them. However, we are getting better at stopping them. MORE THAN 40K SECURITY INCIDENTS, AND OVER 2K … [Read more...]