POPULARITY
Jon Horddal, Group Chief Product Officer, emerchantpayWhat role does payments data have in personalisation and merchant protection? What benefits do Payment Service Providers (PSPs) confer on merchants who use them? How can businesses optimise their in-store, in-app and online payments? These issues and others are addressed in this conversation between Robin Amlôt of IBS Intelligence and Jon Horddal, Group Chief Product Officer at emerchantpay.
In this episode of State of Identity, host Cameron D'Ambrosi welcomes Alex Bovee, co-founder and CEO of ConductorOne to explore the evolving challenges and solutions in the digital identity space. Learn what's driving the rise of identity-based security risks and how ConductorOne is tackling these issues through centralized identity governance and access controls. The conversation focuses on needing a more flexible approach to identity management, addressing common concerns like access control, multifactor authentication, and the ongoing struggle to balance security with productivity. It also offers insights on how businesses can better manage identity-related risks while ensuring a seamless user experience.
Join us over the next ten weeks as we discuss the top ten cybersecurity misconfigurations and review ways you can keep your organization safe from cyberattacks! In this episode we'll discuss one of the ten ways: Weak or Misconfigured Multifactor Authentication (MFA) Methods. MFA is an important layer of protection that helps keep your information safe from bad actors. Connect with us: https://www.linkedin.com/company/envisionitllc marketing@envisionitllc.com
In this enlightening episode, Joey Pinz engages with cybersecurity expert Wayne Selk, delving into the intricate world of digital protection for small and medium businesses (SMBs). Discover the double-edged sword of AI in cybersecurity, gain insights on the significance of multifactor authentication, and learn about the essential pillars of security: People, Process, and Technology. Wayne, with his rich background in military and cybersecurity, shares invaluable advice for SMBs on safeguarding against cyber threats and the importance of vigilance in the digital domain.
In the course of the talk I'll discuss current authentication challenges, the looming problem with cracking public key encryption, and short and medium term recommendations to help folks stay secure. About the speaker: Bill helps clients achieve an effective information security posture spanning endpoints, networks, servers, cloud, and the Internet of Things. This involves technology, policy, and procedures, and impacts acquisition/development through deployment, operations, maintenance, and replacement or retirement. During his five-decade IT career, Bill has worked as an application programmer with the John Hancock Insurance company; an OS developer, tester, and planner with IBM; a research director and manager at Gartner for the Information Security Strategies service and the Application Integration and Middleware service, and served as CTO of Waveset, an identity management vendor acquired by Sun. At Trend Micro, Bill provided research and analysis of the current state and future trends in information security. He participates in the ISO/IEC 62443 standards body and the CISA ICSJWG on ICT security. He runs his own consulting business providing information security, disaster recovery, identity management, and enterprise solution architecture services. Bill has over 180 publications and has spoken at numerous events worldwide. Bill attended MIT, majoring in Mathematics. He is a member of CT InfraGard and ISACA.
In this episode of Infrastructure Matters, hosts Krista Macomber, Steven Dickens and Camberley Bates cover the latest from the NRF 2024 in NYC, perspectives from the MountainWest CyberSecurity Taskforce plus announcements from Hitachi Vantara, Hammerspace and Seagate. Their conversation covers: The trends from the last 9 months in CyberSecurity, how the bad actors are approaching multifactor authentication and new phishing attacks Insights from the Mountain West Cybersecurity Task Force A review of the National Retail Federation's Big Show and highlighting the use of AI and technology in the retail sector, including edge computing and AI-powered image sensing for inventory management Management changes at Hitachi, including Octavian Tanase joining as the Chief Product Officer and the company's focus on data management and AI technology Announcements from Seagate's HAMR HDD technology and tape integration by Hammerspace for long-term data management and archiving
BIO-Key International CEO Michael Depasquale joined Steve Darling from Proactive to announce several significant contract wins for the company which specializes in advanced security and identity solutions. In the interview, De Pasquale highlighted the company's role in enhancing security through biometrics for access, making systems both more secure and convenient. With increasing concerns about data breaches and cyber threats, Bio-key addresses these issues with software and hardware solutions, helping employees and customers access authorized information more efficiently. De Pasquale discussed the surge in cyber threats, emphasizing the accelerating frequency of data breaches. He also mentioned government mandates requiring companies to report breaches promptly and the necessity of multi-factor authentication for cyber insurance, a service Bio-key provides. In Spain, a partnership has been established with a group that will collaborate with BIO-Key to implement AuthControl Sentry, one of the company's flagship solutions. AuthControl Sentry is highly regarded for its robust authentication capabilities, and it will play a pivotal role in safeguarding the login processes for both internal and external users of Tragsa. Furthermore, Depasquale revealed that Haver & Boecker, a global leader in processing and packaging technology for bulk materials, has embraced Multifactor Authentication and Single Sign-On technology for its digital platforms. This implementation has been facilitated through P&W Netzwerk GmbH & Co. KG, leveraging BIO-Key Europe's AuthControl Sentry solution. This move is part of a strategic initiative aimed at enhancing efficiency and improving the overall user experience for Haver & Boecker's employees. These contracts underscore the value and effectiveness of BIO-Key International's solutions in the realm of identity and access management, highlighting the company's ongoing commitment to providing cutting-edge cybersecurity solutions to its clients. As BIO-Key continues to expand its footprint and deliver innovative solutions, the future holds great promise for both the company and its partners. #proactiveinvestors #bio-keyinternationalinc #nasdaq #bkyi #Biometrics #CyberSecurity #DataProtection #IdentityManagement #TechNews #DigitalSecurity #CEOInterview #GlobalSecurity #CyberInsurance #AccessControl #FutureTech #Innovation #ITSecurity #TechSolutions #DataPrivacy #SecureAccess #DigitalTransformation #BusinessSecurity #GovernmentTech #ITInfrastructure #BiometricTechnology #InformationSecurity #CyberThreats #TechGrowth #invest #investing #investment #investor #stockmarket #stocks #stock #stockmarketnews
In this episode, join hosts Rob Aragao and Stan Wisseman as they delve into the world of cybersecurity and data privacy with their esteemed guest, Shawn Tuma. Shawn, a seasoned cybersecurity and data privacy attorney, and partner at Spencer Fane, brings over two decades of experience to the table. As the co-chair of the firm's Cybersecurity and Data Privacy Practice Group, Shawn discusses his journey in the field, from the Y2K era to the present day.The conversation covers key elements of cybersecurity, emphasizing the importance of a continuous, strategic approach to evaluating and managing risks. Shawn shares insights into prevalent issues such as RDP access, backup strategies, and the critical role of multifactor authentication, especially for users of Microsoft Office 365 and Google web-based email.Reflecting on the evolution of cybersecurity, Shawn highlights the pivotal moment in 2013 with major data breaches at Target, Home Depot, and Neiman Marcus. He emphasizes the need for a proactive risk management framework and the significance of cybersecurity insurance in today's landscape.The hosts and Shawn discuss the changing role of Chief Information Security Officers (CISOs) and the growing recognition of their strategic importance within organizations. Sean stresses the value of building relationships with law enforcement, particularly federal agencies like the FBI and Secret Service, to enhance incident response capabilities.Throughout the episode, Shawn Tuma's passion for cybersecurity and practical, actionable advice shines through, making this conversation a must-listen for anyone navigating the complexities of cybersecurity in the modern business landscape.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
We're all using zero trust - but are we using it well? Richard talks to Nicolas Blank about his work helping to develop the Zero Trust Adoption Framework. Nicolas talks about resisting the buzzword effect and avoiding looking at zero trust as a set of products because it isn't - it's really about the people and processes in your organization that keep things secure. The conversation also digs into the tabletop exercises needed to create priorities for security - not everything in your organization needs the same level of protection or effort. It pays to work through scenarios!Links:Zero Trust Adoption FrameworkMicrosoft Entra IDRansomware Recovery ReadinessMimiKatzRecorded October 12, 2023
Welcome to the Social-Engineer Podcast: The SE Etc. Series. This series will be hosted by Chris Hadnagy, CEO of Social-Engineer LLC, and The Innocent Lives Foundation, as well as Social-Engineer.Org and The Institute for Social Engineering. Chris will be joined by his co-host Patrick Laverty as they discuss topics pertaining to the world of Social Engineering. [Nov 27, 2023] 00:00 - Intro 00:19 - Patrick Laverty Intro 00:50 - Intro Links - Social-Engineer.com - http://www.social-engineer.com/ - Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ - Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ - Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ - Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb - CLUTCH - http://www.pro-rock.com/ - innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/ 04:33 - Intro Chat: QRishing 10:25 - Todays Topic: End of year threats 12:50 - Phishin' in the Amazon 16:29 - The Argument for Password Managers 18:51 - MFA But Not SMS 22:23 - Smishing All Around 25:40 - Training Us to be Victims 27:49 - Don't Answer! 30:43 - Less Generalized 31:52 - It's the Season for Vishing 34:17 - The Gift Card Scams 40:49 - Seasonal Summery 42:37 - Next Month: Storytime 43:21 - Wrap Up & Outro - www.social-engineer.com - www.innocentlivesfoundation.org Find us online - Chris Hadnagy - Twitter: @humanhacker - LinkedIn: linkedin.com/in/christopherhadnagy - Patrick Laverty - Twitter: @plaverty9 - LinkedIn: linkedin.com/in/plaverty9
Fraudology is presented by Sardine. Learn more about how their one platform covers you for fraud, compliance, and payments.In this episode of Fraudology, host Karisse Hendrick is joined by her friend and Financial Services Risk expert, Gil Rosenthal to discuss the vulnerabilities and challenges of multifactor authentication. They explore various methods of verification, such as One Time Passwords (OTPs) via SMS or email, authentication apps and magic links, and examine the importance of monitoring unauthorized use claims after MFA was successful for account access or account activity (withdrawals, large purchases, etc.).Gil & Karisse also delve into the indicators used to discover one of the five root causes of spikes in an MFA "attack". Such as, sudden changes in phone companies or a recently updated phone number or email address in an account, and they highlight the importance of analyzing the cause to identify a successful strategy to thwart more attempts. And, they also provide signs to identify when an unauthorized claim was made by the account holder ("1st party"/"friendly" fraud.They wrap up the conversation with a few examples of successful strategies (both technical & process-based updates) to implement to identify & "stop the mouse" in this never-ending Cat-and-Mouse "game"! Join the conversation as they shed light on the evolving tactics fraudsters are using to get around MFA, and the ongoing battle to safeguard user accounts.To connect with Gil Directly (to gain a great person to follow & learn from, learn about his consulting services, and/or his new venture in Financial Services data management & reporting, Choir): https://www.linkedin.com/in/gil-rosenthal/Fraudology is hosted by Karisse Hendrick, a fraud fighter with decades of experience advising hundreds of the biggest ecommerce companies in the world on fraud, chargebacks, and other forms of abuse impacting a company's bottom line. Connect with her on LinkedIn She brings her experience, expertise, and extensive network of experts to this podcast semi weekly, on Tuesdays and Thursdays.Mentioned in this episode:2023-q4-postroll sardine 1
Special offer for listeners. https://cyberhoot.com/offers/Cybersecurity-Month-Free-Training-For-All Discover the shocking truth behind traditional phishing tests that will leave you questioning everything. One man's journey to revolutionize cyber literacy will make you rethink your approach to online security. Prepare to be amazed as you uncover the unexpected twist that is reshaping the way businesses protect themselves from cyber-attacks. But, is this groundbreaking solution the final answer? Find out more in this captivating transcript. In this episode, you will be able to: • Uncover how proficiencies in cyber literacy can serve as a robust shield against ominous cyber threats. • Discover the hidden perils and aftermaths associated with succumbing to hacker ransom demands. • Learn about the inherent shortcomings of conventional phishing tests as tools for assessing cyber literacy. • Realize the tremendous advantages that come with the utilization of password managers and maintaining solid password habits. • Recognize the compelling importance of consistent cyber awareness training for workforce members. List 2 Cybersecurity is not just an IT problem, it's a business risk problem. It's about protecting your company from potential breaches and ransomware attacks that can cripple your operations. - Craig Taylor The key moments in this episode are: 00:00:00 - Introduction, 00:00:32 - What is Cyber Hoot?, 00:01:55 - Ransomware Attacks and Prevention, 00:06:11 - Flaws in Traditional Phishing Tests, 00:09:04 - Cyber Hoot's Phishing Simulation, 00:13:32 - Free Month of Training Offer, 00:14:13 - Social Engineering and Physical Security, 00:15:32 - Different Forms of Social Engineering, 00:16:05 - Importance of Password Hygiene, 00:17:34 - Multifactor Authentication and VPNs Craig Taylor, CISSP certified in 2001, is a 25-year veteran of Cybersecurity. In 2014 he co-founded a cybersecurity company - Cyberhoot - to help SMB's and MSPs become more cybersecurity aware and thus more cyber-secure. During his career, Craig has led cybersecurity organizations in Web Hosting (CSC), Finance (JP Morgan Chase), and manufacturing (Vistaprint). Additionally, Craig has built a cybersecurity consultancy delivering virtual Chief Information Security Officer (vCISO) services to companies of all sizes (SMB's to Enterprises). Craig is a Toastmaster (public speaking), a Rotarian (Portsmouth, NH), and a philanthropist having raised 100k by riding in the Pan Mass Challenge for the last 8 years. In his spare time he enjoys Hockey, Golf, Mountain Biking, his wife and 4 children. Reach out to Craig https://cyberhoot.com/ Connect with me here: • https://www.youtube.com/@thedougthompson • https://www.youtube.com/@thedougthompson • https://www.facebook.com/thedougthompson • https://www.linkedin.com/in/thedougthompson/ • https://www.twitter.com/thedougthompson • https://thedougthompson.com And remember. Just say no to #techsplaining --- Support this podcast: https://podcasters.spotify.com/pod/show/the-doug-thompson/support
Federal Tech Podcast: Listen and learn how successful companies get federal contracts
During the interview, Bryan Rosensteel applies his considerable federal experience in identification to help you understand where basic MFA can be applied and when to move on to more appropriate methods of identification. Instead of just a mere six-digit code, you may want to use a physical device like a CAC card to prove your identity. In cases like phone access where cards are not practical, you can take it to the next level. A person seeking identity verification can be identified by technology to know where you are, what kind of connection they are using if you are deploying a usual device, and even the time of day. Federal systems are being attacked every day; it is best to understand some of the options; you must understand some of the variations on “strong” verification.
Just a friendly reminder to change as many passwords as you can if you had the 3CX Desktop app installed, and that you should really set up Multifactor Authentication for as many accounts as you can! Send your questions, comments, and requests for Plumes' Pearls of Wisdom over to PlumesCast@gmail.com, or find Seth on other social medias such as TikTok, Twitter, and YouTube as PhantasmaPlumes!
This episode reports on a company fined for an inaccurate ransomware report, the seizure of the NetWire remote access trojan infrastructure and more
Bob Carver CISM, CISSP, M.S. began his security career working in the financial industry. Later, Bob became the first full-time security employee hired to start the dedicated security monitoring and incident response team for Verizon Wireless. He has been involved in cyber risk management, policy, threat intelligence, and analytics. He was recognized by LinkedIn as one of the Top 5 Influencers in the World to follow in Cybersecurity. Most recently, he was on the expert panel for CES (Consumer Electronics Show) in Las Vegas discussing "Focusing on Security in Product Innovation." 00:00 Introduction 00:18 Our Guest 01:47 Bobs Beginning 05:02 How did Bob land his position at Verizon? 08:00 Budget issues 11:02 Why are companies so ineffective with Cybersecurity? 13:38 Cyber professionals not addressing business security implications 18:40 Malvertising 21:31 Not downloading everything off the internet 26:15 Curing your problems with a tool 28:26 Budgeting: Where should you prioritize? 32:22 ChatGPT 33:47 Cyber Insurance 37:29 Multifactor Authentication 43:06 File Storing System 45:48 Modern-day Bonnie and Clyde 47:43 Connecting with Bob ---------------------------------------------------------------------- Bobs video on Malvertising: https://www.linkedin.com/feed/update/urn:li:activity:7029053209889411072/ Bob's Twitter: @cybersecboardrm Bob's LinkedIn https://www.linkedin.com/in/bobcarver/ To learn more about Dark Rhino Security visit https://www.darkrhinosecurity.com ---------------------------------------------------------------------- SOCIAL MEDIA: Stay connected with us on our social media pages where we'll give you snippets, alerts for new podcasts, and even behind the scenes of our studio! Instagram: @securityconfidential and @OfficialDarkRhinoSecurity Facebook: @Dark-Rhino-Security-Inc Twitter: @darkrhinosec LinkedIn: @dark-rhino-security Youtube: @Dark Rhino Security --------------------------------------------------------------------- Articles Mentioned: https://cybermagazine.com/cyber-security/executive-profile-bob-carver-verizon-wireless https://www.wired.com/2005/02/paris-hilton-hacked-or-not/
For this Weeks TechtalkRadio Show Andy, Shawn and Justin talk about Justin's purchase of Audio Technica Turntable and how much fun he has had getting the Vinyl out and playing it on the system which has many nice features. The guys share stories of their first Vinyl LP's and how the experience of owning a Vinyl Album has been different versus those that have only bought Digital Albums. This past year Vinyl Record Sale were the highest they have been for over 30 years. The guys talk about protecting your data and networks considering a recent attack on the Tucson Unified School District. Justin and Shawn share how a Hardware Firewall can add a layer of Protection. Justin recommends Fortinet Hardware Firewalls but also shares a Raspberry Pi Solution, known as PFSense. News this past week that Microsoft, Sony and Nintendo may not be attending this Junes E3 Conference. Shawn believes its smart for these companies due to the cost involved and how a Virtual Show or Digital presentation from these companies makes more sense financially. Justin asks is this could be something we could see with CES however the guys concede, the idea for in person works for CES and is important for investments in new technology. The recent Cyber Attack on Tucson Unified School District systems has been confusing for some, Andy talks with Mike Lettman, CISA Region 9 Cybersecurity advisor about what it means and how this and other Ransomware attacks occur. Mike explains how this may have happen and how anybody could be a target when it comes to data. Mike tells us about the formation of CISA, the Cybersecurity and Infrastructure Security Agency in 2018 and how cybercriminals target and why they target K-12 Schools. Mike shares info on the recovery process after ransomware attacks and what it may take to get the systems operational again. Mike also shares security tips within systems to be protected, "Patch Patch Patch." Multifactor Authentication and education and awareness for users. CISA has put together an informational package for K-12 available at https://www.CISA.gov/partnering-safeguard-K-12-toolkit Shawn shares info on the Google Fi T-Mobile issue that was recently discovered. The guys talk about your personal info which may be on the Dark Web and if company with services like LifeLock and others can be a solution for protecting your identity data. Justin shares a website for creating sounds for the background while working or relaxing, https://www.asoftmurmur.com Shawn tells us about checking out Goldeneye 007 on the Nintendo Online service. Connect with Us on social media! Facebook @techtalkers YouTube - https://www.youtube.com/techtalkradio Twitter @TechtalkRadio Instagram techtalkradio Web: TechtalkRadio.Com Subscribe and Like on Spreaker! Spotify, YouTube, Audacy, iHeart and Apple Podcast
Join Somerford's Anne Mundy for a discussion about the importance of your digital identity. Imprivata's Andy Wilcox adds his background and familiarity in exploring why digital identity is so important, as well as delving into tangible workplace examples and how businesses are able to rapidly assess the effectiveness of their current strategy through Imprivata's solution suite.Somerford is a certified Premier Partner with #imprivata. The Imprivata platform addresses critical compliance and security challenges while improving provider productivity. #Digitalidentity is the cornerstone of Imprivata, enabling effective, efficient, secure, and compliant access and management for the systems, applications, and data.━━━━Additional resources:✓ Explore Imprivata's 'Digital Identity Framework' in full:https://www.imprivata.co.uk/digital-identity-framework✓ Quickly assess the effectiveness of your current strategy: https://www.imprivata.com/assess━━━━▶ Listen on Spotify: https://open.spotify.com/show/00soJ9kAQuVCh9EBRHOGzJ▶ Listen on Google Podcasts: https://podcasts.google.com/?feed=aHR0cHM6Ly9mZWVkcy5idXp6c3Byb3V0LmNvbS8xMDkyNTAwLnJzcw==▶ Listen on Apple Podcasts: https://podcasts.apple.com/us/podcast/the-somerford-podcast/id1515273563?uo=4━━━━✓ Learn more about Somerford on our website:https://www.somerfordassociates.com/✓ View our complimentary partner discovery webinars and workshops:https://www.somerfordassociates.com/events/✓ Keep notified of news & announcements on Linkedin:https://www.linkedin.com/company/somerford-associates-limited/✓ Contact Somerford for more information regarding this video:https://www.somerfordassociates.com/contact-us/
The Cybersecurity and Infrastructure Security Agency (CISA) recently (Oct 31, 2022) released fact sheets urging all organizations to implement phishing-resistant multi-factor authentication (MFA). In this episode, George Gerchow, Chief Security Officer and Senior Vice President of IT, Sumo Logic, and I have an in-depth discussion on this very important security subject matter. The scope of coverage ranges from providing an overview of MFA and its benefits to discussing the challenges and hurdles of implementing phishing-resistant MFA, recommended implementation approaches, and the future of MFA.Time Stamps01:53 -- Please share with listeners some highlights of your professional journey.02:51 -- Please provide listeners with an overview of what multifactor authentication is.03:52 -- A recently published article on Dark Reading reports that a massive phishing campaign targeting GitHub users convinced at least one developer at Dropbox to enter in their credentials and the two-factor authentication code, leading to the theft of at least 130 software code repositories. Essentially, the perpetrators exploited the multi-factor authentication fatigue. George, your reactions.06:51 -- You said that many organizations don't even have multifactor authentication. That begs the question, why is that the case? Is there a technology aspect to it, a technological complexity of having multifactor authentication integrated into existing legacy systems? Is there a cost aspect to it, is it very expensive? What does your experience tell you?08:30 -- From personal experience, I haven't felt the fatigue. Even if I had to review several times or take that extra step to authenticate, I would because I am paranoid about ensuring that access is very secure. So I have brought about a change in my own mindset. I'm just curious to know if organizations are striving to bring about a change in the multifactor authentication mindset. What are your thoughts?12:23 -- As humans, it is our natural tendency to assume, Oh, it's not going to happen to me. And if it does, we'll deal with it then. And I know that organizations also often have that mindset, some organizations know they will get bailed out. George, what are your thoughts?22:21 -- Would you like to expand on how organizations go about implementing phishing-resistant MFA? What solutions are available out there?25:09 -- George, I read about this FIDO authentication, the FIDO Alliance, where they have developed this protocol to enable phishing-resistant authentication. Can you expand on that? 26:50 -- During our planning meeting, you made a couple of very poignant statements, one of which is, "leaders should create a culture where employees feel they can slow down for the sake of security." Help tie this to our discussion on multifactor authentication.30:44 -- Going back to this multi-factor authentication fatigue, is there really a fatigue? Or is it being hyped up? What's the real story?35:33 -- George, I'd like to give you the opportunity to share some final words, some key messages for the listeners.Memorable George Gerchow Quotes/Statements"Absolute laziness is really what it comes down to in the beginning; I don't want to disrupt my organization by having them go through this extra step.""Development organizations that are heavy with startups, the developers do not want to take that extra step. Sometimes executives are also unwilling to follow through with that extra authentication step -- Do I really have to do this? I know it's a policy, but can't I get around this? And the answer should be flat-out No, under any...
A group of leading federal security officials is exploring ways agencies can break old paradigms for how employees log-in to federal networks and citizens access government services, driven by a whole-of-government mandate to adopt modern authentication practices. Multifactor authentication is a major issue in front of the federal chief information security officer council, according to Steven Hernandez, CISO at the Department of Education and co-chairman of the council. For federal employees, agencies are considering additional options beyond the Personal Identity Verification (PIV) card. But Hernandez said the PIV card will continue to be a leading authenticator well into the future.
Nick and Susan's monthly episode is joined by Lexie Nelson, a vCISO at Integris. Today's topic is multifactor authentication. We're going through a full breakdown into MFA: how much it really protects you and your organization, the things to look out for when selecting a service, and more.
Welcome to Episode 30 of Practical Business Technology, where we keep you in-the-know about technology's impact on business. In this episode on How to Avoid Multifactor Authentication Failures Dave and Stephanie Kinsey discuss gotchas to be aware of with respect to MFA and your business. Our show is sponsored by the Maricopa County Bar Association, and our host is Dave Kinsey, author, and owner of Total Networks.
Lapsus$ and the group behind the SolarWinds hack have utilized prompt bombing to defeat weaker MFA protections in recent months.
Lapsus$ and the group behind the SolarWinds hack have utilized prompt bombing to defeat weaker MFA protections in recent months.
Resources: Ransomware on a Rampage; a New Wake-Up Call (Forbes): https://www.forbes.com/sites/chuckbrooks/2021/08/21/ransomware-on-a-rampage-a-new-wake-up-call/?sh=5d7680d52e812022 Global Digital Trust Insights Survey (PwC): https://www.pwc.com/gx/en/issues/cybersecurity/global-digital-trust-insights.html
The Defense Information Systems Agency has made it clear: It wants to begin retiring the venerable common access card for multifactor authentication. Christoper Barnhurst, executive deputy director for DISA, said the agency is actively experimenting with other forms of multifactor authentication, which will eventually tie into the DoD's zero trust construct dubbed Thunderdome. Federal News Network's David Thornton joined Federal Drive with Tom Temin for the latest.
Multifactor authentication (MFA) is fast becoming a requirement for a secure business network. Not only that, it's becoming a requirement for a business to qualify for the added protection of cyber insurance. WatchGuard Technologies Director of Authentication Alexandre Cagnoni takes us through why multi-factor authentication is so important in the current cyber threat landscape for businesses of all sizes. He also explains why cyber insurers consider it vital. And then, he shares how WatchGuard AuthPoint makes implementing MFA simple for the organization and its employees. Hint: There's an app for that.Read a recent article on the subject by Alexandre here: https://www.securityinfowatch.com/cybersecurity/information-security/breach-detection/article/21229613/how-hackers-bypass-mfa-and-ways-to-stop-them.And find WatchGuard AuthPoint here: https://www.firewalls.com/brands/watchguard/cloud-security/watchguard-authpoint.html.In headlines, we discuss a Robinhood data theft, a discovery of breaches across key sectors, and an international ransomware bust.See the stories:Robinhood security breach compromised data of 7 million usershttps://www.engadget.com/robinhood-users-compromised-security-breach-063802932.html Hackers have breached organizations in defense and other sensitive sectors, security firm sayshttps://www.cnn.com/2021/11/07/politics/hackers-defense-contractors-energy-health-care-nsa/index.htmlRansomware crackdown spreads in U.S., Europe and Asiahttps://www.nbcnews.com/tech/security/ransomware-crackdown-spreads-us-europe-asia-rcna4829Get info on all things network security through our blog, https://firewalls.com/blog.And please do reach out, as we want to hear from you. Suggest an episode topic, ask a question, or just say hi in a review, or by emailing podcast@firewalls.com. New episodes are normally released every other Wednesday, so subscribe/follow to ensure you get the latest first - and again, please rate and review.Thanks for listening!
Engage – Episode 10 – “Stepping up cybersecurity: Biometrics and multifactor authentication” In episode 10 of Engage, we welcomed Rob Douglas, CEO, and President of BioConnect. He sat down with us to discuss biometrics and privacy in physical security. Genetec Chief Security Officer, Christian Morin, joins the conversation too. He shares his thoughts on recent changes in the industry and improving cyber hygiene– a hot topic during cybersecurity awareness month. According to a Gartner prediction, CEOs will be liable for cyber-physical security incidents. In this episode, we look at the best ways to fight new cyber threats through multi-factor authentication.
The need for more modern authentication techniques has never been more pressing and multi-factor authentication (MFA) is a key building block of zero trust approaches. Tom Gersic, VP of customer success at Salesforce and Garrett Bekker from the 451 security team join host Eric Hanselman to talk about what's needed. The threat landscape demands MFA, but users can be hesitant. It doesn't have to be this way. See Garrett's fireside chat at the 451Nexus conference: https://www.spglobal.com/451Nexus
Cybersecurity and Compliance with Craig Petronella - CMMC, NIST, DFARS, HIPAA, GDPR, ISO27001
Erin Dotsey and BJ Saldana-Tovar of Petronella Cybersecurity interview Jamel Lugg of Gatekeeper. Gatekeeper is a proximity token based Multifactor authentication (MFA) solution that meets compliance with regulations such as HIPAA for medical practices and CMMC for DOD contractors. Token based solutions like Gatekeeper are much more secure than SMS based MFA. PTG particularly likes the inclusion of a password manager as well as deep integration with Microsoft Windows to help humans use a PIN instead of a complex password, while retaining the utmost is cybersecurity and logging.
Two-factor authentication or multifactor authentication is making a huge push over the past couple of years, but it's been around for a while. The reason it's making such a big push here lately is because Microsoft is starting to push that out to their Office 365 systems, which all of our clients use. A lot of businesses use it at all different sizes. All the school districts use it. It's a big player in the industry, and they're not requiring it yet, but they're highly suggesting it. And it's going to be a requirement, I think, from what we're reading and the way the industry is going. It's a bit of a pain right now to set up. I think it'll get easier as they go through it. You typically have to download a Microsoft authenticator to your phone or some kind of mobile device. And when you go to log into your email or your cloud server, you put in your login ID, your password, and it prompts you on your phone and asks you, "Are you trying to log in?" And all you have to do is hit yes or no, or approve or deny. In fact, we're actually working on a document right now. We're going to send to all of our clients with a recommendation to enable multifactor authentication on their Office 365 accounts. And if they don't want to do it, we're going to make them sign off on a piece of paper that they refused. And that if there are any breaches caused by this, that we determine that are caused by them not having the MFA enabled, that will be outside the scope of their contract. It's getting to be that serious. We have plenty of stories where if a client had multifactor authentication enable, it would have saved them a lot of time, hassle, and money. Sometimes you get that notification, and you're you're you are trying to buy something. It doesn't go through, and you get the text or the email that says, "We saw this charge. Are you, you're trying to buy this?" Well, okay, it's approved, but you may have to put the charge back through and maybe call them back. But I'm glad they do that, obviously, for the instances when you say, "No, I didn't charge a sombrero in Mexico City!" Do you need help, or have any questions? Give us a call! Get all the links, resources and show notes at https://itoverdrivepodcast.com/15
Discord link. Good for just a few days. Check with more recent videos for a fresh link. https://discord.gg/XFXMZeFq Paul Vander Klay clips channel https://www.youtube.com/channel/UCX0jIcadtoxELSwehCh5QTg My Substack https://paulvanderklay.substack.com/ If you want to schedule a one-on-one conversation check here. https://paulvanderklay.me/2019/08/06/converzations-with-pvk/ There is a video version of this podcast on YouTube at http://www.youtube.com/paulvanderklay To listen to this on ITunes https://itunes.apple.com/us/podcast/paul-vanderklays-podcast/id1394314333 If you need the RSS feed for your podcast player https://paulvanderklay.podbean.com/feed/ All Amazon links here are part of the Amazon Affiliate Program. Amazon pays me a small commission at no additional cost to you if you buy through one of the product links here. This is is one (free to you) way to support my videos. https://paypal.me/paulvanderklay To support this channel/podcast with Bitcoin (BTC): 37TSN79RXewX8Js7CDMDRzvgMrFftutbPo To support this channel/podcast with Bitcoin Cash (BCH) qr3amdmj3n2u83eqefsdft9vatnj9na0dqlzhnx80h To support this channel/podcast with Ethereum (ETH): 0xd3F649C3403a4789466c246F32430036DADf6c62 Blockchain backup on Lbry https://odysee.com/@paulvanderklay https://www.patreon.com/paulvanderklay Paul's Church Content at Living Stones Channel https://www.youtube.com/channel/UCh7bdktIALZ9Nq41oVCvW-A To support Paul's work by supporting his church give here. https://tithe.ly/give?c=2160640
Google reports that Multifactor Authentication (MFA) prevents more than 96% of bulk phishing attempts and more than 76% of targeted attacks that are credential based.In this episode, learn how MFA maps to the different security frameworks, the impact it has, building a policy around it, how the threat actors exploit it - via MITRE ATT&CK - what you can do to defend against it - MITRE Shield, common mistakes or oversights made when implementing into their tech stack and trends.Note: Sponsors Cisco Duo and Center for Internet Security (CIS) are at the end of the episode starting at minute 26:00.msp@duo.com to sign up for Duo NFR.https://www.cisecurity.org/cybersecurity-tools/cis-cat-pro/andrew@thecybernation.com - Andrew Morgan (host)Co-hosts: Ryan Weeks: https://www.linkedin.com/in/ryanweeks/Phyllis Lee: https://www.linkedin.com/in/phyllis-lee-21b58a1a4/Wes Spencer: https://www.linkedin.com/in/wesspencer/ Brian Blakely: https://www.linkedin.com/in/bblakley/Consant Cybersecurity: https://cosant.com/
In Episode 224, Ben and Scott go down a rabbit hole to explore Windows Hello for Business and passwordless authentication options in Windows. They also talk about how these features can be used to satisfy requirements for standards such as CMMC. Sponsors Sperry Software – Powerful Outlook Add-ins developed to make your email life easy even if you're too busy to manage your inbox ShareGate - ShareGate's industry-leading products help IT professionals worldwide migrate their business to the Office 365 or SharePoint, automate their Office 365 governance, and understand their Azure usage & costs Office365AdminPortal.com - Providing admins the knowledge and tools to run Office 365 successfully Intelligink - We focus on the Microsoft Cloud so you can focus on your business Show Notes DNS issue impacting multiple Microsoft services - Mitigated (Tracking ID GVY5-TZZ) RCA - Authentication errors across multiple Microsoft services (Tracking ID LN01-P8Z) CMMC Model and Assessment Guides NIST SP 800-171 10 Reasons to love Passwordless #1: FIDO Rocks Enable Windows 10 Multifactor Authentication with Windows Hello Multifactor Device Unlock & Microsoft Intune Windows Hello for Business Deployment Prerequisite Overview Why a PIN is better than a password Passwordless authentication options for Azure Active Directory Satisfying CMMC – Level 3 - IA.3.083 MFA requirement with Windows Hello for Business How Smart Card Sign-in Works in Windows Sign in with passwordless credential Logitech BRIO Ultra HD Webcam for Video Conferencing, Recording, and Streaming - Black Kensington VeriMark USB Fingerprint Key Reader - Windows Hello, FIDO U2F, Anti-Spoofing (K67977WW),Black About the sponsors Sperry Software, Inc focuses primarily on Microsoft Outlook and more recently Microsoft Office 365, where a plethora of tools and plugins that work with email have been developed. These tools can be extended for almost any situation where email is involved, including automating workflows (e.g., automatically save emails as PDF or automatically archive emails that are over 30 days old), modifying potentially bad user behaviors (e.g., alert the user to suspected phishing emails or prompt the user if they are going to inadvertently reply to all), and increased email security (e.g., prompt the user with a customizable warning if they are about to send an email outside the organization). Get started today by visiting www.SperrySoftware.com/CloudIT Every business will eventually have to move to the cloud and adapt to it. That's a fact. ShareGate helps with that. Our industry-leading products help IT professionals worldwide migrate their business to the Office 365 or SharePoint, automate their Office 365 governance, and understand their Azure usage & costs. Visit https://sharegate.com/ to learn more. Intelligink utilizes their skill and passion for the Microsoft cloud to empower their customers with the freedom to focus on their core business. They partner with them to implement and administer their cloud technology deployments and solutions. Visit Intelligink.com for more info.
The cyber threats of this year aren't going away when the calendar flips to 2021. They'll just continue to evolve. For a primer on the online hazards you can expect next year, we welcome back WatchGuard's Marc Laliberte, who - along with his team - has released a set of 2021 Cybersecurity Predictions. We start off by looking back at WatchGuard's 2020 Cybersecurity Predictions and how the pandemic influenced their outcomes. Then, we discuss why the remote work dangers we've seen this year are only the beginning, and the desperate need for multifactor authentication. Finally, Marc tells us why to think twice before charging your electric car just anywhere.See the 2021 Cybersecurity Predictions here: https://www.watchguard.com/wgrd-resource-center/cyber-security-predictions-2021.In our Ransomware Reckoning segment, we highlight an attack that closed schools in Baltimore beyond Thanksgiving.Then, it's on to cyber news headlines, with stories on cyber threats facing home users, another cyber crime bust, and cyberbiosecurity.Here are the headlines:Cybersecurity report: Average household hit with 104 threats each month https://www.techrepublic.com/article/cybersecurity-report-average-household-hit-with-104-threats-each-month/ Three Arrested for Cybercrime Operation Targeting 150 Countrieshttps://www.securityweek.com/three-nigerians-arrested-cybercrime-operation-targeting-150-countriesThis new cyberattack can dupe DNA scientists into creating dangerous viruses and toxinshttps://www.zdnet.com/article/this-new-cyberattack-can-dupe-scientists-into-creating-dangerous-viruses-toxins And please do reach out, as we want to hear from you. Suggest an episode topic, ask a question, or just say hi in a review, or by emailing podcast@firewalls.com. New episodes are normally released every other Wednesday, so subscribe/follow to ensure you get the latest first - and again, please rate and review.Thanks for listening!
It's widely-accepted that multifactor is a best practice for authentication, but there are a variety of implementations (e.g., smart cards, push notifications, OTPs). We'll talk through the benefits and drawbacks of each and explore why Microsoft's director of identity security just published a blog post about abandoning text messages for Office365/Azure authentication. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw208
It's widely-accepted that multifactor is a best practice for authentication, but there are a variety of implementations (e.g., smart cards, push notifications, OTPs). We'll talk through the benefits and drawbacks of each and explore why Microsoft's director of identity security just published a blog post about abandoning text messages for Office365/Azure authentication. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw208
Today, my guest is Roger Grimes. Roger's expertise in the field of computer security is unparalleled. He describes himself as the best in the world when it comes to computer security defense- and he has the credentials to back up this assertion. He works with Kevin Mitnick who he calls the best Offensive Security guy in the world, but he calls himself the best when it comes to Defense. As all of you know by now I love Offense and Defense Innovation so this interview falls squarely into the category of Defense Innovation for sure. With more than 40 computer certifications and twelve books authored or (Co-authored) on computer security, Roger has spent over three decades imparting his knowledge to audiences worldwide. His current title is Data-Driven Defense Evangelist at KnowBe4. He is the author of the new book, Hacking Multifactor Authentication. Roger is a 33-year senior computer security architect and cybersecurity veteran specializing in general computer security, identity management, PKI, Windows computer security, host security, cloud security, honeypots, APT, and defending against hackers and malware. He has worked at some of the world's largest computer security companies, including Foundstone, McAfee, and Microsoft. In this time of remote workforces and distributed endpoints, Roger advocates for Multi-Factor Authentication. However, MFA is not the end all be all for security. The vast majority of hacking doesn't care about your MFA. It's all about reducing your risk, according to Roger. Throughout his many years in the industry, Roger a universal mission that drives all of his actions- to make the internet a safer place. Roger says if he leaves the Earth without accomplishing that feat, he has failed. I also provide how you can connect with him on Linkedin. He has over 25k followers. We've been sold by the industry that MFA is a Warm Blanky and Panacea for all security ills. Learn more deeply about this topic as it is critical to your distributed security architectures moving forward I'm excited to share this conversation with such a distinguished and world-renowned Security Defense Specialist. Here are useful topics, books, and resources discussed and what you will learn as you listen: Why most companies today fail in risk-based security and how to avoid the most common pitfalls. The benefits of enabling application control software like AppLocker in audit only mode. Why assuming just because you have MFA that you can't be hacked is false and how smart application of MFA will reduce your risk of getting hacked. Why push applications like FIDO are more effective than SMS-based multi-factor authentication. The highest risk areas CIO's and CISO's need to avoid falling into when dealing with MFA. Why MFA and other security measures like it are all about reducing your risk instead of eliminating it completely. How to Connect with this Guest: LinkedIn Twitter Books Articles Technologies referenced in podcast: Troy Hunt’s “Have I Been Pwned?” Kevin Mitnick's “Mitnick Security” FIDO Alliance Framework Books Published by Roger A. Grimes Referenced in Podcast: Hacking Multifactor Authentication , 1st Edition, By Roger A. Grimes. Published by Wiley, 2020 A Data-Driven Computer Security Defense: THE Computer Security Defense You Should Be Using, 1st Edition, By Roger A. Grimes, Published Independently, 2017 Transcript: You can go to the show notes to get more information about this interview and what we discussed in this episode. You'll find the show notes at redzonetech.net/podcasts. Leave A Review: Love this episode? Share it with your LinkedIn community here. If you haven't already, please make sure you leave us a review on iTunes or Stitcher. Not sure how to leave a review? Check out the instructions here. About Bill Murphy: Bill Murphy is a world-renowned IT Security Expert dedicated to your success as an IT business leader. Follow Bill on LinkedIn and Twitter. If you are interested in learning more about RedZone and our security expertise in particular related to Cloud and Email Security Kill Chain Strategy, Techniques, and Tactics you can email cloudkill@redzonetech.net. Music provided by Ben's Sound: http://www.bensound.com/ Other Ways to Listen to the Podcast: iTunes | Libsyn | Soundcloud | RSS | LinkedIn
This episode talks about the Multifactor Authentication along with UK Business Cyber Resilience and International efforts to make being online safer. For more information visit the NCSC's guidance on multi-factor authentication visit: · Multi-factor authentication for online services – https://www.ncsc.gov.uk/guidance/multifactor-authentication-online-services· Setting up two-factor authentication (2FA) https://www.ncsc.gov.uk/guidance/setting-two-factor-authentication-2fa · Turn on two-factor authentication – Social Media, Banking & Email https://www.ncsc.gov.uk/cyberaware/home#section_4 After listening to this podcast please visit Action Fraud, Take Five, National Cyber Security Centre and the West Midlands Cyber Protect Websites for more guidance on all things relating to online Security. www.takefive-stopfraud.org.ukwww.actionfraud.police.ukwww.ncsc.gov.ukwww.wmcyber.org Our host today is Patrick, a Detective and Cyber Protect officer for the Regional Cyber Team part of the Regional Organised Crime Unit for the West Midlands. Also covering the West Midlands is Sean Long – WMPDigitalPCSO, Warwickshire and West Mercia is James Squire - cyberpcso and Staffordshire Police area is Mathew Hough-Clews and can be found at sp_digitalpcso. To contact us please email us at wmcyber@west-midlands.pnn.police.uk.
In this episode we guide you on how to enable multi-factor authentication inside of the Office365 admin portal
How do you implement multifactor authentication in your application? While at NDC in London, Carl and Richard chatted with Christine Seeman about what it takes to add multifactor authentication support to your application. Christine talks about all of the great tools that exist today to make it easier to put authentication tools to work. But then the tricky part comes - how do you get your users to take advantage of them!Support this podcast at — https://redcircle.com/net-rocks/donations
How do you implement multifactor authentication in your application? While at NDC in London, Carl and Richard chatted with Christine Seeman about what it takes to add multifactor authentication support to your application. Christine talks about all of the great tools that exist today to make it easier to put authentication tools to work. But then the tricky part comes - how do you get your users to take advantage of them!
The gang is back for our first episode of the decade! We kick-off 2020 with Stina Ehrensvard, CEO & Founder of Yubico. Join us, as we discover how she created the world's leading security key, and developed a new global standard for web. In this episode, we ask why multifactor authentication is so important, and debate the emerging questions around biometrics.We also catch-up after the festive break, and run-through the latest technology news in Watchtower Weekly.WatchTower WeeklyTroy Hunt tries to inform Surebet they've been hackedSurebet asks users to kindly ignore the information of a hackApple 'hacker' avoids prison over iCloud blackmailChristmas malware uses “Support Greta Thunberg” as a lureJohn Lewis on Twitter @johnlewisVisit Yubico.comVisit Yubico blogFollow Yubico on Twitter @YubicoReal or Not Real?You can see the Great Wall of China from space. Read more here.Follow Us…Visit 1password.comCheck out our blogTweet us @1PasswordFind us on Facebook or InstagramPlease get in touch using #Ask1Password and let us know what you think of the show, you can also leave us a review on iTunes or wherever you listen to podcasts.
A combination of weak authentication protocols and the use of easy-to-guess passwords have led to numerous security breaches. Derek Melber, AD MVP, shares his take on the importance of strong passwords, best practices of password policy, and much more in this episode.
In this episode the roundtable is open. Ray Redacted, Jessie "The Man" Broke, Harry D and Taylor from MyCrypto all swing by to discuss security, why it is not sexy and what it needs to do to be sexy. Corey invents a new acronym, "SIS." Everyone in the roundtable agrees that it should be a new standard way of thinking. Also, Taylor reminds everyone in the crypto community that the worst user experience is the one where the user loses their money. Nobody wants that. Oh...and for good measure, if you aren't using 2FA or some form of MFA, then you are just waiting to get pwned. Waiting very patiently to get pwned.
Bob Stern and Tim Peterson of the Information Technology and Cyberlaw Committee sit down with Adam Abresch of Acrisure, John Curran of Redpoint Cybersecurity, and Stephen Ramey of the Crypsis Group in a freewheeling discussion of hacking from technical, insurance, and legal perspectives, with specific content relating to how hacking affects lawyers both directly and in representation of their clients. 0:38 Guest Intro 2:00 Hacking Intro 5:06 How Do Hackers Infiltrate? 8:46 Social Engineering 12:10 How Insurance Handles Social Engineering 14:09 Creating a Cybersecurity Culture 18:31 Pen Testing and Phishing 20:25 Breach Response 21:36 Establishing a Risk Management Process 24:16 How Lawyers Respond to Client Breaches 27:31 The Importance of Logging 30:28 Reputation Risk 32:15 Small Law Firm Cybersecurity 35:20 Security Controls and Multifactor Authentication 38:24 Other Security Measures 42:04 Cybersecurity and Corporate Governance 45:51 Importance of Encryption 47:19 Segmentation of Data 50:28 Black Hat Hackers 52:47 Bug Bounty Programs 54:11 Insiders 55:47 Does Reputation of Company Matter in Targeting? 57:48 Ransomware Attacks 1:01:25 Limitations of Backups 1:03:30 Forensic Investigations 1:04:39 Dangers of Paying Ransom 1:06:43 Ransomware and HIPAA 1:09:37 The Legal Insurance Perspective 1:13:44 Are We Better Off Now Than We Were Five Years Ago? And Where Will We Be in Five Years? 1:17:18 Hackers as a Service 1:18:45 Trends in Insurance 1:20:58 Hacking Legal Summation
In this episode of Cisco Champion Radio, our Cisco Champion hosts discuss the Cisco Duo acquisition. Cisco Champion Hosts Evan Mintzer (https://twitter.com/evanmintzer) Cisco Champion member and Manager, IT Information Security Martin Schönbacher (https://twitter.com/nfvguy), Cisco Champion member and Datacenter Architect Cisco Guests: Karianne Butler, Product Manager, Duo Umang Burman, Product Marketing Manager, Duo Moderator: Brett Shore (https://twitter.com/brettshore), Cisco Champion Program Management Podcast Discussion Topics - Duo history and culture - What Products and services are part of the Duo portfolio - Changes to Duo since the Cisco acquisition - What can Duo customers can expect - What platforms are supported with Duo - How POC work at Duo - Where things are going in the future - Duo’s global footprint - When the Duo products will be added to CCW - The Duo Community - Meraki support Learn more: https://blogs.cisco.com/perspectives/multifactor-authentication-comes-together-with-duo-and-cisco-a-cisco-champion-radio-podcast-s5ep27
In this episode of Cisco Champion Radio, our Cisco Champion hosts discuss the Cisco Duo acquisition. Cisco Champion Hosts Evan Mintzer (https://twitter.com/evanmintzer) Cisco Champion member and Manager, IT Information Security Martin Schönbacher (https://twitter.com/nfvguy), Cisco Champion member and Datacenter Architect Cisco Guests: Karianne Butler, Product Manager, Duo Umang Burman, Product Marketing Manager, Duo Moderator: Brett Shore (https://twitter.com/brettshore), Cisco Champion Program Management Podcast Discussion Topics - Duo history and culture - What Products and services are part of the Duo portfolio - Changes to Duo since the Cisco acquisition - What can Duo customers can expect - What platforms are supported with Duo - How POC work at Duo - Where things are going in the future - Duo’s global footprint - When the Duo products will be added to CCW - The Duo Community - Meraki support Learn more: https://blogs.cisco.com/perspectives/multifactor-authentication-comes-together-with-duo-and-cisco-a-cisco-champion-radio-podcast-s5ep27
In an era when much of our lives happen online, from banking to social media, cybersecurity is more important than ever. And we all have a role to play—not just in keeping ourselves safe, but also our employers and customers. As we become more connected, we also must also become more vigilant. But what do you do to remain secure? Whether you are a broker, an investor or just simply an internet user, we’ve got tips for you on this episode of FINRA Unscripted. In honor of National Cybersecurity Awareness Month, Barry Suskind and Eugene Mindel of FINRA’s Cyber and Information Security team join us to provide resources and best practices for keeping you, your family and your clients protected while online. Resources mentioned in this episode: Cybersecurity Resources Small Firm Cybersecurity Checklist Fake Phishing, Real Benefits
Blake shares his thoughts on the first year of the Accounting & Finance Show LA under new management, then David & Blake discuss the latest accounting news, including: NetSuite's outage this week that prevented many businesses from accessing their ERP for almost a whole day, Google's hardware multi-factor authentication program that has prevented 100% of phishing attacks on its huge workforce, the recent breach of ComplyRight (a large 1099 processor), and why Hector Garcia's popular QuickBooks-focused YouTube channel was suddenly deleted without any warning. (We still don't know).
This week on the podcast, we cover the new security enhancements in ONTAP 9.3 with the security super squad, Juan Mojica and Dan Tulledge. Join us as we discuss Multifactor Authentication and NetApp Volume Encryption enhancements.
Live from BSides Vancouver 2017 Chester Wisniewski of Sophos interviews Derek Hanson from Yubico about U2F, FIDO and the future of mutlifactor authentication.
Richard chats with Dana Epp about multi-factor authentication. The conversation starts out with some definition around multi-factor authentication - something you know and something you have. Most of the time, the thing you know is your user name and password. Dana digs into authenticating using the most common thing you have, the smartphone. Tools like Twilio can help you bring text messaging to your system. Beyond the phone, there are dedicated devices like YubiKey that provide a different thing you have. The battle of better identity has been going on for some time, Dana mentions Dick Hart's amazing identity keynote from Oscon 2005.