Feature

What is "reasonable security"? And how to meet the requirement

Privacy regulations such as the GDPR and CCPA require companies to provide "reasonable security" to protect customers' personal information. Here's how you might best achieve that standard.

How Apple’s iCloud authentication system fails to protect your account

Apple’s 2FA iCloud system is generally very diligent about securing your account, especially when you have two devices, but it has one key flaw.

Here’s how one company is simplifying secure access in the age of hybrid

With enterprises moving towards hybrid ecosystems, security leaders need to strike the right balance between user experience and the zero-trust approach.

The 6 biggest ransomware attacks of the last 5 years

The biggest ransomware attacks illustrate how this particularly nasty genre of attack software has grown from a curiosity and an annoyance to a major crisis.

What is a honeypot? A trap for catching hackers in the act

A honeypot is a system designed to lure hackers into revealing their origins and techniques, and they're used by security researchers and corporate IT alike.

Firms pay CEOs more, shareholders less in wake of data breach, analysis reveals

​Companies give CEOs a pay rise while cutting dividend payments and research and development investment in the wake of a data breach, analysis by researchers at Warwick Business School has revealed.

What is cryptojacking and how does it work?

'Cryptojacking' is a term used to describe the action of secretly using a computer to mine cryptocurrency.

WebAuthn: What you need to know about the future of the passwordless Web

Hate passwords? We all do. So Microsoft, Google, and other browser makers have made WebAuthn to replace passwords with your fingerprint and facial recognition.

What is shadow IoT? How to mitigate the risk

When someone in your organization starts using internet-connected devices without IT’s knowledge, that’s shadow IoT. Here's what you need to know about its growing risk.

IT auditor explained: Role, responsibilities, skills and salaries

An IT auditor is responsible for analyzing and assessing an organization’s technological infrastructure to find problems with efficiency, risk management and compliance.

What is Mimikatz? And how to defend against this password stealing tool

Mimikatz is a leading post-exploitation tool that dumps passwords from memory, as well as hashes, PINs and Kerberos tickets.

What is biometrics? And why collecting biometric data is risky

Biometric authentication uses physical or behavioral human characteristics to digitally identify a person to grant access to systems, devices or data. It has the potential to make authentication dramatically faster, easier and more secure than traditional passwords, but companies need to be careful about the biometric data they collect.