When you create an account, you may be prompted to set up a security question for authentication. Security questions add a layer of security alongside your login credentials. Following best practices for security questions involves using different questions for different accounts, avoiding self-written questions, using multiple security questions and updating security questions and answers regularly.

There’s one quote from the 2024 RSA conference that I can’t stop thinking about, even though it was originally uttered by Kobe Bryant. Here’s the quote.

Regardless of whether your environment is on-premises, in the cloud or hybrid, new data makes it clear that users are the top cybersecurity concern, and we cover what you can do about it. According to Netwrix’s 2024 Hybrid Security Trends Report, 79% of organizations experience one or more security incidents in the last 12 months. This is a 16% increase from the previous year, demonstrating that attacks are not subsiding one bit and that they are increasingly successful.

It’s tempting for organizations to let employees use their devices for work. It saves money, is convenient for users, and allows corporate network access. However, “bring your own device” (BYOD) arrangements can lead to serious security risks compared to issuing company-owned devices.

Whereas traditional hacking exploits weaknesses in software or hardware, social engineering exploits weaknesses in the human psyche. By preying on people’s habits, fears, or complacency, attackers can gain access to almost any system, no matter how sensitive or well-protected. The ubiquity of personal mobile devices in the workplace has only exacerbated the threat.

How protecting your organization from costly social engineering cyberattacks starts with effective prevention.

RSA 2024 explored AI's impact on security, featuring sessions on AI governance, LLMs, cloud security, and CISO roles. Here are just a few of the expert insights shared.

FedRAMP, the Federal Risk and Authorization Management Program, is a way for cloud service providers to undergo auditing, scrutiny, and testing to validate their security. This security encompasses primarily information security but also user authorization and authentication, physical security, and more.

The simultaneous proliferation of outsourcing and increased interconnectedness of modern businesses has caused the third-party risk management (TPRM) landscape to evolve significantly over the last few years. Establishing a robust TPRM program is no longer just about managing risk across your organization’s third-party ecosystem or gaining an edge over your competitors.

With the recent announcement of OpenAI’s ChatGPT desktop application for macOS, users gain access to LLM workflows outside of their browser. ChatGPT’s broad adoption by employees across industries, and around the world, has put employers, compliance, and security teams into high gear as they seek to balance the gains made in productivity with the potential risks of how these tools are being used.