In this episode of the Trust Issues podcast, host David Puner sits down with Jeff Reich, Executive Director of the Identity Defined Security Alliance (IDSA), a nonprofit that provides vendor-neutral guidance on identity-centric security strategies to help organizations reduce the risk of identity-related attacks. They explore the evolution of digital identity, discussing how it has transformed from simple identifiers to complex, multifaceted digital identities for both humans and machines.

In a significant blow to cybercriminal infrastructure, German law enforcement has successfully dismantled 47 crypto exchanges accused of enabling illegal activities, including money laundering. This operation, dubbed "Final Exchange," was led by the Frankfurt Public Prosecutor’s Office – Central Office for Combating Internet Crime (ZIT) and the Federal Criminal Police Office (BKA).

The Software Development Life Cycle (SDLC) provides a systematic framework for developing and maintaining software from conception to modification, producing high-quality software that meets stakeholder and customer requirements within specified time and cost constraints. However, traditional SDLC practices fall short of ensuring thorough application security. Why?

In a significant shift in its privacy policy, the messaging platform Telegram has announced that it will start sharing user data with authorities to aid in criminal investigations. Known for its strict stance on user privacy, this policy reversal marks a notable departure from the company's past operations. The platform, once regarded as a haven for privacy-conscious users, is now responding to increasing concerns over the use of Telegram by cybercriminals and other bad actors.

Employees come and go, and so do their identities within their organizations. On the surface, it seems a linear lifecycle, starting with onboarding and ending with offboarding, with a whole lot of access to resources in between. But it’s the “in between” where things are more complex – whether related to migration from one business unit to the next or integrating an acquisition.

Earlier this month, the Financial Industry Regulatory Authority (FINRA) posted a cybersecurity advisory highlighting the recent cybersecurity risks of third parties impacting its members and financial services organizations. The recently released Trustwave SpiderLabs 2024 Trustwave Risk Radar Report: Financial Services Sector underscores FINRA's concern about the escalating threat landscape facing the financial industry.

Vulnerability management is a major component of any cybersecurity strategy, simply because every vulnerability represents another potential vector through which an organization can be attacked.

Explore how access control systems protect sensitive data by regulating who can access critical information, preventing cyberattacks, and ensuring compliance.

Phishing campaign leverages HTTP headers for credential theft, Scattered Spider targets cloud accounts, and UNC2970 exploits victims looking for jobs.

Disruptive technologies have a learning curve in the pace of adoption and implementation. Training and education tend to follow a slower schedule and can have a hard time keeping up with discoveries happening on the bleeding edge. This is part of what led to the current cloud security skill gap. The cloud transformed software development, accelerating innovation and the pace of human creativity. But, we now know that it also formed new security challenges.