Identity Matters - May 2024
From developing breaches to the development of ways to counter breaches, it has proven to be a banner month in the world of IAM. Multiple identity conventions were held throughout the month, bringing together identity experts from across the world even as new threats emerged onto the scene. For your convenience and enrichment, Simeio has once again brought together the top stories of the identity space to prepare you and your enterprise for the coming identity challenges.
Because Identity Matters.
Industry Highlights
Ticketmaster Data Breach Potentially Exposes 560 Million Hacked Customer Details
Mere days before the close of the month, a colossal data breach hit the major event-coordinator Ticketmaster. With the high-profile hacking group Shiny Hunters claiming responsibility for the breach, the number of compromised accounts is, in excess of 560 million individuals and growing.
For further information and updates on the $500,000 ransom demand, head over to TechBusiness for the full story here.
No more 12345: devices with weak passwords to be banned in UK
The UK, seeking to limit the risks of insufficient safeguarding methods, has placed a ban on smart devices which comes with factory-standard weak passwords. Under these minimum-security standards, manufacturers of internet-connected devices like smart phones, televisions, and doorbells must adhere to more stringent password requirements, automatically rejecting user passwords which fall under a set list of common keyphrases.
Get more information on the ban at the The Guardian here.
A CEO’s guide to identity threat detection and response (ITDR): What it means and where to begin
In this breakdown of critical IAM threat readiness, Janine S. provides insight into an increasingly important concept: identity threat detection and response (ITDR). Described as “an emerging cybersecurity discipline” geared towards protecting identities against bad actors through a combination of targeted security tools, processes, and best practices.
Read her full rundown on FastCompany here.
Top 10 identity and access management trends
One of the most critical functions of Identity Matters is to highlight important trends, and Nancy Liu has compiled ten of what could be considered the most important. Ranging from AI-driven enhancements, heightened scrutiny against identity solution vendors, and flagging biometric adoption, this article will highlight rising tensions and emerging solutions.
Go to SDxCentral for their breakdown here.
Taking a ‘Machine-First’ Approach to Identity Management
As Machine identities gain prominence, greater emphasis upon their place in the identity fabric. In their dissection of the current state of machine identities in the IoT, Susan Hall considers the merits of taking a “machine-first” strategy. Using the Exchange Online breach suffered by Microsoft, Hall lays out the state of countermeasures against brute-force attacks and how a new paradigm can counter them.
领英推荐
Get educated on the subject with thenewstack ’s deep dive here.
The Zero Trust Security Gap No One Talks About and How to Fill It
Zero Trust paradigms have come up many times in the past, and they continue to play a major role. With decentralization of businesses continuing to rise even after the pandemic, personal devices are becoming a normal means of doing crucial work functions, with attached risks from using non-protected devices. Steve Won explores the perils of these practices, the difficulty in undoing them, and realistic methods for defending against these widening gaps in an attack surface.
Go to Infosecurity Magazine for the full examination of the issue here.
Simeio Spotlights
RSA 2024
May was a month of Simeio traveling to identity conventions, not the least of which was the 2024 RSA Security Conference. Guided by this year’s central idea of “the Art of the Possible,” the event focused on some of the key IAM trends including rising cyberthreats, the groundswell of collaborative cybersecurity, and the potential for AI as a tool for both hackers and defenders.
Get a full account and analysis of Simeio’s experiences and lessons learned from the convention room floor here.
Simeio at CyberArk Impact 2024.
One of Simeio’s top ongoing objectives is to contribute to the cybersecurity strength of industries, hence why we not only attended CyberArk Impact, but sponsored it as a strategic CyberArk Partner. CyberArk’s own CEO Matt Cohen en, who delivered a masterclass in which outdated security models are weakening identity fabrics across the world, and how they can be overhauled to conquer threats both existing and emergent.
Catch up on the highlights of this landmark security event here.
Simeio at VISION: 2024 HIMSS Texas Regional Conference
With such a strong presence amongst major healthcare providers, Simeio wasn’t going to miss out on one of the biggest healthcare technology events of the year: the HIMSS Texas Regional Conference 2024. Joining our partners SailPoint , Okta , and Ping Identity at the Gaylord Texan, our identity experts promoted the best IAM service available for caregivers worldwide.
Check out our rundown of the top topics discussed at the event, including the integration of smart hospital rooms and machine identities with patient data here.
Cybersecurity Challenges Plaguing the Energy Sector
From the Colonial Pipeline compromise to the SolarWinds plugin breach, recent years have seen the energy industry being hammered by cyber-attacks. One of the most prominent attacks to afflict energy providers was the 2023 Danish energy breaches, where more than two dozen companies were hacked through a firewall bug. Simeio’s Ron Mechling ng provides a retrospective perspective on the fallout of this, the largest critical infrastructure cyberattack in Denmark’s history and what it means for future incidents.
Discover the lessons learned from the event in Mechling’s article here.