Identity Matters - October 2023
While everyone else is brushing up against imaginary fears, cybersecurity interests must grapple with very real threats. Informed action is the first step towards facing these issues head on, and we hope our roundup of October’s top IAM events serves you well towards this end. Because Identity Matters.
Industry Highlights
Critical, Unpatched Cisco Zero-Day Bug Is Under Active Exploit
A security alert from Cisco has notified all users of Cisco IOS XE device with Web UI to disable the HTTPS Server feature due to a critical zero-day vulnerability. Cisco has assigned their maximum possible severity rating to the issue and reports that it is already being exploited by an attacker. Head over to Dark Reading for their full breakdown .
Okta Support System Hacked, Sensitive Customer Data Stolen
The past few months have not been kind to Okta. Our previous Identity Matters reported how three additional companies had fallen victim to the same attackers who targeted the Okta data of MGM Resorts and Caesars Entertainment . Now, a new attacker has penetrated Okta’s perimeter, compromising their support system. There is even evidence that the currently unnamed hackers managed substantial lateral movement prior to detection. We invite you to read SecurityWeek’s full report .
Over 80% of security leaders have already received AI email attacks
The exciting possibilities of artificial intelligence bear new fruit every day. But with the technology becoming more ubiquitous and accessible, greater opportunity arises for abuse. 4/5ths of survey respondents “confirmed that their organizations have either already received AI-generated email attacks or strongly suspect that this is the case.” Get a full view of this disquieting development courtesy of Security Magazine here .
NSA Shares Recommendations to Advance Device Security Within a Zero Trust Framework
The National Security Agency (NSA) is starting to preach what they practice in cybersecurity. As the agency starts instituting Zero Trust environments, the issue of security for connected devices has become a chief concern. Read nsa.gov’s explanation of their journey towards identity maturity and their recommendations for implementing Zero Trust in the public sector here .
领英推荐
The Forbidden Fruit Of Cybersecurity: Hackers Take A Bite Out Of Apple
The perception of the MacOS as less vulnerable to hacking than Windows and Linux systems may be coming to an end. New malware programs have begun to emerge which are specifically engineered to defeat Mac systems. Explore Forbes’ breakdown of the burgeoning threat to Mac-users and the proactive steps SMEs and MSPs can take to combat it here .
The future of cyber security regulation: what to look out for with NIS2
Previous editions covered new regulations the EU has levelled against the tech industry in 2023; now yet another law has been handed down in the form of NIS2. This evolution of NIS, a set of cybersecurity requirements for essential services, expands the number of industries subject to these guidelines and imposes more stringent requirements. Enter into TechRadar’s analysis of what the legislation might mean for your enterprise here .
Simeio Spotlights
Simeio Wins Cyber Defense Magazine Award
Simeio proudly announces our victory in securing?Cyber Defense Magazine 's "Most Innovative in Identity Orchestration" award. Congratulations are due to the engineers and representatives who worked so hard to earn this accolade. Take a look at the full winner’s list where Simeio rubs shoulders with AT&T, Raytheon, and DNSFilter.
Simeio at YOUniverse and Sailpoint Navigate
It’s not a proper cybersecurity convention without Simeio. Not only were our security experts walking the floor and educating prospects at Ping YOUniverse and Sailpoint Navigate, but CEO?Christopher Schueler ?led a joint customer panel highlighting a major success story. Don’t worry if you missed out on your chance to hit up our reps at the event;?to start your identity enrichment journey with the world's largest single-source managed identity services provider, just click here
White Paper – NERC CIP Version 6: A Roadmap to Compliance
Simeio is no stranger to excelling in the energy industry, and now our authority has grown so great that we can release our guide to NERC CIP identity compliance. Get up to speed on how managed identity services satisfy their critical compliance needs for secure perimeters, systems management, remediation, and more. Organizations struggling to meet the costly identity security standards of NERC CIP v6 are invited to read our white paper on the subject here .