CyberSecurity Updates

Access control provider Alcatraz AI is adding web-based, mobile enrollment and privacy consent management to its flagship facial authentication product, the Rock, to enhance building security and ease employee and visitor registration. The Rock includes an edge device installed near the doors to buildings and secure areas, using 3D facial mapping and machine learning analytics for facial  authentication. The update adds mobile enrollment to the system to streamline onboarding by allowing new employees and visitors…

Despite the billions of dollars poured annually into cybersecurity by investors, organizations, academia, and government, adequate and reliable cybersecurity remains an ever-elusive goal. The technological complexity and growing attack surface, along with a growing array of threat actors and increased interconnectivity, make securing digital systems and assets a perennial pipedream. Chief among the challenges for decision-makers and experts is simply identifying and comprehending society’s cybersecurity risks. One organization, the Washington, DC-based think tank Bipartisan Policy…

DNA Diagnostics Center, a DNA testing company, will pay a penalty of $400,000 to the attorneys general of Pennsylvania and Ohio for a data breach in 2021 that affected 2.1 million individuals nationwide, according to a settlement deal with the states’ attorneys general.  The company will also be required to implement improvements to its data security, including updating the asset inventory of its entire network and disabling or removing any assets identified that are not necessary for…

Being a CISO is a hard job. You must constantly balance business, technology, and regulatory requirements against things like employee and adversary behavior. You can be a superstar, build a world-class cybersecurity program, and follow best practices, providing exceptional protection for the organization. Despite this excellence, a single employee can click on a malicious web link, share a password, or misconfigure an asset, leading directly to a successful cyberattack. When this happens, it’s your fault.…

The dark web is the place where every CISO hope their company’s data will not end up. It consists of sites that are not indexed by popular search engines such as Google, and the dark web includes marketplaces for data usually obtained as a result of a cyberattack such as compromised user accounts, identity information, or other confidential corporate information. Gaining operational intelligence on what data these sites are offering is critical to defending cybercriminals…

IT security leaders at three-out-of-four global businesses expect an email-borne attack will have serious consequences for their organization in the coming year, with the increasing sophistication of attacks a top concern, according to the 2023 State of Email Security (SOES) report. Businesses’ use of email is increasing, with 82% of companies reporting a higher volume of email in 2022 compared with 2021 and 2020, the 2023 SOES report found. More email has led to more…