Will businesses stand the ‘risk’ of times?

All the top businesses today – Manufacturing& Distribution, Banking & Financial Services, Consumer Products & Services, Technology, Media & Communications, Healthcare & Life Sciences and Energy & Utilities – are expected to grow at a fast pace in the coming decade.

However the evolution of these businesses comes at the cost of rising risks. Analyzing and mitigating the risk factors should take precedence when devising strategies.

Several global studies report the following 10 risks businesses face as of 2016 and beyond:

Read More

Mapping Privileged Identity Management to an exotic travel

When I had started out in this industry, I had absolutely no clue of what Privileged Identity Management meant. In fact, not for a moment I thought it had something to do with security let alone cyber-security. I was deceived by the term ‘Privileged’ so much so that I started considering it be an elitist term which is like a badge to be worn proudly by some. But what I got to know about this was a complete paradigm shift. Yes of course I was right in thinking that it is a sort of title so to speak conferred only upon a select few. But that they can be threats never crossed my mind. Over the years, I observed that not many could easily understand the real meaning behind the term Privileged Identity Management or Privileged Access Management or Privileged User Management or other terms that this concept is referred to by. I pondered and pondered of how this can be explained in simple language to a layman. So here’s my attempt at it.

Read More

10 steps to better manage Privileged Access

Andrew Dalglish, director of Circle Research, a UK based research firm recently said “The very people working in businesses can pose as the biggest threat to its security.” That’s a pretty huge statement to make come to think of it. Why would he say that when organizations across the world are taking the necessary precautions and spending billions on IT security? Well the answer to that is simple; most organizations are still focused on thoroughly securing their perimeter. Based on a survey by SpectorSoft, a pioneer in user activity monitoring and behavior analysis, a staggering 62% organizations saw a rise in insider attacks over 2014-2015. This means, although a majority of the organizations are aware of privileged access security and have security solutions in place, they have seen a rise in insider threats. Research firm Gartner has solved this mystery stating “Less than 5% of the organizations were tracking and reviewing privileged activity in 2015. The remaining are at best controlling access and logging when, where and by whom privileged access has taken place but not WHAT actually is done.”

Read More

Password Management Compliances across the World

In one of my previous roles as a test analyst, I was primarily responsible for constructing test cases for password management. At the time, I had devised a whole array of possible test cases for password management which included specifications on the length of the password, complexity of the password, frequency for changing password and so on. However a thought struck me. This tedious manual procedure of password management by the administrator or super-user was done to ensure security but where is the security after all? How many permutations and combinations can a human come up with to ensure these passwords are managed and maintained to comply with regulatory standards? But today working in this cyber security space, I can confidently say that you just have to go knocking on the right door to eliminate this monotonous process and get automated password management solutions that is regulatory compliant and at the same time safe, effective and productive.

Read More

Privileged Thinking of the Cloud

Just as I went to collect my iPad this morning from the study room, something that was an integral part of my childhood grabbed my attention. This precious treasure was lying in one corner dusted and covered by a cloth which had torn. The treasure that I speak about was my best friend and is nothing else but the desktop computer that I used in the 90’s and early 2000’s. There was a time when for any important work or internet use, only one device could be used – the computer. Today if I want information on the internet, the last thing I use will probably be that desktop computer. And this is the same for most of us today.

Read More

Cybersecurity: Tackling the insider threat

Summary:  In 2014, the world learned the hard way about data breaches due to insider threats. Learn why insider threats have become an increasing security risk and how to protect one’s self from it.

In a world where data breaches are quickly becoming commonplace, even the best security technology in the world can’t help your organization to protect itself from security breaches unless your employees understand their roles and responsibilities in safeguarding sensitive data and protecting company resources.

Read More

Data like water

is data like water?

Data like water is an interesting analogy, It was only during one of my vacations that along a beach, i realized how the two are really similar and especially in the world of technology how data flow is akin to water flow. This paper tries to establish similarities, one’s ability to capture and track source. Further how identities are critical and how data can be tagged to various users. Also it is critical to examine the storage and linkages to the identities under which data is stored.

how important is data

Read More

Cloud Computing The business Perspective

Summary: The evolution of cloud computing over the past few years is potentially one of the major advances in the history of computing. Learn more about the various risks associated with cloud computing and how to choose the best cloud computing solution for your organization.

The Business Perspective

The evolution of cloud computing over the past few years is potentially one of the major advances in the history of computing. However, if cloud computing is to achieve its potential, there needs to be a clear understanding of the various issues involved, both from the perspectives of the providers and the consumers of the technology. While a lot of research is currently taking place in the technology itself, there is an equally urgent need for understanding the business-related issues surrounding cloud computing.

Cloud Computing and Risk

Read More

Healthcare Debacle

Summary : Security breaches in healthcare are a major issue, but not enough attention is being paid to threats from the inside. A vast majority—92%—of healthcare IT decision-makers reported that their organizations are either somewhat or more vulnerable to insider threats, and 49% felt very or extremely vulnerable.

Healthcare Debacle : – The insider security threat in Healthcare industry

Read More

BIG hole in Identity Management

Summary : Millions have been invested in securing the periphery, however little or no investment is made in securing the access to the core of any system i.e. Privileged Identities

A BIG hole in Identity Management

The last decade has seen several debates on Identity Management and the best possible ways to address the growing disconnect in the much interconnected world. While there has been substantial efforts in managing the identities of an organization either with manual processes or recently by implementing IDM technologies, there has been a glaring hole in the approach as most of the identity management solutions are not able to address the challenges posed by privileged accounts.

Read More