Evolving Your Organization’s Access Management Capabilities with the Identity and Access Management Maturity Model, Part Two

Access Management (AM) is a critical area in any cybersecurity strategy that refers to how identities are applied to the data and resources in an organization’s environment, ensuring users have the correct access to the appropriate systems, resources, and applications.

Read More

Capital One Data Breach Recap: Keep Your Organization Ahead of the Curve With IAM

March 23, 2019 seemed like any other Monday at Capital One headquarters. Little did employees and customers know that, over the weekend, a hacker had successfully breached Capital One’s security defenses. 

As a result, more than 140,000 Social Security Numbers, 1 million Canadian Social Insurance numbers, and over 80,000 pieces of banking and credit information were stolen, along with an undisclosed number of names, addresses, credit scores, and more. 

Read More

Evolving Your Organization’s Access Management Capabilities with the Identity and Access Management Maturity Model, Part One

Access Management (AM), Identity Management, Identity and Access Management (IAM), and Privileged Access Management (PAM): while these terms use similar language and act to strengthen an organization’s security posture, they each have separate and distinct meanings. 

Read More

The 6 Business Systems You Should Be Protecting with Privileged Access Management, Part 2

Your organization likely realizes the unfettered access that traditional IT privileged accounts provide and has taken proactive steps to lock down access to these accounts. But what about critical business systems that offer the ability to cause reputational damage or that provide access to monetizable data, such as protected health information (PHI), credit card numbers, and social security numbers?

Read More

The 6 Business Systems You Should Be Protecting with Privileged Access Management, Part 1

Traditionally, privileged accounts are IT-based and have special active directory (AD) attributes. IT administrators use them to log into servers, switches, routers, and applications and perform tasks without restriction.

Legacy security systems focus on protecting these AD privileged accounts, and with good reason: Once obtained by hackers, the accounts can be used to access the most sensitive data, lock out legitimate users, and create ghost accounts and back doors that are not easily seen.

Read More

Privileged Account Management is More Than Just Protecting IT Admin Accounts

There have been a slew of major data breaches in recent years. The number of records exposed in data breaches last year alone reached 174.4 million—close to five times the 36.6 million records exposed in 2016, according to the Identity Theft Resource Center.

Read More

The Problem with Legacy IAM Systems and Third-Party Access

Despite the risks associated with remote third-party access and the ongoing slew of data breaches resulting from third-party breaches, outsourcing isn’t going away anytime soon. On the contrary, IT outsourcing will be a $335 billion industry by 2019, according to Gartner. The benefits to business productivity, efficiency, and collaboration are simply too great, and modern enterprises can’t compete without opening up their infrastructures and data.

Read More

Privileged Access Management vs. Privileged User Management

The majority of major data breaches in recent years have resulted from hackers gaining access to unmanaged and unprotected privileged accounts and credentials.

Privileged and services accounts are a significant risk because of the access they provide the user with access to an organization’s systems and data. These accounts can be used to access the most sensitive data, lock out legitimate users, and create ghost accounts and backdoors that are not easily seen.

Read More

Identity Management Best Practices: Start with the Basics

Another year, another Verizon Data Breach Investigations Report (DBIR), another depressing look into the state of global cybersecurity preparedness.  

Read More

Your Action Plan for Addressing Ransomware


In 2017, ransomware, the use of weaponized encryption to block access to a computer system or service until a ransom is paid, is all the rage among hackers. In fact, ransomware is now one of the top three most common malware threats.

The situation is dire, with hackers requesting ransoms of up to $73,000 per attack. Ransomware payments totaled more than $1 billion in 2016, a massive jump from the mere $34 million paid in 2015.

Read More

Subscribe Here!