Skip to main content

Tag: zero trust

125 articles

Government agency's private 5G network control room with radio units and base stations.

Private 5G Networks Expose Government to Hidden Security Risks

Government agencies and military organizations risk exposing themselves to hidden security threats if they don't adopt a zero-trust approach to their private 5G networks, leaving them vulnerable to potentially devastating attacks. Without proper security measures in place, adversaries could gain unrestricted access to sensitive information and wreak havoc.

Analyst 207
Modern office interior with laptops, smartphones, and legacy tech on a conference table near a window.

Agencies Modernize Identity Infrastructure to Counter Emerging Threats

Federal agencies are racing against the clock to modernize their identity infrastructure, securing legacy systems while navigating the rapid evolution of AI and emerging post-quantum threats. As AI continues to advance at breakneck speed, agencies must build adaptable cybersecurity strategies to stay ahead of the threat landscape.

Analyst 207
Employees work at desks in a brightly-lit office with a city view, one standing near a whiteboard.

SASE Struggles to Keep Pace with AI-Driven Workflow Shifts

As enterprises shift to AI-driven workflows, their security teams struggle to keep up, risking loss of visibility as data interactions move beyond traditional network boundaries. With modern protocols like TLS 1.3 and HTTP/3 blocking interception, outdated SASE architectures are failing to keep pace.

Analyst 207
Dimly lit server room with rows of computer servers and equipment, hinting at vulnerability.

FIFA Exposes Vulnerability in Application Backends

A shocking vulnerability was discovered in the backends of two FIFA applications, Football Data Platform and Commentator Information System, where authorization checks were surprisingly handled by client-side code, leaving them open to potential exploitation. This flaw highlights a critical error in application design, where security checks were outsourced to the user interface, rather than being rigorously enforced on the server-side.

Analyst 207
Brightly-lit server room with multiple computer workstations symbolizing identity security risks.

NSA, CISA Warn Federal Agencies of Identity Security Risks

The NSA and CISA are sounding the alarm: identity security risks are now the frontline in federal cybersecurity, with Active Directory and Entra ID being prime targets for cyber attackers. Recent incidents show that nearly 75% of major federal cyber breaches in the last five years involved compromised identities.

Analyst 207
Government officials surrounded by traditional and modern cryptography tools, including a combination lock and computer…

Credentials Face Quantum Threat Decades Ahead

The NSA has set a critical deadline: by January 1, 2027, new national security systems must support quantum-resistant algorithms to stay ahead of emerging threats. With deadlines stretching into the 2030s, organizations must plan now to protect their systems from the looming quantum threat.

Analyst 207
Modern office interior with laptop, monitors, and equipment, featuring abstract network representation in background.

CISA Guides Agencies Toward SASE for Zero Trust Adoption

CISA's new guidance is helping federal agencies ditch outdated internet gateways and make the leap to Secure Access Service Edge (SASE) technology, a key step towards adopting zero-trust architectures. By making this shift, agencies can unlock the benefits of zero-trust security and leave legacy perimeter-based models behind.

Analyst 207
Modern enterprise environment with multiple screens, laptops, and systems in use, conveying fragmentation and decentralized…

Identity Visibility Platforms Shrink IAM Attack Surface

Nearly half of all identity activity in enterprises remains invisible to centralized identity and access management, creating a hidden risk that can leave organizations vulnerable to attacks. This "Identity Dark Matter" emerges as identities multiply across apps, teams, and systems, outpacing the ability of security teams to keep control.

Analyst 207
Government official interacts with digital interface in secure facility.

US Cyber Official Warns of AI-Driven Identity Security Risks

As AI-driven threats evolve, securing identities is more crucial than ever - in fact, a top US cyber official warns that controlling who and what gets onto a network is now our first line of defense. By prioritizing identity security, we can prevent attackers from exploiting vulnerabilities and gaining a foothold in our systems.

Analyst 207
Pharmaceutical facility personnel converse, looking concerned, near locked cabinet.

West Pharmaceutical Ransomware Attack Exposes Supply Chain Vulnerabilities

In the wake of a ransomware attack, West Pharmaceutical Services swiftly sprang into action, disclosing the breach and launching a thorough investigation with law enforcement and cyber-forensic experts. But despite their rapid response, the company's data loss has left many questions unanswered – and a glaring spotlight on supply chain vulnerabilities.

Analyst 207
Laptop screen shows Windows Update progress with driver update message.

Microsoft Fixes Autopatch Bug Deploying Restricted Drivers

Microsoft fixed a Windows Autopatch bug that caused a small number of EU devices to receive restricted driver updates despite administrative policies in place to block them. The issue affected specific Windows 11 versions, including 23H2, 24H2, and 25H2.

Analyst 207
Modern network operations center with servers and equipment, featuring a prominent cloud firewall in the foreground.

Firewalls Evolve to Bolster Zero Trust, Cloud Security

As organisations navigate the complexities of multi-cloud estates, modern cloud firewalls are emerging as a crucial linchpin for reclaiming coherent security controls and mastering cloud networking. They're not old tech, but a vital tool for cloud architects and security pros to enforce robust, zero-trust security across multiple providers.

Analyst 207
Vacant corporate workstation with laptop and smartphone on a desk, surrounded by blurred office furniture and partitions.

AI Agents Expose Governance Gaps in Enterprise Identity Security

As AI agents become increasingly integral to enterprise operations, a concerning gap is emerging: the rapid adoption of AI is outpacing the development of essential governance policies to secure identities and access. Discover how this vulnerability impacts corporate applications and what you can do to protect your organization.

Analyst 207
Government agency interior with industrial control system and technology infrastructure.

CISA's Zero Trust Guidance Falls Short on Cost, Implementation Details

While CISA's new zero trust guidance for operational technology is a step in the right direction, it leaves critical questions unanswered - namely, who foots the bill and how do organizations actually implement it? The guidance gets high marks for technical thinking, but falls short on practical details like funding, timelines, and automation.

Analyst 207
Control room with industrial equipment and computer systems under bright lighting, featuring multiple monitors and a large…

US Agencies Issue Zero Trust Guidance for OT Security

US government agencies have just released a game-changing guide to help protect critical infrastructure systems with practical, layered security strategies. The new zero-trust guidance provides a tailored approach for operational technology environments, balancing safety and uptime needs with robust security measures.

Analyst 207
Person in secure room surrounded by equipment and screens manages sensitive data transfer.

Zero Trust Stalls at Data Movement Bottleneck

The moment data crosses a boundary, it's often assumed to be trustworthy - but that's exactly where attackers strike, exploiting this blind spot with alarming success. A recent Cyber360 survey reveals that 53% of security leaders still rely on manual processes to move sensitive data, leaving a gaping Zero Trust gap that's ripe for exploitation.

Analyst 207
Sleek technology lab setting with futuristic devices and laptop on minimalist workbench.

Google Unveils AI Agent Identity Platform to Tackle New Identity Risks

Google is stepping up its game in AI security with a new platform that gives autonomous software agents their own unique identities, ensuring that every action is verified, recorded, and accountable. This move towards zero-trust verification means organizations can trust their AI agents to act with integrity and transparency.

Analyst 207
Person holds smartphone with blurred city or office background, emphasizing digital security.

NCSC Endorses Passkeys as Default Login Method

The UK's National Cyber Security Centre now recommends passkeys as the default login method, marking a significant shift away from passwords. This endorsement comes after a year of collaboration with industry and notable improvements in passkey technology.

Analyst 207
Laptop with network diagram surrounded by cash and shield in darkened room.

Pentagon Bolsters Cyber Budget with $20.5B Allocation

The Pentagon is shoring up its defenses with a $20.5 billion cyber budget allocation, aimed at outsmarting adversaries who are increasingly sophisticated in their digital threats. This major investment is part of a broader strategy to integrate cyber capabilities across all warfighting domains and safeguard military networks.

Analyst 207
Concentric walls of ancient Byzantine fortification at dusk, with a single ornate key in the foreground.

Byzantine Defenses Unveil Layered Security Secrets

Discover the ancient secret to impenetrable defense: layering multiple barriers to create a fortress that's almost impossible to breach. The Byzantine walls of Constantinople, with their four distinct defensive lines, hold the key to a powerful security strategy that's stood the test of time.

Analyst 207
Fortress-like structure with secure gate looms over discarded, broken key on ground.

Zero Trust Fortifies Identity Security Against Credential Exploits

Stolen credentials are a hacker's dream come true, leading to easy privilege escalation and full network compromise - but what if you could lock down your identities and shut the door on these threats? An identity-first Zero Trust approach is the powerful solution you need to fortify your security.

Analyst 207
Vendor Breaches Spotlight Healthcare's Cyber Vulnerability

Vendor Breaches Spotlight Healthcare's Cyber Vulnerability

Recent vendor breaches have exposed healthcare's alarming cyber vulnerability, raising critical questions about who bears the cost - and the consequences - when a vendor's systems fail. As the threat landscape evolves, one thing is clear: the healthcare industry must rethink its approach to cybersecurity and vendor risk management.

Analyst 207
Securing Identities in a Decentralized Workforce

Securing Identities in a Decentralized Workforce

In today's decentralized workforce, the traditional network perimeter has disappeared, leaving us with a pressing question: who's responsible for securing identities when and where work happens? The shift to hybrid work has created a diffuse and distributed perimeter, where users and applications are scattered across various networks, devices, and clouds, making it harder for traditional security models to keep up.

Analyst 207
AI Drives Critical Need for Real-Time Microsegmentation

AI Drives Critical Need for Real-Time Microsegmentation

The AI revolution has turned the cybersecurity landscape upside down, compressing attack timelines from months to mere minutes and making traditional security approaches woefully inadequate. To keep pace, organizations urgently need to adopt real-time microsegmentation to protect themselves from threats that can move at machine speed.

Analyst 207