< ciso
brief />
Tag Banner

All news with #iam tag

196 articles · page 6 of 10

France Travail Fined €5m After 2024 Breach Exposed 43M

🔒 France Travail has been fined €5 million by the CNIL after a March 2024 cyber-attack that potentially exposed personal data for an estimated 43 million jobseekers. The regulator found failures including weak authentication for Cap Emploi advisors, insufficient logging and monitoring, and overly broad access permissions, breaching Article 32 of the GDPR. France Travail must provide evidence of corrective measures on a strict timeline or face a €5,000 daily fine.
read more →

Near-Identical Password Reuse: An Overlooked Urgent Risk

🔐 Near-identical password reuse—small, predictable modifications to existing credentials—regularly bypasses standard complexity and password-history checks, creating a persistent attack vector even in well-managed environments. Attackers weaponize breached credential lists with automated transformations to infer updated passwords quickly. Users favor these tweaks because they are memorable and compliant on the surface. Implement continuous breach monitoring, similarity analysis, and centralized controls such as Specops Password Policy to detect and block overly similar replacements.
read more →

Always-on Privileged Access Risks in Modern Enterprises

🔐 Privileged accounts frequently remain active across enterprises, with a reported 91% of end-users operating at their highest privilege. Analysts link this to legacy governance, fragile integrations, and cumbersome PAM tooling that drives users to bypass controls. The growth of non-human identities—service accounts, APIs, CI/CD pipelines—exacerbates the issue because they authenticate programmatically and rarely expire. That standing access raises risks from accidental outages and data exposure to lateral attacker movement and weakened compliance.
read more →

Amazon Connect Cases Adds Tag-Based Granular Access Control

🔒 Amazon Connect Cases now supports tag-based access control, enabling administrators to attach tags to case templates and restrict which users can view or manage cases based on security profiles. For example, teams can tag fraud cases and limit view/edit rights to users assigned to a fraud security profile. This capability strengthens enforcement of internal controls and data access policies, simplifies segmentation of sensitive workflows, and reduces the risk of unauthorized access across supported AWS regions.
read more →

AWS IAM Identity Center Adds Native IPv6 Dual-Stack Support

🛡️ AWS IAM Identity Center now supports native IPv6 via new dual-stack endpoints that accept both IPv4 and IPv6 clients, enabling direct IPv6 access without network address translation. Administrators should update external IdP configurations (ACS and SCIM URLs), adjust firewalls and gateways, and share the dual-stack app URL with users. You can monitor adoption through CloudTrail by inspecting clientProvidedHostHeader to distinguish IPv4-only and dual-stack usage.
read more →

Six Okta Security Settings You May Have Overlooked

🔐 Identity providers like Okta are central to modern SaaS security, and subtle configuration gaps can create serious exposure. This article highlights six fundamental settings—password policies, phishing‑resistant MFA, ThreatInsight, admin session ASN binding, session lifetimes, and behavior rules—that reduce the risk of account takeovers and session hijacking. Complementing these controls with continuous monitoring from Nudge Security helps detect drift and remediate misconfigurations before they’re exploited.
read more →

Who Approved This Agent? Rethinking AI Access Controls

🔐 AI agents are accelerating enterprise work but create new ownership and approval gaps for security teams. Unlike human users or traditional service accounts, agents often operate autonomously, persistently, and with delegated authority, which can expand access beyond any single user's permissions. The article separates agents into personal, third-party, and organizational categories and highlights that organizational agents carry the greatest systemic risk. It recommends treating agents as distinct identities with defined owners, mapping user→agent interactions, and continuously reviewing agent access.
read more →

EC2 Auto Scaling: group deletion protection and IAM control

🔒 EC2 Auto Scaling introduces the condition key autoscaling:ForceDelete and group-level deletion protection to reduce accidental Auto Scaling group (ASG) deletions. Use the new autoscaling:ForceDelete condition in IAM policies to control whether the ForceDelete parameter can be used with DeleteAutoScalingGroup. Set deletion protection on ASGs at creation or update to add layered safeguards for critical workloads. Available in all AWS Regions and AWS GovCloud (US).
read more →

Active Directory Password Resets Surge in Hybrid Work

🔒 Hybrid work has driven a sharp rise in Active Directory password resets as cached credentials, inconsistent network connectivity, and stricter rotation policies cause more account lockouts. IT helpdesks supporting distributed employees are inundated with routine tickets that drain resources and reduce productivity. Forrester estimates a $70 cost per reset, and Specops data shows an average organization handles 923 resets annually. Implementing self‑service password reset solutions like Specops uReset can reduce wait times and restore access quickly.
read more →

73% of CISOs Now Prefer AI-Enabled Security Solutions

🛡️Foundry’s Security Priorities Study finds 73% of security decision-makers are now more likely to consider a security solution that uses artificial intelligence, up from 59% a year earlier. CISOs plan to deploy AI for malware and threat detection, anomaly detection, real-time risk prediction, IAM, DLP, automation of responses, and improved visibility. Respondents cited faster detection of unknown threats, accelerated response times, and lower analyst workload. Experts caution against vendor hype, data-quality issues, hallucinations, and governance gaps, and recommend building AI-ready security data platforms.
read more →

Misconfigured Demo Environments Become Cloud Backdoors

🔒 New research from Pentera Labs shows that internal testing, demo, and training applications left in default or misconfigured states are being used as entry points into enterprise cloud environments. The team found popular vulnerable apps such as Hackazon, DVWA, and OWASP Juice Shop exposed on major cloud platforms and sometimes tied to overly permissive IAM roles. Attackers have leveraged these exposures to deploy crypto miners, webshells, and persistence mechanisms; Pentera recommends inventorying assets, enforcing least privilege, isolating labs from production, and expiring temporary test environments.
read more →

SageMaker Unified Studio Adds Cross-Region and IAM Access

🔁 Amazon SageMaker Unified Studio now supports cross-Region subscriptions and IAM role-based subscriptions, enabling teams to subscribe to AWS Glue and Amazon Redshift tables and views published in different AWS Regions. Cross-Region support helps break down data silos and removes the need for manual replication. IAM role-based subscriptions let users request access without creating a SageMaker project, simplifying governance. These APIs are available via the SageMaker console, Amazon DataZone API, SDK, and AWS CLI.
read more →

Make Identity Threat Detection Your 2026 Security Focus

🔐 Identity-focused attacks are now the dominant threat, and organizations must pair prevention with deep visibility. Identity Threat Detection & Response (ITDR) provides centralized logging, behavioral analytics, and alerts that reveal suspicious logins, anomalous account activity, and insider risk. tenfold combines Identity Governance and Event Auditing in one platform with lifecycle automation, access reviews, and centralized investigation tools. Book a personalized demo to evaluate capabilities and deployment speed.
read more →

Hidden Risks of Orphan Accounts in Enterprise Identity

🔒 Orphan accounts — abandoned human, service, and AI‑agent identities — create persistent, unseen access across applications, platforms, assets, and cloud consoles. These dormant accounts often evade traditional IAM and IGA tools due to integration gaps, unclear ownership, and proliferation of non‑human identities. Continuous identity audit using application telemetry and a unified audit trail can detect, flag, and automatically remediate or decommission orphaned accounts. Orchid positions its Identity Audit as connective evidence to inform IAM decisions.
read more →

Why Security's Future Depends on Identity, Not Perimeter

🔒 Modern security must treat identity as the perimeter rather than the network. As remote work and cloud adoption dissolved traditional edges, attackers increasingly target credentials — a trend underscored by reports from Verizon, Microsoft and Okta — making identity the primary attack surface. Organizations must adopt Zero Trust identity controls such as MFA, SSO, RBAC, PAM, device trust and continuous, adaptive monitoring, and treat identity lifecycle and privilege management as core infrastructure.
read more →

From Arts Degree to Cybersecurity: Rona Spiegel's Path

🔐 Rona Michele Spiegel transitioned from an arts and multimedia background into cybersecurity by blending early human-computer interface work with formal study and hands-on industry experience. She helped establish a user experience practice at Deloitte, worked in technology governance at Cisco, earned a Master of Information and Cybersecurity, and later focused on cloud controls at Wells Fargo before joining Autodesk to lead security and trust for mergers and acquisitions. Spiegel emphasizes careful risk assessment in M&A—especially when absorbing small, resource-constrained companies—while navigating AI-driven complexity, addressing hiring and entry-level gaps, and preventing burnout through inclusive leadership and mentoring.
read more →

CISOs' Top Cybersecurity Priorities and AI Focus for 2026

🔐 In 2026 CISOs are balancing core security tasks with urgent AI-related challenges. Strengthening data protection, securing cloud and enterprise AI deployments, and improving identity and access management rank high. Leaders are preparing for AI-enabled attacks, rolling out AI to accelerate security operations, and addressing shadow AI and third-party risks to bolster resilience and supply-chain security.
read more →

Jamie Norton on securing government and finance systems

🔐 Jamie Norton, CISO at ASIC and vice chair of ISACA, describes persistent cyber challenges across government and financial sectors. He points to legacy systems, weak foundational hygiene, and the need to align people, process and technology while warning that rapid advances in AI will change roles and tooling. Norton emphasizes executive accountability, mentorship, training and a mission-driven culture to retain talent, and champions the mantra Do the basics brilliantly.
read more →

Enterprises Struggle with IAM, Privilege and AI Access

🔐 New research from CyberArk finds enterprise users routinely bypass IAM controls to work faster, with 63% of security leaders reporting this behavior. Only 1% of organizations have fully implemented a modern just‑in‑time privileged access model, while 91% say at least half of privileged access remains always‑on. Shadow accounts and unmanaged secrets surface weekly in 54% of firms, and many lack clear AI access policies.
read more →

Eight Critical Areas CISOs Must Address in 2026 Today

🔒 As enterprises deploy AI agents, expand cloud use, and rely on complex global supply chains, CISOs must tighten identity and access controls, govern agent accounts, and apply phishing-resistant MFA. They should prioritize zero-trust architectures across IT and OT, enforce proactive cloud posture management and supplier risk monitoring, and integrate geopolitical and regulatory scenario planning. Failing to address chatbot privacy, misconfigured cloud services, human error, and escalating compliance (e.g., GDPR, DORA, HIPAA) risks operational disruption, financial penalties, and reputational harm.
read more →