The Wipro Breach & How to Stay Protected When Your Managed Services Provider (MSP) Gets Hacked

by Matt Miller  | 

Every organization has security weaknesses—some are known, and others are unknown. Some are managed and addressed--or at least insured against--others are accepted with crossed-fingers. CISOs and employees down through the IT chain of command know there are places where they could have better controls in place, but they have to make calculated risks and tradeoffs based on resources, objectives, and priorities. If you’re immersed in IT security, then invariably you encounter a headline several times a week about the “weakest link” in security. It’s humans/employees, right? Possibly. Partly. Often, the weakest link in cybersecurity is with your third-party vendors—and their humans! When the weak link is the company that helps manage your IT infrastructure and security, it’s reason for a whole other level of alarm. This is the scenario confronting at least a dozen Wipro [NYSE: WIT] customers right now. This blog provides a brief recap about what we know about the Wipr breach, potential implications, and 7 takeaways we can apply to lower the risk exposure and impact from supply chain cyberattacks affecting our MSPs and other vendors.

9 Keys to Getting the Most Out of Your Vulnerability Management Solution

by Ben Rothke  | 

Vulnerability management (VM) means a lot of different things to different people. With that in mind, I’ll define VM here as: the process to determine whether to eliminate, mitigate, or tolerate vulnerabilities based upon risk and the cost associated with fixing the vulnerabilities. In this blog, learn the 9 key areas that need to be in place to ensure your vulnerability management program is effective, and provides high-value to the organization.

Managing User Access for Both Privileged and Non-Privileged Accounts with BeyondTrust and SailPoint

by Kevin Franks  | 

Conventional identity management deals primarily with user accounts associated with personal logins. Most organizations utilize these products to provision and de-provision users. But these same organizations don’t always think about privileged logins. That’s where PAM comes in. It covers the privileged identities that grant elevated access throughout an enterprise. A new technology integration between BeyondTrust PasswordSafe and SailPoint IdentityIQ gives organizations the visibility and centralized control they need to govern access for both privileged and non-privileged accounts.