Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Breached companies facing higher interest rates and steeper collateral requirements
https://www.zdnet.com/article/breached-companies-facing-higher-interest-rates-and-steeper-collateral-requirements/
A study found that companies dealing with data breaches later faced increased scrutiny from banks.
==================================================================
This article shows how important it is to use Wave solutions to prevent data breaches!!! Using Wave solutions could save organizations a lot of money while providing awesome cybersecurity!!!
==================================================================
http://www.wavesys.com/virtual-smart-card-2.0-from-wave
Cyber-threats are everywhere, but with Wave Virtual Smart Card 2.0 (Wave VSC 2.0) enterprises have a hardware-based, tokenless, two-factor authentication security solution with the security of a hardware token solution and the convenience and cost savings of a software token solution.
Wave VSC 2.0 delivers strong two-factor authentication using the Trusted Platform Module (TPM), the embedded security chip built into enterprise PCs. Wave empowers IT with management of the TPM and VSC 2.0. Companies successfully use Wave VSC 2.0 to secure VPN access, web applications and other certificate-based applications, like Wi-Fi with 802.1x, remote desktop, or Windows-user login. Use the security that’s already been deployed and save money with Wave VSC 2.0.
Every month we see headlines highlighting mammoth breaches (i.e. EBay, JP Morgan Chase, Sony, Target, etc…). In each case, millions of records were stolen, corporate images were tarnished, and enormous costs were incurred as a result. And equally disturbing, more often than not the attacks go undetected and as a result important information is stolen.
==================================================================
Don't let the attackers (unknown and unapproved devices) on your network to steal your data (data breach)!!! Please see excerpt below!!!
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Alert Overload Distressing 70% of SecOps Teams
https://www.infosecurity-magazine.com/news/threequarters-secops-stress-alert/
Nearly three-quarters of security operations (SecOps) leaders say their home lives are being impacted by the stresses of alert overload, according to a new global study from Trend Micro.
The security vendor polled over 2300 cybersecurity decision-makers that run Security Operations Centers (SOCs) or SecOps from within their IT security function, to compile its report, Security Operations on the Back Foot.
It revealed the inadequacy of current tooling to help them prioritize alerts generated from multiple security controls across the organization.
Over half (51%) said their team is being overwhelmed by the volume of alerts and 55% admitted that they aren’t confident in their ability to prioritize and respond to them. On average, respondents said they’re spending over a quarter (27%) of their time dealing with false positives.
This is taking its toll emotionally: 70% claimed they feel so stressed outside of work that they’re unable to switch off or relax, and are irritable with friends and family.
In the SOC or IT security department, many admitted to turning off alerts (43%), walking away from their computer (43%), hoping another team member will step in (50%), or ignoring alerts entirely (40%).
"We're used to cybersecurity being described in terms of people, process and technology. All too often, though, people are portrayed as a vulnerability rather than an asset, and technical defenses are prioritized over human resilience,” argued cybersecurity researcher Victoria Baines.
“It's high time we renewed our investment in our human security assets. That means looking after our colleagues and teams, and ensuring they have tools that allow them to focus on what humans do best."
The figures chime with research from Sumo Logic last year which revealed that 99% of organizations are experiencing high volumes of alerts which cause issues for SecOps teams. A further 83% admitted this leads to alert fatigue for staff.
==================================================================
Wave VSC 2.0 could stop all the stress, and problems associated with 'alerts'!! Why wrestle with many alerts and the STRESS when unknown, and unapproved devices aren't allowed access to the network by using Wave?!! Please see the excerpt below for a description of the solution for that!!!
Rethink cybersecurity and use Wave's awesome solutions!!!
==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpts:
Secure device & user authentication
Sometimes it feels like security is more effective at deterring your users than hackers. But you still have to protect your enterprise resources, and we’re here to help. We take pride in securing your network, data, and resources to an unprecedented level, without causing a revolt from either IT or your users. In fact, your users probably won’t even know we’re there.
Here’s how it works:
Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication
Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.
Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Happy Memorial Day
Remembering those who died while serving in the U.S. military, and those who are in the military and serve our country.
MoD: Our networks are in 'unacceptable' state and both data and IT bods are stuck in silos
https://www.theregister.com/2021/05/28/mod_digital_it_strategy_report/
So if the generals would lend us a few bob to fix it that'd be nice of them
The Ministry of Defence’s IT systems are “too fragmented, fragile, insecure and obsolescent” and its operators are “mired in industrial age processes and culture,” according to a new digital strategy document.
Published earlier this week, the Digital Strategy for Defence paper is full of the usual MoD management-speak while not once mentioning the word “budget”, raising immediate questions about how the latest glitzy vision of the future would be paid for.
The strategy boutique’s latest output replaced two separate digital strategy and doctrine publications issued in late 2019, and defence procurement minister Jeremy Quin MP noted the “bewildering rate” at which digital technology is upending the staid old Ministry of Defence.
“This Digital Strategy outlines the step-change in approach that is required for Defence to leverage Digital and our Data, as fundamental enablers, to facilitate faster, better decisions and improved Defence outcomes,” burbled the paper’s introduction, under the optimistic heading of “purpose”.
Big government IT has long been a plaything for ambitious managers looking to make a name for themselves on the way up the greasy pole.
•UK reveals new 'National Cyber Force', announces Space Command and mysterious AI agency
•Ministry of Defence's cyber warfare drive is helping burn a hole through its budget, warns UK's National Audit Office
•Ministry of Defence tells contractors not to answer certain UK census questions over security fears
The document’s authors said the MoD’s “technology core is too fragmented, fragile, insecure and obsolescent” for modern-day usage, along with data being locked inside “internal and contractual silos” making it “hard to access and integrate”.
With the MoD being responsible for the new National Cyber Force and Britain’s burgeoning space agency, an IT refresh is probably no bad thing.
“The current lack of end to end visibility, poor awareness of what is in place and an inability to apply controls presents a huge risk and is not an acceptable position. We are compromised with respect to security, operational integrity, functionality and speed.”
Chief among the paper’s various new flashy Things of the Future is the creation of a Digital Backbone, described as cloud-based and embodying “common standards and architecture”.
The paper’s authors appear to understand the scale of the challenge they’ve set themselves, writing: “The core technical building blocks are the networks, gateways, hosting services, user interfaces (including identity management and access mechanisms) and middleware that come together to deliver data and information wherever and however we need to exploit it”.
Despite the evident state of internal MoD networks, however, there is one great big elephant in the room: who’s going to pay for it? Funding all the flashy headline-grabbing cyber stuff tore a hole in the ministry’s for the next decade, according to the National Audit Office earlier this year. Meanwhile, the Army has squandered billions trying and failing to buy new armoured vehicles, while the Navy has absorbed yet more billions for the two new aircraft carriers and supporting ships.
Ominously, the new Digital Strategy for Defence document didn't mention the word “budget” once – but did say the MoD will be treating data as “the mineral ore that fuels integration and enables a system-of-systems approach”. This ore will be mined by a Digital Foundry (er, are you sure they meant to say this? Ed.) that will “unleash the power of Defence’s Data,” presumably by adding random capital letters to nouns.
Less prosaically, the MoD’s digital strategy boutique reckoned individual services are going to pay for all of this through “top-level budgetholder [TLB] equipment programmes.” Whether top commanders will be prepared to divert funds from pet projects into a central IT system remains to be seen.
Whatever the outcome of the jargon-laden document, it makes a change from “data is the new oil” and hackneyed old marketing spiel about data lakes. The full thing can be read on the MoD website as a 41-page PDF. ®
==================================================================
Shouldn't the MoD use simpler, more secure and cheaper data protection systems in Wave's solutions?! Wave solutions could SOLVE a lot of the MoD's problems, and give them a great defense!!! Hopefully someone can put them in touch with Wave, and their awesome cybersecurity!!!
==================================================================
http://www.wavesys.com/wave-alternative
Choose data protection that actually works.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Cracking Multi-Factor Authentication on the Cheap
https://securityboulevard.com/2021/04/cracking-multi-factor-authentication-on-the-cheap/
==================================================================
http://www.wavesys.com/wave-alternative
The IT perimeter is gone
With tablets, smartphones, and cloud applications, your employees can access sensitive data anytime, from anywhere. Indeed, around 70 percent of security breaches and data thefts are inside jobs. Meanwhile, the hackers only get better: advanced persistent threats (APTs) appear as normal traffic, and malware can go unnoticed for weeks.
It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.
You have to start with the device
Wave has an alternative: security that’s built into each and every device.
We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.
We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.
Security that’s confirmed, not assumed
With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.
A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.
Do we need to say that with Wave, compliance is no problem?
Start closing your security gaps today, with what you’ve got
You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
=================================================================
Invest in Wave's awesome solutions that use hardware security!!! Ride the Wave in 2021!!!
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Number of Breached Records Soars 224% Annually
https://www.infosecurity-magazine.com/news/number-of-breached-records-soars/
The volume of compromised records globally has increased on average by 224% each year since 2017, according to new findings shared by Imperva.
In light of the GDPR’s third anniversary this week, the data security firm crunched statistics on thousands of breaches over the past few years to better understand the evolving risk to businesses.
There were more records reported as compromised in January 2021 alone (878 million) than for the whole of 2017 (826 million).
Alongside the increase in this figure over the past four years, there’s been a 34% rise in the number of reported breaches over the period, and a 131% increase in average number of compromised records per incident, said Imperva security researcher, Ofir Shaty.
“We are living in a digitization era in which more services are consumed on a daily basis, with the majority of them online. More businesses are migrating to the cloud which makes them more vulnerable if not done carefully. The amount of data that is out there is enormous, and it is increasing every year,” he said.
“Information security adoption is slower than the adoption of digital services that make profit from the addiction to and consumption of the same online services. The increasing number of breaches every year is a result of this gap.”
Imperva is predicting that this year will see around 1500 data breach incidents and 40 billion records compromised.
These aren’t all the result of malicious third parties stealing information from victim organizations.
Misconfiguration of cloud services has also driven a spike in data leaks. Of the 100 biggest incidents over the past decade, Imperva claimed 42% came from Elasticsearch servers, a quarter (25%) from AWS S3 buckets and 17% from MongoDB deployments.
Tools like Shodan and open source apps like LeakLocker are making the discovery of such leaks increasingly easy, Shaty warned.
“The security of an organization is only as strong as the weakest link in the security chain. Many times, the ‘walls’ that protect databases have cracks that allow attackers to put their hands on sensitive data,” he concluded.
“In many cases, better architecture and cross-organization security practices would do the trick, but those practices are not easy to implement and control. We suggest that organizations implement security for the databases they manage, not just the applications and networks that surround them.”
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
http://www.wavesys.com/data-protection
Wave’s solution: start with the device
The Wave approach to this challenge is to make the IT perimeter irrelevant. Wave turns on and manages the self-encrypting drives (SEDs) and trusted platform modules (TPMs), or security chips, that are already embedded in many of your devices. The upshot is that each and every device is equipped with its own data protection system—while being centrally managed. This gives you unprecedented yet straightforward control over exactly who has access to your data, with what devices, over what networks.
We cost less too. Wave works on your existing hardware, across platforms. That’s because our solutions are based on an open standard that’s already been implemented on 600 million–plus laptops and is now working its way onto mobile devices. Our software is all you need to reach a whole new level of data protection. It’s one of the big reasons why total cost of ownership can be almost half that of a traditional software-based system that doesn’t even work very well.
=================================================================
Rethink cybersecurity and use Wave's awesome solutions!!!
You need awesome cybersecurity!!! Ride the Wave in 2021!!!
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
GDPR Anniversary: Security Leaders More Concerned About Litigation Than Fines
https://www.infosecurity-magazine.com/news/litigation-regulatory-data-breaches/
Nine in 10 (90%) security leaders are concerned about data breach litigation from class action lawsuits, according to new research by Egress.
Published on the third anniversary of the GDPR coming into force, the survey highlighted that security leaders and data protection officers (DPOs) are even more concerned about legal settlements for data subjects than they are about regulatory fines (85%) following a serious data breach.
As a result of these concerns, 91% of the 250 security leaders and DPOs in the UK polled revealed they have taken out new cyber-insurance policies or increased their cover to protect themselves from financial exposure because of GDPR.
These fears appear well founded, with high awareness among consumers of the increased rights afforded to them under GDPR also demonstrated by the study. It showed that nearly half (47%) of the 2000 UK consumers surveyed would join a class-action lawsuit against an organization that had leaked their data. Additionally, over two-thirds (67%) said they were aware they have the right to take legal action against an organization that experiences a breach that exposes their personal data.
Tony Pepper, CEO at Egress explained: “The financial cost of data breach has always driven discussion around GDPR – and initially, it was thought hefty regulatory fines would do the most damage. But the widely unforeseen consequences of class action lawsuits and independent litigation are now dominating conversation.
“Organizations can challenge the ICO’s intention to fine to reduce the price tag, and over the last year, the ICO has shown leniency towards pandemic-hit businesses, such as British Airways, letting them off with greatly reduced fines that have been seen by many as merely a slap on the wrist. With data subjects highly aware of their rights and lawsuits potentially becoming ‘opt-out’ for those affected in future, security leaders are right to be nervous about the financial impacts of litigation.”
Commenting, Lisa Forte, partner at Red Goat Cyber Security LLP, said: “The greatest financial risk post breach no longer sits with the regulatory fines that could be issued. Lawsuits are now common place and could equal the writing of a blank cheque if your data is compromised. European countries haven’t typically subscribed to a litigious way of regulating the behavior of companies. That is now changing and without explicit government intervention companies will need to accept they need deeper pockets to cover the lawsuit gold rush we are starting to see."
"The recent Google case that currently sits with the UK Supreme Court could make group claims 'opt out' instead of 'opt in'", Lisa Forte continued. "That will inevitably mean that every single customer affected would be entered into the group action. That should be a huge worry for companies. Companies need to really prioritize preventative measures both technical and human and have a tested incident plan in place.”
=================================================================
http://www.wavesys.com/virtual-smart-card-2.0-from-wave
Cyber-threats are everywhere, but with Wave Virtual Smart Card 2.0 (Wave VSC 2.0) enterprises have a hardware-based, tokenless, two-factor authentication security solution with the security of a hardware token solution and the convenience and cost savings of a software token solution.
Wave VSC 2.0 delivers strong two-factor authentication using the Trusted Platform Module (TPM), the embedded security chip built into enterprise PCs. Wave empowers IT with management of the TPM and VSC 2.0. Companies successfully use Wave VSC 2.0 to secure VPN access, web applications and other certificate-based applications, like Wi-Fi with 802.1x, remote desktop, or Windows-user login. Use the security that’s already been deployed and save money with Wave VSC 2.0.
Every month we see headlines highlighting mammoth breaches (i.e. EBay, JP Morgan Chase, Sony, Target, etc…). In each case, millions of records were stolen, corporate images were tarnished, and enormous costs were incurred as a result. And equally disturbing, more often than not the attacks go undetected and as a result important information is stolen.
==================================================================
Years ago Wave was prepared for potential organizational GDPR fines and lawsuits with Wave VSC 2.0 and Wave SED management, and yet there are still organizations being fined and sued because they are not using these two Wave solutions.
If hundreds of fines are being handed out by the GDPR, thousands of data breaches have occurred, and ransomware attacks are growing by the day, WHAT CYBERSECURITY IS ACTUALLY WORKING??? WAVE SOLUTIONS ACTUALLY WORK, AND THEY WORK EFFECTIVELY!!!
Your company or organization could be saving a LOT of money, and avoiding tremendous headaches by using Wave solutions!!! Your organization could find it amazing what Wave (with ESW's backing) could do for it!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Biden's plan for cyber is a day late and a dollar short
https://thehill.com/opinion/cybersecurity/554907-bidens-plan-for-cyber-is-a-day-late-and-a-dollar-short
Excerpt:
Similarly, linking grants to plans for hardening cybersecurity and increasing public-private partnerships in critical infrastructure sectors is a good idea, but is also easier said than done.
==================================================================
The "hardening cybersecurity" phrase has become commonplace over the years, and Wave Systems can actually accomplish this by turning on SEDs and TPMs (hardware security). Doing this simply at a very reasonable cost, in timely fashion could put the U.S. at a whole new cybersecurity level!!! What are we waiting for?!!
==================================================================
http://www.wavesys.com/wave-alternative
Excerpt:
Start closing your security gaps today, with what you’ve got
You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
This is how long hackers will hide in your network before deploying ransomware or being spotted
https://www.zdnet.com/article/this-is-how-long-hackers-will-spend-in-your-network-before-deploying-ransomware-or-being-spotted/
Excerpts:
Any time is too long, but hackers are finding ways to wander through networks unseen for longer than you might expect.
Cyberattackers on average have 11 days after breaching a target network before they're being detected, according to UK security firm Sophos – and often when they are spotted it's because they've deployed ransomware.
==================================================================
HOW DOES ONE PREVENT HACKERS FROM STAYING IN YOUR NETWORK FOR 11 DAYS? USE WAVE SOLUTIONS; BY ONLY ALLOWING KNOWN AND APPROVED DEVICES TO ACCESS YOUR NETWORK, WAVE HELPS YOU KEEP THE HACKERS FROM ACCESSING YOUR NETWORK!!!
==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Why passwordless is not always passwordless
https://www.helpnetsecurity.com/2021/05/20/passwordless-not-always-passwordless/
The concept of passwordless authentication has been gathering steam. Gartner anticipates that by 2022, 60% of large and global enterprises will implement some sort of passwordless solution to enhance security. While these emerging authentication tools help reduce user friction, the perception that passwords will no longer be required is a little premature.
These invisible security strategies are touted as the panacea to the password problem. Rather than the user remembering a cumbersome password, they can authenticate themselves using something they own, know, are, or some combination of the three.
With passwordless authentication, users are presented with one or multiple methods of signing into an application or device without the need to enter a password. This can take the form of email-based or SMS-based one-time passwords (OTP), biometrics, or hardware token-based authentication methods. All these emerging passwordless tools have less friction which increases their appeal with users. However, once you investigate, passwords are still involved in some shape or form in the authentication process.
How are passwords still in the mix?
With these emerging passwordless authentication solutions, passwords are frequently the fallback or fail-safe if the system denies access to a valid user. For example, if you encounter a problem with biometric authentication, such as when you need to wear a mask indoors and the facial scan doesn’t work, the system will default to prompting you to enter a password.
The same is true for fingerprint readers. Therefore, even if an organization has adopted this form of authentication for every app and service, these accounts still usually have a password involved as backup authentication. This means that enterprises can’t forget about password security despite embracing passwordless authentications.
Some systems are angling to eliminate this fallback reliance on passwords by using device-local biometrics and PINs to unlock asymmetric encryption keys that are then used to authenticate against a server.
Microsoft’s Windows Hello is a notable example and – under the right circumstances – it can be used to theoretically eliminate passwords from Active Directory. However, in its current form, there are no great solutions for accessing your account from non-Microsoft devices, such as accessing corporate Exchange email in a browser or from an iPhone or Android device. Typically, these types of use cases will still involve using a password that must be maintained for the user.
Another area where credentials are still required is authenticating systems on the backend. In large organizations, it’s almost impossible not to have systems or applications that require a password for authentication. IT administrators are notoriously hip-deep in credentials for all sorts of systems that don’t support passwordless single sign-on (SSO) for one reason or another. Some of these systems are legacy and aren’t likely to be updated to support corporate SSO – and eliminating or replacing them may just not be an option.
Organizations must carefully evaluate passwordless systems as they strive to improve security and understand that passwords are often still a factor. Some additional challenges to consider with these invisible authentication solutions include:
1. Cost implications: Many of these emerging technologies are innovative but require users to own the latest smartphone or laptop. For example, if organizations want to use biometric authentication, then every user needs an up-to-date device with those capabilities. The cost of doing this in mid-sized to large organizations is substantial. Likewise, hardware tokens require a significant investment coupled with the fact that these tokens are often lost, so the cost is recurring. This is a challenge for both employee and customer/user accounts.
2. Integration burden: Even more challenging when trying to roll out a passwordless system is overcoming the incompatibility with legacy systems. Converting all these systems for organizations with a lot of users, multiple apps, hybrid infrastructures, and complex login flows makes it both laborious and expensive, and organizations should not undertake this project lightly. Passwords, by contrast, are universally compatible and work across all devices, versions, and operating systems.
3. Can increase risk from lost/stolen devices: Since many of the passwordless approaches rely on tying a user to a device if that device is lost or stolen, an attacker may be able to gain access to a plethora of corporate resources via SSO by, for example, spoofing a biometric.
4. Hackers are still a problem: As new authentication tools emerge, hackers are quick to find vulnerabilities in them. From deep fakes to SIM swapping to phishing, hackers find loopholes almost as soon as these password alternatives appear. As these solutions become commonplace, hackers will continue to look for ways to exploit any vulnerabilities, which will only add to the workload of already overburdened security teams. We have already seen biometric databases leaked and hacked, and as cited above, once this data is leaked, you cannot change your face or fingerprints like you can a password.
5. OTP-only solutions have an Achilles heel: There are some products being touted as passwordless which rely on email or SMS-based OTP as a single factor. Given that attackers can and do breach email accounts, and SIM swapping is still not nearly difficult enough, relying on these mechanisms as a passwordless authentication approach for anything more than low security applications is probably asking for trouble.
With these challenges, a better strategy for organizations is to adopt a hybrid approach to authentication where passwordless is judiciously introduced to reduce user friction and increase security, while still diligently pursuing techniques and practices that strengthen the passwords, which will invariably continue to underlie these “passwordless” solutions for some time to come.
Remember, the problem with passwords is down to poor password policy adopted by organizations coupled with user behavior rather than the actual password. Therefore, a layered approach to authentication is still the best way for organizations that want a robust, secure, and low-friction process.
Passwordless innovation will continue to emerge, and organizations should explore the different options. However, they need to recognize that passwords will remain a vital part of the authentication mix for the foreseeable future and should still be secured accordingly.
==================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
Excerpt:
Key Feature:
Helpdesk-assisted PIN reset and recovery
=================================================================
Use awesome multi-factor authentication (MFA), use Wave VSC 2.0!!!
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
TCG’s security guide verifies the trustworthiness of each end point
https://www.helpnetsecurity.com/2021/05/20/trusted-computing-group-specification/
IT administrators and manufacturers can now secure enterprise computing, with the latest specification from the Trusted Computing Group (TCG).
This new guide verifies the trustworthiness of each end point, by allowing the integrity of devices and networks within enterprise systems to be measured for the first time. This follows a 430% increase in supply chain attacks in 2020, according to Sonatype.
The PC Client Firmware Integrity Measurement (FIM) specification provides an official definitive guide, derived from the National Institute of Standards and Technology’s draft publication SP 800-155, December 2011, to verifying the security status of equipment bought by enterprises. It provides the guidelines for products that can determine the integrity of a device at the manufacturing stage and offers a baseline measurement that allows for security result comparisons throughout its lifecycle.
“Before this specification was released, it was difficult for OEMs to understand how TCG’s various specifications could be used to provide a solution enabling determination of the security status of multiple endpoints within a network,” said Amy Nelson, Distinguished Member Technical Staff, Dell Technologies, and Chair of PC Client Work Group at TCG.
The FIM works best alongside the PC Client Reference Integrity Manifest Specification (RIM), which reflects a baseline measurement for comparison to inform trust decisions.
“TCG continues to coordinate with the industry and government to improve the overall security of the infrastructure. This is one such example where TCG worked closely with NIST to provide a specific set of requirements to meet the NIST SP800-155 draft published in 2011.” – Shiva Dasari, Chief Technologist, HPE Infrastructure Security.
“This specification is key to helping improve firmware security management and assessment industry-wide. It is a milestone in our efforts in the TCG to deliver hardware-enforced security end-to-end, from supply chain to end-user,” says Shankar Balakrishnan, Senior Director, Security Product Management for Commercial Personal Systems at HP.
=================================================================
Rethink cybersecurity and use Wave's awesome solutions!!!
Please see the Wave alternative link below!!!
=================================================================
http://www.wavesys.com/wave-alternative
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Cybercrime to Top $6 Trillion in 2021, According to Cybersecurity Ventures
https://www.nbcdfw.com/news/tech/cybercrime-to-top-6-trillion-in-2021-north-texas-security-firm-says/2636083/
A report produced by Cybersecurity Ventures sees cybercrimes skyrocketing in 2021
Fuel is flowing once again through the country’s largest fuel pipeline, but the recent cyberattack against Colonial Pipeline has brought renewed attention to the growing threat that ransomware attacks and other cybercrimes pose to businesses big and small.
“I think [people] need to consider that cybercrime has grown to the level of COVID. It is attacking everywhere, everywhere, all the time,” said Jack Blount, CEO of Intrusion, a Plano-based cybersecurity company. “There is a business breached every 39 seconds of the day, 24/7/365. Cybercrime is out of control.”
A report from McAfee estimated that global losses from cybercrime topped $1 trillion in 2020, and they are expected to skyrocket to more than $6 trillion in 2021, according to a report produced by Cybersecurity Ventures, which was sponsored by Intrusion.
“Do you realize what a huge number that is?” Blount asked. “It is impacting every business in the world every day, and yet most people have their head stuck in the sand and they are unaware of it.”
By many accounts, the COVID-19 pandemic escalated cybercrime because so many businesses moved their people to work remotely, which opened up more potential points of attack.
A mistake that is made far too often, according to Blount, the CEO of Intrusion, is that people wrongly assume the criminals only target major businesses.
“A couple of years ago breaches typically happened to larger businesses because they could make a lot more profit off of them. But the nature of cybercrime has changed to a computerized attack instead of an individual-driven attack. The computer doesn’t know the size of your business when it attacks, it just knows an IP address,” Blount said.
Another common misunderstanding, according to Blount, is they assume that a breach happens in one fell swoop, with the criminals accessing your data through a ransomware attack and immediately moving to capitalize on that access. In reality, Blount said that the majority of networks will be infected by various forms of malware for months or years, giving cybercriminals access to data, passwords, and financial information long before the user is ever aware of the breach.
=================================================================
Use cybersecurity that works (Wave solutions): not cybersecurity that allows $1 trillion in cybercrime!!! If the market embraced Wave, the increase in cybercrime for 2021 would be massively curtailed. Wave uses hardware based security (TPMs and SEDs) to make their cybersecurity much more effective than the results in the above article!!!
Rethink cybersecurity and use Wave's awesome solutions!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
RDP Hijacked for Lateral Movement in 69% of Attacks
https://www.infosecurity-magazine.com/news/rdp-hijacked-for-lateral-movement/
Some 90% of cyber-attacks investigated by a leading security vendor last year involved abuse of the Remote Desktop Protocol (RDP), and ransomware featured in 81%.
The figures come from a new Active Adversary Playbook 2021 compiled by Sophos from the experiences of its frontline threat hunters and incident responders.
It revealed that, while RDP is often used to gain initial access into victim organizations, especially during ransomware attacks, it was also hijacked by attackers in 69% of incidents for lateral movement.
Techniques such as using VPNs and multi-factor authentication (MFA), which focus on preventing unauthorized external access to RDP, won’t work if the attacker is already in the network, Sophos warned.
In fact, it seems as if attackers are increasingly capable of slipping past perimeter defenses to infiltrate networks. The average dwell time for cases investigated by Sophos was 11 days. Considering many of these were ransomware attacks which typically require less time, 264 hours is more than enough for threat actors to do their worst.
“With adversaries spending a median of 11 days in the network, implementing their attack while blending in with routine IT activity, it is critical that defenders understand the warning signs to look out for and investigate,” argued Sophos senior security advisor, John Shier.
“One of the biggest red flags, for instance, is when a legitimate tool or activity is detected in a unexpected place. Most of all, defenders should remember that technology can do a great deal but, in today’s threat landscape, may not be enough by itself. Human experience and the ability to respond are a vital part of any security solution.”
According to ESET, RDP attacks increased by a staggering 768% between Q1 and Q4 2020 as cyber-criminals focused on exploiting a tool used increasingly by remote workers to access their corporate desktops.
=================================================================
The attacker's device wouldn't be accessing the network if the organization was using Wave VSC 2.0 (MFA) since the device would not be known or approved!!!
Rethink cybersecurity and use Wave's awesome solutions!!!
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Detecting attackers obfuscating their IP address inside AWS
https://www.helpnetsecurity.com/2021/05/18/detecting-attackers-inside-aws/
Security researchers have documented an attack technique that may allow attackers to leverage a legitimate Amazon VPC feature to mask their use of stolen API credentials inside AWS.
The feature and its exploitation potential
“Amazon Virtual Private Cloud (Amazon VPC) is a service that lets you launch AWS resources in a logically isolated virtual network that you define,” AWS explains.
Customers have complete control over their virtual networking environment, and can select their own IP address range, create subnets, and configure route tables and network gateways.
Unfortunately, the feature that allows customers to control their IP addresses also allows attackers to control the IP address written to AWS CloudTrail logs when accessing a compromised account via a newly created VPC endpoint.
“This can potentially enable an attacker to fool various security protections that rely on the Cloudtrail logs, such as SIEMs and cloud security tools. In addition, analysts looking for evidence of an attack might miss it,” Hunters researchers noted.
Attackers can obfuscate their IP address by making it look like an “organizational” public IP address, an employee “home” external IP address, a (potentially whitelisted) third party service provider public IP address, or a special private, reserved, testing or documentation-only IPv4 subnet block.
They could thus make it seem that a malicious action has been performed by an employee, or make it fly under the radar of threat intelligence and reputation services.
What attackers can’t do with this technique is to change the IAM permissions the attacker has when using victims’ compromised AWS API credentials, nor bypass IP-based IAM policies.
There is a solution
This technique may allow attackers to bypass security measures that rely solely on AWS CloudTrail, an AWS web service that allows customers to log, continuously monitor, and retain account activity related to actions across their AWS infrastructure (including AWS API activity).
Defenders should not rely on the contents of the “sourceIPAddress” field in the logs to detect attackers inside AWS, making API requests/calls, the researchers noted. Instead, they should review the “vpcEndpointID” field.
“If you use VPC endpoints in your environment, the only significant difference between the logs created by legitimate actions and the attacker’s actions is the specific VPC endpoint IDs logged. We recommend addressing this use-case with more anomalous-based detection logic, detecting usage of a new VPC endpoint ID never seen before in the organization,” the researchers advised.
They also recommended AWS CloudTrail users to cross-reference their cloud events with other sensors on endpoints, on-premises, email, identity, etc, to trace inconsistent logging and missed threats.
=================================================================
Using Wave and the TPM to identify known and approved devices on your network sounds better than the method used in this article!!! Device authentication and Wave VSC 2.0 has another great use rather than using IP addresses in AWS to validate identity!!! This could be another great avenue for Wave to help the market with its awesome solutions (ie. Wave VSC 2.0)!!!
==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpts:
Secure device & user authentication
Sometimes it feels like security is more effective at deterring your users than hackers. But you still have to protect your enterprise resources, and we’re here to help. We take pride in securing your network, data, and resources to an unprecedented level, without causing a revolt from either IT or your users. In fact, your users probably won’t even know we’re there.
Here’s how it works:
Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication
Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.
Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Insurer AXA hit by ransomware after dropping support for ransom payments
https://www.bleepingcomputer.com/news/security/insurer-axa-hit-by-ransomware-after-dropping-support-for-ransom-payments/
Excerpts:
As seen by BleepingComputer yesterday, the Avaddon ransomware group claimed on their leak site that they had stolen 3 TB of sensitive data from AXA's Asian operations.
The compromised data obtained by Avaddon, according to the group, includes customer medical reports (exposing their sexual health diagnosis), copies of ID cards, bank account statements, claim forms, payment records, contracts, and more.
==================================================================
I wonder what AXA was using for 2FA in Asia? Were they using SecurID?
==================================================================
Two great links below which can show how attackers(unknown and unapproved devices) can be kept, in this case, from accessing 3TB worth of data!!!
Wave VSC 2.0 - BETTER SECURITY AT LESS THAN HALF THE COST!!!
http://www.wavesys.com/products/wave-virtual-smart-card
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Secure device & user authentication
Sometimes it feels like security is more effective at deterring your users than hackers. But you still have to protect your enterprise resources, and we’re here to help. We take pride in securing your network, data, and resources to an unprecedented level, without causing a revolt from either IT or your users. In fact, your users probably won’t even know we’re there.
Here’s how it works:
Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication
Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.
Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
Rethink cybersecurity and use Wave's awesome solutions!!!
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
SecurID’s enhancements accelerate cloud adoption and advance customers’ zero trust strategies
https://www.helpnetsecurity.com/2021/05/12/securid-enhancements/
==================================================================
Does SecurID use device authentication like Wave does? Therefore, can SecurID really protect the way that Wave VSC 2.0 does? 2100 companies have had ransomware attackers leak their data so far. If SecurID is protecting many thousands of companies then why were 2100 companies data leaked? None of those companies were protected by SecurID?? Wave VSC 2.0 has better security, and organizations should find out what they are missing!!! The 2100 companies' statistic is for ransomware, and does not include data breaches!!! (please see post #246606)
==================================================================
http://www.wavesys.com/wave-alternative
Excerpts:
A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.
Do we need to say that with Wave, compliance is no problem?
http://www.wavesys.com/compliance
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
==================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Ireland’s Health Services hit with $20 million ransomware demand
https://www.bleepingcomputer.com/news/security/ireland-s-health-services-hit-with-20-million-ransomware-demand/
Excerpt:
During this time, they claim to have stolen 700 GB of unencrypted files from the HSE, including patient info and employee info, contracts, financial statements, payroll, and more.
==================================================================
You know it's amazing that Wave has the cybersecurity to prevent situations like this from happening AND IT KEEPS ON HAPPENING BECAUSE NOT EVERYONE IS USING WAVE!!! KEEP THE ATTACKERS (UNKNOWN AND UNAPPROVED DEVICES) FROM ACCESSING YOUR NETWORK BY USING WAVE SOLUTIONS and thus from getting information off the network (please see excerpts below)!!!
Take advantage of Trusted Platform Modules (TPMs) and Self Encrypting Drives (SEDs), after all, they are already built in to your devices. Wave uses them with their solutions, they just need to be turned on and Wave can do that!!!
Protect your organization from data breaches, malware, and ransomware by using Wave's awesome solutions!!!
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpts:
Secure device & user authentication
Sometimes it feels like security is more effective at deterring your users than hackers. But you still have to protect your enterprise resources, and we’re here to help. We take pride in securing your network, data, and resources to an unprecedented level, without causing a revolt from either IT or your users. In fact, your users probably won’t even know we’re there.
Here’s how it works:
Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication
Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.
Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Army’s Cybersecurity ‘Greatly Concerns’ Wormuth After Pipeline Attack
https://www.defenseone.com/policy/2021/05/armys-cybersecurity-greatly-concerns-wormuth-after-pipeline-attack/174039/
=================================================================
I'm surprised that with the capabilities in cybersecurity, and trusted computing that Wave has that Bill Solms wasn't able to communicate how much better off the Army would be with Wave solutions. Maybe Mr. Solms already communicated that, and unfortunately the Army chose not to use Wave's awesome solutions. If they had Wave, the title of this article would have a much more positive description of the Army's cybersecurity!!!
==================================================================
http://www.wavesys.com/wave-alternative
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Record Number of Breaches Detected Amid #COVID19
https://www.infosecurity-magazine.com/news/record-breaches-detected-covid/
A record number of breaches were analyzed in the Verizon 2021 Data Breach Investigations Report, with cybercrime thriving during the COVID-19 pandemic.
The study looked at a total of 29,207 security incidents from 83 contributors across the globe, of which 5,258 were confirmed breaches. This represented a substantial rise compared to last year’s report, in which there were 3,950 breaches identified.
There was a significant increase across a number of different attack vectors, which the researchers believe was fueled by the shift to home working as a result of COVID-19. Phishing and ransomware attacks went up by 11% and 6%, respectively, while instances of misrepresentation increased 15-fold compared to the previous year.
Well over half (61%) of the breaches analyzed involved credential data, and, in total, 85% of breaches involved a human element, according to the report.
Additionally, it was found that the rapid shift to the cloud during the crisis was heavily exploited by cyber-criminals, with attacks on web applications making up 39% of all breaches.
The report also noted significant variation in the way different industries were affected by cyber-attacks. For example, 83% of data compromised in breaches in the financial and insurance industries was personal information, while for professional, scientific, and technical services under half (49%) was of a personal nature.
Tami Erwin, CEO of Verizon Business, outlined: “The COVID-19 pandemic has had a profound impact on many of the security challenges organizations are currently facing. As the number of companies switching business-critical functions to the cloud increases, the potential threat to their operations may become more pronounced, as malicious actors look to exploit human vulnerabilities and leverage an increased dependency on digital infrastructures.”
Commenting on the findings, Eoin Keary, CEO and founder, Edgescan, said: “While it’s hard to establish causality, the data in the report confirms the impression that attackers certainly aren’t hindered in their efforts by global crises and are ready to opportunistically exploit any gap in the fence to pursue their objectives. For this reason, it is ever more important for the cybersecurity industry to come together and join forces to fight the challenges facing organizations today.”
Dan Conrad, IAM strategist, One Identity, said the report emphasized the growing importance of protecting credentials to secure organizations: “85% of breaches involved a human element—again, Identity is the security perimeter. We MUST find ways to protect us from ourselves,” he stated. “With that, I believe there is a shift in the mindset of the employee and consumer where they are starting to appreciate the protection of their own credentials. If we can protect our enterprises from our employees by simply embracing enhanced authentication (a.k.a. multifactor) then we are taking the right steps to protect our enterprises and adjusting the mindset of the user. In the new world of remote workers accessing everything from everywhere, anytime, ensuring they are who they say they are is critical.”
=================================================================
RETHINK CYBERSECURITY AND USE WAVE'S AWESOME SOLUTIONS!!!
PLEASE SEE INFORMATION BELOW FOR ASSISTANCE WITH WAVE!!!
=================================================================
http://www.wavesys.com/wave-alternative
http://www.wavesys.com/products/wave-virtual-smart-card
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Biden signs security-focused executive order meant to accelerate breach reporting, boost software standards
https://www.cyberscoop.com/cyber-executive-order-biden-pipeline-russia-china/
Excerpt:
The new executive order aims to raise agencies’ defenses by mandating within months that they use multi-factor authentication, strong data encryption and store computer logs to recover from hacks more swiftly.
==================================================================
With TPMs and SEDs already built-in to devices, using Wave solutions for multi-factor authentication, and strong data encryption is a better decision than using the competition since Wave solutions (Wave Alternative) are simpler, more secure and at less than half the cost!!! Wave can also manage all the types of TPMs and SEDs, and this helps make Wave the wise choice!!!
Rethink cybersecurity and use Wave's awesome solutions!!!
==================================================================
http://www.wavesys.com/wave-alternative
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Global cybersecurity leaders say they feel unprepared for attack: report
https://thehill.com/policy/cybersecurity/553016-global-cybersecurity-leaders-say-they-feel-unprepared-for-attack-report
Excerpts:
The report, compiled by cybersecurity group Proofpoint, was based on a survey of 1,400 CISOs in 14 different countries including the United States. The results highlighted a brutal year for security professionals struggling to cope during the COVID-19 pandemic.
“Organizational cyber preparedness is still a major concern, and more than a year into this pandemic, it really changed the threat landscape, 66 percent of CISOs feel their organization is unprepared to cope with a targeted cyberattack in 2021,” Lucia Milica, global resident CISO at Proofpoint and the report’s lead author, told The Hill ahead of the report’s release.
=================================================================
Wave solutions keeps the attackers (unknown and unapproved devices - please see excerpt below) from having access to your network!!! If other two factor authentication (2FA) products worked as well as Wave VSC 2.0 then there wouldn't be articles like this one!!!
Rethink cybersecurity and use Wave's awesome solutions!!!
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Experts suggest French insurer AXA's plan to shun ransomware payouts will set a precedent
https://www.cyberscoop.com/axa-ransomware-cyber-insurance-policies/
==================================================================
When French insurer AXA signaled last week that it would no longer write new cyber-insurance policies covering extortion payouts to criminals, ransomware and cyber insurance experts had two reactions. They wondered why it took so long, and how long it would take others to follow suit.
Ransomware is an ever-increasing cause of cyber-insurance claims, according to industry estimates, and having such insurance may make policyholders more likely to be attacked. A representative of the REvil ransomware gang said in a March interview that the group specifically targets victims known to have cyber-insurance, because they’re “one of the tastiest morsels” who can more easily afford to pay. In perhaps the biggest ransomware payment of 2020, smartwatch maker Garmin paid a reported $10 million and said it wasn’t sure how much its insurance would cover of all the costs, which it didn’t enumerate by type of expense.
Those conditions can perpetuate themselves. The more victims pay, the more criminals attack, and the more cash it takes out of victims’ and insurers’ pockets. AXA’s decision, announced Thursday, appears to be the first time an insurer said it will no longer cover ransomware payments, though it was not a surprise to industry observers.
“I’m surprised it hasn’t happened sooner,” said Jon DiMaggio, chief security strategist at threat intelligence firm Analyst1. “These insurance companies don’t like to spend money and we’re going the opposite direction that they want to go, so I think we’re going to see more companies getting out of it.”
A spokesperson for AXA XL, a U.S. subsidiary of the French company, said the announcement doesn’t apply outside France, and doesn’t apply to ransomware-related incident cleanup costs. (The decision occurred before hackers breached a U.S. pipeline company, an incident that warranted a briefing to President Joe Biden.)
“As is standard market practice in the U.S., we provide ransomware cover as part of a broader cyber policy,” the spokesperson, Christine Weirsky, said via email.
“The current cyber insurance market is very challenging prompting many markets to look carefully at coverage and capacity,” she said. “We also continue to monitor the evolving regulatory environment regarding ransom payments. We’re committed to working with our brokers and clients, in addition to regulators, law enforcement, cyber security professionals and others, to find appropriate protections and risk mitigation/reduction strategies to meet this evolving landscape.”
AXA’s move could be a positive one, said Megan Stifel, executive director of the Americas at the Global Cyber Alliance. Even if the move starts a trend, though, more work will be necessary, said Stifel, who served on a Ransomware Task Force that recently released recommendations on cyber-insurance and more. Furthermore, it’s not clear if insurance companies are responsible for very many ransomware payouts.
“It’s a great first step,” Stifel said. “Hopefully more will follow and then hopefully the chokehold on ransomware payments will begin to follow.”
If the trend of insurers cutting off such payments happens too quickly, though, it could be bad for businesses, said Austin Berglas, former head of the FBI’s cyber unit in New York City and global head of professional services at cybersecurity firm, BlueVoyant. Other insurers might take a more moderate approach.
“I think they’re going to put more restrictions around payment, and say, ‘We will make payments. We will cover you for ransomware pain and if you do X, Y and Z, which is a good thing,'” Berglas said “Chopping it off and saying, as of today, ‘We’re not making payments anymore,’ that puts a lot of companies in a bad spot.
“Whereas, if you do it slow roll, and say ‘Hey look guys over the next six months, we’re going to change our policies for renewal, saying we’ll cover you if you do these things, like two-factor authentication,'” that would be a better way forward, he said.
Today, some companies do impose baseline security steps from policyholders as part of their cyber coverage, but Stifel said some also require nothing.
At least one fellow cyber insurance provider, Cowbell Cyber, said it doesn’t plan to do what AXA did. Founder and CEO Jack Kudale said companies still need protection from ransomware, and that better risk assessments and more closely aligning coverage to threats is a better way to respond to cyber extortion than simply halting payments.
That France is the nation where an insurer first swore off of ransomware payouts makes sense, DiMaggio said, given its aggressive posture compared to other countries in tackling the phenomenon. France was at the forefront of the operation this year to arrest alleged hackers who use the Egregor ransowmare, for instance.
Ransomware was also the subject of a French Senate hearing last week where a cybercrime prosecutor reportedly said, “The word to get out today is that, regarding ransomware, we don’t pay and we won’t pay.” And Emsisoft estimated that France was second to the U.S. in ransomware damages to businesses, hospitals, local governments and schools, incurring more than $5.5 billion in costs last year.
Even if insurers mimic AXA, it’s clear ransomware will still impose incident costs for victims and insurance companies alike. Benchmark Electronics, an Arizona-based manufacturer of medical and aerospace equipment, said in a May 6 Securities and Exchange Commission filing that it had collected $10 million in insurance payments stemming from a 2019 ransomware attack on its systems. The incident cost the firm $12.7 million in legal, IT forensics and other fees.
=================================================================
http://www.wavesys.com/buzz/pr/wave-announces-5-year-master-license-agreement-virtual-smart-card-20-leading-global
Wave Announces 5-Year Master License Agreement for Virtual Smart Card 2.0 with Leading Global Financial Services Company
Wins competitive evaluation against market leader in two-factor authentication tokens
Lee, MA -
December 17, 2015 -
Wave Systems Corp. (NASDAQ: WAVX) announces a five-year master licensing agreement (MLA) with a leading global corporation (as determined by the 2015 Fortune Global 500 List) for its Virtual Smart Card 2.0 solution. This MLA sets the terms and pricing for licenses and maintenance across the customer’s global organization and establishes it as their preferred two-factor authentication solution. Instead of one large license purchase for the entire organization, each of the customer’s subordinate divisions will make separate orders in accordance with the terms of this MLA.
The first purchase of 2,000 VSC 2.0 licenses under this agreement, when added to a previous purchase, completes the requirement for the customer’s global IT division. That division will now lead the internal effort to standardize the remaining 150,000+ endpoints within their organization with the new Wave VSC 2.0 solution. While there are no minimum order requirements under the agreement, discussions for additional orders are underway.
“Our five-year agreement with this customer is the first very large scale contract for VSC 2.0 and is an important milestone for Wave,” said Bill Solms, President and CEO of Wave Systems. “This customer is a major global financial services company and their standards for protecting their systems from unauthorized access and the integrity of their data are of the highest order. Wave had to pass a very rigorous technical and business review to win the competition. We believe that this client’s decision to choose Wave Virtual Smart Card 2.0 over their incumbent solution gives us tremendous credibility in the two-factor authentication market. We will remain engaged with this company in order to complete the additional sales and deployments in the months ahead.”
Wave Virtual Smart Card 2.0 is a tokenless, hardware-based, two-factor authentication solution that offers superior security at less than half the cost of comparable solutions. It is the industry’s only enterprise-grade virtual smart card management solution that works on Windows 7, 8 and 10. It also provides management support for the Microsoft Virtual Smart Card on Windows 8 and 10. Wave’s VSC solution emulates the functionality of physical smart cards or tokens, but offers greater convenience to users, significantly lower total cost of ownership, and a greatly reduced risk of unauthorized access.
Wave Virtual Smart Card 2.0 gives IT the ability to:
• Remotely create and delete virtual smart cards
• Provide help desk-assisted recovery
• Configure Passphrase and card policies
• View the status of virtual smart cards and enrolled certificates
• Generate reports for compliance
• Support virtual smart cards on laptops, tablets and desktops with both TPM 1.2 and TPM 2.0 security chips
=================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Americans Avoid Sites After Forgetting Passwords
https://www.infosecurity-magazine.com/news/americans-avoid-sites-after/
==================================================================
This wouldn't even be a problem for businesses if organizations were using Wave VSC 2.0!!! And with the Trusted Platform Modules (TPMs) and Self-Encrypting Drives (SEDs), Wave is more secure!!! Wave VSC 2.0 has some great features which make it awesome, and a must have for organizations looking to secure their enterprises!!!
Rethink cybersecurity and use Wave's awesome solutions!!!
==================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Password Reuse at 60% as 1.5 Billion Combos Discovered Online
https://www.infosecurity-magazine.com/news/password-reuse-60-15-billion/
A security vendor discovered nearly 1.5 billion breached log-in combos circulating online last year and billions more pieces of personal information (PII), with password reuse and weak hashing algorithms commonplace.
SpyCloud’s 2021 Credential Exposure Report was compiled from the vendor’s human intelligence efforts to recover stolen data from criminal networks early in the breach lifecycle.
Some 854 breach incidents, up a third from 2019, leaked on average 5.4 million records each.
Poor password security is still rife: for users with more than one password stolen last year, SpyCloud found that 60% of credentials were reused across multiple accounts, exposing them to credential stuffing and other brute force tactics.
For the 270,000 .gov emails recovered, password reuse was even higher, at 87%.
Nearly two million passwords contained “2020” while almost 200,000 featured COVID-related keywords like “corona” and “pandemic.”
As usual, the most common password was “123456,” followed by “123456789” and “12345678.” “Password” and “111111” also appeared more than 1.2 million times each.
However, in some cases, the blame lay with the organizations tasked with protecting their customers’ personal data and logins. SpyCloud found that a third (32%) of breached passwords used the weak MD5 algorithm and 22% used SHA1. In addition, only 17% of passwords were salted.
The security firm also recovered over 4.6 billion pieces of PII including names, addresses, birthdates, job titles and social media URLs. This trove featured 1.3 billion phone numbers, the most common piece of PII found.
The findings represent a major security risk for both individual consumers and businesses, given that many credentials and email addresses are being used across corporate and personal spheres.
“These staggering numbers indicate a continued threat for account takeovers, identity theft and fraud at a time when people have been spending more time online during the COVID-19 pandemic,” said David Endler, co-founder of SpyCloud.
“Criminals didn’t stop for the coronavirus. In fact, attackers have been able to use the disruption of the pandemic to their advantage.”
=================================================================
Can you believe that this is still happening in organizations when organizations could solve this problem at less than half the cost by using Wave VSC 2.0? HUGE SAVINGS by using Wave VSC 2.0 when one considers that it could stop ransomware attackers (unknown and unapproved devices) from obtaining data from the network!!! (please see the last excerpt)
==================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
Excerpt:
The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
Token-free, password-free user authentication
We know you’ve dreamt about shredding your list of passwords. Go on and do it.
Because you are starting the authentication process in the device’s hardware, the user doesn’t have to interact with it. All users see is their usual Windows log-in screen – no more additional passwords to access the VPN or other resources. They just sign in once, and the secure credentials in their TPMs securely and quickly connect them to everything they need. Say goodbye to user frustration and slow OS performance.
=================================================================
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
Rethink cybersecurity and use Wave's awesome solutions!!!
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Ransomware gangs have leaked the stolen data of 2,100 companies so far
https://www.bleepingcomputer.com/news/security/ransomware-gangs-have-leaked-the-stolen-data-of-2-100-companies-so-far/
=================================================================
It's time for a change! Rethink cybersecurity, and use Wave's awesome solutions!!!
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Colonial Pipeline cyberattack shuts down pipeline that supplies 45% of East Coast's fuel
https://www.zdnet.com/article/colonial-pipeline-cyberattack-shuts-down-pipeline-that-supplies-45-of-east-coasts-fuel/
==================================================================
Simpler, more secure and at less than half the cost, Wave has the recipe for awesome cybersecurity!!!
Rethink cybersecurity and use Wave's awesome solutions!!!
==================================================================
http://www.wavesys.com/wave-alternative
Excerpt:
It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Insurer AXA halts ransomware crime reimbursement in France
https://abcnews.go.com/Technology/wireStory/insurer-axa-halts-ransomware-crime-reimbursement-france-77540351
==================================================================
Should AXA tell organizations the great reasons why organizations should use Wave solutions (ie. MFA) to protect themselves against ransomware; the U.S. too?
==================================================================
http://www.wavesys.com/buzz/pr/wave-announces-5-year-master-license-agreement-virtual-smart-card-20-leading-global
Wave Announces 5-Year Master License Agreement for Virtual Smart Card 2.0 with Leading Global Financial Services Company
Wins competitive evaluation against market leader in two-factor authentication tokens
==================================================================
Rethink cybersecurity and use Wave's awesome solutions!!!
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Search for Pelosi's laptop leads feds to Alaska -- and wrong home, woman claims
https://www.foxnews.com/politics/search-for-pelosis-laptop-leads-feds-to-alaska-and-wrong-home-woman-claims
==================================================================
Feds may have raided home of wrong woman involved in Capitol riot in search for Pelosi's laptop
https://www.nbcnews.com/politics/congress/feds-may-have-raided-home-wrong-woman-involved-capitol-riot-n1266482
=================================================================
Shouldn't there be an aim and effort to use technology like the Wave Cloud and/or Wave SED management, activated SEDs, and Wave solutions to secure government, prevent the rest of society from incidents like this, and stop or make it unreasonable to steal (if its going to turn into a brick!!) laptops in the first place?!!
=================================================================
http://www.wavesys.com/products/wave-cloud
No infrastructure, no software …
no more excuses
You know you should be encrypting data on every device in your organization, especially your laptops. Self-encrypting drives (SEDs) are the fastest, easiest and most secure way to do that. But setting up to support and manage SEDs can seem daunting. Even to test them, you need server infrastructure and management software. Right?
Not with Wave Cloud. The world’s first cloud-based service for managing SEDs, Microsoft Bitlocker and OS X FileVault 2, Wave Cloud lets users take advantage of the benefits of SEDs without jumping through the hoops traditionally associated with SED management. Whether you’re doing a small proof-of-concept or full-blown production deployment, Wave Cloud is the fastest way to get there.
Contact Wave Sales and you’re on your way - no servers or software or big capital expenditures.
Manage the entire range of endpoint encryption technologies
Wave Cloud is the world’s only cloud service that manages SEDs and software encryption in a single console. Its hybrid management approach is the best way to secure your legacy endpoints today with OS-native full disk encryption, while phasing in self-encrypting drives on your latest-generation assets.
Key Features:
Flexibility
• Compatible with Windows 8.1, 8, 7 and Vista operating systems; and OS X 10.8 and 10.9 (for OS X FileVault 2)
• Manage mixed environments from one console
Easy security compliance
• Active monitoring, logging, and reporting of all user and device events associated with SEDs
• No infrastructure to buy or set up - fast, easy compliance
Data protection
• The only cloud-based management solution that gives you drive initialization, user management, drive locking, and user recovery for all Opal-based, proprietary, and solid-state SEDs
• Secure user recovery using challenge/response
• User-based SSO after recovery
• Control for external SEDs
• S3 sleep support
Simplicity
• Fast deployment of SEDs and OS-native software encryption—no need to buy, build, and test (or maintain) server infrastructure
• Easy-to-use web interface
• Deploy many drives at once with policy-based management
• Windows password synchronization and single sign-on (SSO)
• Features and maintenance patches are continually updated, so you’re always running the best, most secure version of the service
• One-click initialization/provisioning
• Your subscription covers everything—no up-front charges, no support charges
No compromises
• Wave Cloud is every bit as secure as our on-premise SED management product
• All the same monitoring, logging, and reporting you need for compliance
==================================================================
http://www.wavesys.com/products/wave-self-encrypting-drive-management
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
How to Move Beyond Passwords and Basic MFA
https://www.darkreading.com/edge/theedge/how-to-move-beyond-passwords-and-basic-mfa/b/d-id/1340904
Interesting excerpts:
No Free Pass
At the center of everything passwordless is FIDO2. The vendor-agnostic framework allows an individual to use a digital unlock system, such as Face ID or Touch ID on a smartphone, or voice or a PIN on a device to authenticate. The framework works across Windows, Mac, and Android. Once device authentication is complete, a private cryptographic key stored in the machine's Trusted Platform Module (TPM) handshakes with a public cryptographic key used for a website or application. Since the TPM cannot be modified and is inaccessible outside the device it is on, it delivers the absolute verification required. In other words, the person can be fully trusted.
It's a simple concept based on complex layers technology.
"It's both cryptographically strong, and it's tied to the user and the device," says Alex Simons, corporate vice president for program management in Microsoft's Identity Division. "So, while nothing is 100%, it's almost inconceivable that someone could break into it."
=================================================================
TPMs and device authentication are revealed to be keys to better trusted cybersecurity, and WAVE HAS BOTH WITH WAVE VIRTUAL SMART CARD 2.0!!!
Rethink cybersecurity and use Wave's awesome solutions!!! Please see the information below to assist you with these awesome solutions!!!
=================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Bank of America Tech Chief Says Cyber Attacks Have Surged ‘Dramatically’
https://www.bloomberg.com/news/articles/2021-05-03/bofa-tech-chief-says-cyber-attacks-have-surged-dramatically
Excerpt:
“Criminals are by definition very crafty, very entrepreneurial -- and times of stress produce opportunities,” Bessant told journalists during a virtual briefing Monday. “There’s no question that the rate and pace of attacks, and the nature of attacks, has grown dramatically.”
==================================================================
http://www.wavesys.com/buzz/pr/wave-announces-5-year-master-license-agreement-virtual-smart-card-20-leading-global
Wave Announces 5-Year Master License Agreement for Virtual Smart Card 2.0 with Leading Global Financial Services Company
Wins competitive evaluation against market leader in two-factor authentication tokens
Lee, MA -
December 17, 2015 -
Wave Systems Corp. (NASDAQ: WAVX) announces a five-year master licensing agreement (MLA) with a leading global corporation (as determined by the 2015 Fortune Global 500 List) for its Virtual Smart Card 2.0 solution. This MLA sets the terms and pricing for licenses and maintenance across the customer’s global organization and establishes it as their preferred two-factor authentication solution. Instead of one large license purchase for the entire organization, each of the customer’s subordinate divisions will make separate orders in accordance with the terms of this MLA.
The first purchase of 2,000 VSC 2.0 licenses under this agreement, when added to a previous purchase, completes the requirement for the customer’s global IT division. That division will now lead the internal effort to standardize the remaining 150,000+ endpoints within their organization with the new Wave VSC 2.0 solution. While there are no minimum order requirements under the agreement, discussions for additional orders are underway.
“Our five-year agreement with this customer is the first very large scale contract for VSC 2.0 and is an important milestone for Wave,” said Bill Solms, President and CEO of Wave Systems. “This customer is a major global financial services company and their standards for protecting their systems from unauthorized access and the integrity of their data are of the highest order. Wave had to pass a very rigorous technical and business review to win the competition. We believe that this client’s decision to choose Wave Virtual Smart Card 2.0 over their incumbent solution gives us tremendous credibility in the two-factor authentication market. We will remain engaged with this company in order to complete the additional sales and deployments in the months ahead.”
Wave Virtual Smart Card 2.0 is a tokenless, hardware-based, two-factor authentication solution that offers superior security at less than half the cost of comparable solutions. It is the industry’s only enterprise-grade virtual smart card management solution that works on Windows 7, 8 and 10. It also provides management support for the Microsoft Virtual Smart Card on Windows 8 and 10. Wave’s VSC solution emulates the functionality of physical smart cards or tokens, but offers greater convenience to users, significantly lower total cost of ownership, and a greatly reduced risk of unauthorized access.
Wave Virtual Smart Card 2.0 gives IT the ability to:
• Remotely create and delete virtual smart cards
• Provide help desk-assisted recovery
• Configure Passphrase and card policies
• View the status of virtual smart cards and enrolled certificates
• Generate reports for compliance
• Support virtual smart cards on laptops, tablets and desktops with both TPM 1.2 and TPM 2.0 security chips
==================================================================
Banks and other organizations could take the stress out of the equation by keeping the cyberattackers (unknown and unapproved devices) from accessing their networks by using Wave's awesome solutions!!!
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Dell is issuing a security patch for hundreds of computer models going back to 2009
https://www.theverge.com/2021/5/4/22419474/dell-security-patch-kernel-level-permissions-firmware-update-driver-dbutil-sys
Excerpt:
Dell’s FAQ indicates that someone would have to have access to your computer in some way to take advantage of the bug, which they could get through malware, phishing, or being granted remote access privileges.
==================================================================
Does anyone protect against all three like Wave does? If you didn't get your Dell computer patched, you and your organization could be protected by Wave, and if you had Wave you would be protected!!!
==================================================================
Rethink cybersecurity and use Wave's awesome solutions!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
New SEI CERT chief and first ever federal CISO: old cybersecurity models have ‘been overcome’
https://www.scmagazine.com/home/security-news/network-security/new-sei-cert-chief-and-first-ever-federal-ciso-old-cybersecurity-models-have-been-overcome/
INTERESTING article...
==================================================================
Rethink cybersecurity and use Wave's awesome solutions!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Cybersecurity control failures listed as top emerging risk
https://www.helpnetsecurity.com/2021/05/03/cybersecurity-control-failures/
==================================================================
Rethink cybersecurity, and use Wave's awesome solutions!!!
==================================================================
http://www.wavesys.com/wave-alternative
Choose data protection that actually works.
The IT perimeter is gone
With tablets, smartphones, and cloud applications, your employees can access sensitive data anytime, from anywhere. Indeed, around 70 percent of security breaches and data thefts are inside jobs. Meanwhile, the hackers only get better: advanced persistent threats (APTs) appear as normal traffic, and malware can go unnoticed for weeks.
It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.
You have to start with the device
Wave has an alternative: security that’s built into each and every device.
We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.
We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.
Security that’s confirmed, not assumed
With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.
A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.
Do we need to say that with Wave, compliance is no problem?
Start closing your security gaps today, with what you’ve got
You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
==================================================================
http://www.wavesys.com/compliance
With device-based security, compliance is simple.
What is compliance?
Organizations must meet industry-wide government requirements for data management, including storage, archiving, encryption, and retrieval. These requirements are intended to prevent data theft and preserve consumer privacy. They often mandate specific controls, corporate compliance programs, audits, public disclosures (“notice of breach”), and stiff penalties—from fines to prison time—for noncompliance.
If your organization falls victim to a security breach and you can’t prove that you were in compliance when it happened, you will be considered negligent. In addition to fines or criminal prosecution, you could face lawsuits, negative publicity, and loss of business.
Here are some of the primary areas of regulation:
Corporate accounting: SOX
Health care: HIPAA and HITECH
Credit and debit transactions: PCI
Government: FISMA and VPAT
Europe: DPA
The regulations are overwhelming and costly
Compliance is a major concern because of the increasing number and complexity of the regulations, as well as the expense they can entail—in the form of investment in new technologies and management. In the United States alone, there are more than 8,500 state and federal regulations concerning records management and notice of breach, plus voluntary standards. A 2011 study of multinational companies found the average cost of compliance to be more than $3.5 million.
Wave’s solution: start with the device
The Wave approach to the compliance challenge is twofold:
First, we offer serious security that’s confirmed, not assumed. Regulators won’t take your word for it. We use your existing hardware to more or less equip each and every device with its own data protection system. That can mean both strong two-factor authentication and automatic encryption.
This gives you unprecedented yet straightforward monitoring of and control over exactly who has access to your data, with what devices, over what networks. Detailed logs record it all—and show that you were in compliance at any given time. Proving compliance to an auditor can be as easy as clicking “print.”
Second, we keep it simple to keep costs down. Again, we start with the devices you already have. We can do that because our products are based on an open standard that’s already been implemented on 600 million–plus laptops and is now working its way onto mobile devices. Our software may be all you need to tame the compliance monster.
Our products are also designed to make managing your security—and your compliance—refreshingly straightforward. Usually, you can do all your management, monitoring, and reporting through a single console. Preconfigured security policies mean you can be in compliance as soon as our software is installed. It all adds up to less time, less staff.
For these reasons, total cost of ownership for Wave can be almost half that of a traditional software-based system that may not even prove you are in compliance—never mind protect your data.
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Tanium partners with Oracle to offer cloud-based endpoint management, security
https://www.zdnet.com/article/tanium-partners-with-oracle-to-offer-cloud-based-endpoint-management-security/
==================================================================
If Tanium's endpoint security is so good, and widespread then why do we have statistics for ransomware in post #246589 by Methinks (untold thousands of businesses) and data breaches make up many more businesses as well!!! Many of these large companies had their data stolen and held for tens of millions in ransom. Other cybersecurity could be the culprit too.
Rethink cybersecurity, and use Wave's awesome solutions!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Report: Russia 'likely' kept access to US networks after SolarWinds hack
https://www.engadget.com/russia-us-network-access-after-solarwinds-hack-192305973.html?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS91cmw_c2E9dCZyY3Q9aiZxPSZlc3JjPXMmc291cmNlPW5ld3NzZWFyY2gmY2Q9JnZlZD0wYWhVS0V3aWF3TXJEbWFmd0FoWFdHODBLSFlwREQ3OFF4ZlFCQ0RVd0FBJnVybD1odHRwcyUzQSUyRiUyRnd3dy5lbmdhZGdldC5jb20lMkZydXNzaWEtdXMtbmV0d29yay1hY2Nlc3MtYWZ0ZXItc29sYXJ3aW5kcy1oYWNrLTE5MjMwNTk3My5odG1sJnVzZz1BT3ZWYXcwYXZNNk10bjBGMGlTaDVMQnctc3VP&guce_referrer_sig=AQAAALwfMC_2p7PnDgc8PR7QKM7zbfhKHdApJePZsTVlqfwhK63LR2qjiaz6RRhMVW59K4DrsjXgav17Zi8GW-v1A2ujKmTJPZ9H5gC9n1rVuNFEWGWV5_FLzA8D9XF2t8384AjL-op7M65PoZ5RRhzPoWHxUODC9dMM6hxLSbN7jSRD
Patches might not have been enough.
Russia's alleged success with the SolarWinds hack might not have ended just because US agencies and companies have bolstered their defenses. CNN sources aware of the investigation claim Russia's SVR intelligence agency "likely" still has access to American networks despite efforts to close exploits. The attackers are still "very much out there," one contact said.
Deputy National Security Adviser Anne Neuberger didn't directly acknowledge the allegation when CNN asked, but did say that formally blaming the SVR was meant to "shape [Russia's] calculus" on the value of hacks. The US wasn't going to dissuade Russia with a single action, the adviser said.
A continued presence in American networks is consistent with history. Russia continued to mount cyberattacks against the US after the Obama administration imposed sanctions in late 2016, targeting politicians and other systems during the 2018 midterms and beyond. Even if the US successfully dislodged Russia from government systems, there was a good chance it would find another security hole.
If the report is accurate, though, it illustrates just how difficult it may be to secure a lasting victory against state-sponsored cyberattacks. Even the large-scale response to a campaign like the SolarWinds hack apparently wasn't enough to dislodge the intruders. The US might not get a reprieve for a long, long time to come.
=================================================================
It's amazing that Wave is not being used in a widespread fashion (across the World) when their solutions could keep the attackers (unknown and unapproved devices) off U.S. networks!!! It would very much help solve the problem in the above article. Yes, it's time to rethink cybersecurity. Use cybersecurity that works effectively. Use Wave solutions!!!
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
http://www.wavesys.com/wave-alternative
Excerpt:
A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Security Spending Doubles but Two-Fifths of Firms Suffer Breaches
https://www.infosecurity-magazine.com/news/security-spending-doubles/
Cybersecurity spending across the US and Europe has surged over the past year, but so too have security breaches, from 38% to 43% of businesses surveyed by Hiscox.
The insurer’s annual Hiscox Cyber Readiness report has become a useful gauge of how mature and effective organizations’ cybersecurity strategies are. This year the firm engaged Forrester Consulting to poll over 6000 such companies across the US, UK, Belgium, France, Germany, Spain, the Netherlands and Ireland.
It revealed that the average firm now spends more than a fifth (21%) of its IT budget on cybersecurity, an increase of 63% in a year, with mean spending per firm more than doubling in two years — from $1.45 million to $3.25 million.
However, this money isn’t necessarily improving outcomes, given that successful attacks are on the rise. Over a quarter (28%) of those targeted suffered five or more such attacks, with almost a fifth (17%) claiming the financial impact materially threatened the company’s future.
Ransomware had a major impact on organizations last year: 16% suffered attacks and over half (58%) paid up, rising to 71% in the US, according to the report.
Hiscox also appraises organizations by their “cyber readiness” across six key areas of people, process and technology.
It found there was much work still to do, with just a fifth (20%) named as “experts” and more than a quarter (27%) classed as “novices.”
Perhaps unsurprisingly, those deemed experts suffered fewer ransomware attacks, were less likely to pay up and recovered more quickly.
The US had the highest proportion of cyber “experts” (25%) and one of the lowest median costs of attacks. Although the UK ranked second, with 23% of firms named as experts, they were least likely to have had a cyber-attack (36%) and most likely to have defended it successfully, according to Hiscox.
==================================================================
Wave solutions could have an enormously positive impact on reducing the percentage of security breaches outlined in this article. Why double down on security that doesn't work? Invest in awesome cybersecurity!!! Invest in Wave System's solutions!!!
==================================================================
*** EXCELLENT READING BELOW!!!
http://www.wavesys.com/wave-alternative
The IT perimeter is gone
With tablets, smartphones, and cloud applications, your employees can access sensitive data anytime, from anywhere. Indeed, around 70 percent of security breaches and data thefts are inside jobs. Meanwhile, the hackers only get better: advanced persistent threats (APTs) appear as normal traffic, and malware can go unnoticed for weeks.
It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.
You have to start with the device
Wave has an alternative: security that’s built into each and every device.
We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.
We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.
Security that’s confirmed, not assumed
With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.
A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.
Do we need to say that with Wave, compliance is no problem?
Start closing your security gaps today, with what you’ve got
You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Senate Intelligence panel working on legislation around mandatory cyber breach notification
https://thehill.com/policy/cybersecurity/550543-senate-intelligence-panel-working-on-legislation-around-mandatory-cyber
Excerpt:
“Right now, our failure to have norms, our failure to have a more robust notification system in existence, candidly, that failure has allowed in many ways Russia and China to launch cyberattacks with virtual impunity,” he noted.
==================================================================
The failure of the market (despite Wave's financial difficulties of the past and its bankruptcy) to not see the huge benefit in Wave and act on it and it's hardware based security also has contributed heavily to the current market position outlined in the excerpt. If the market was embracing Wave solutions so many of these cybersecurity problems would be vanishing!!!
Invest in awesome cybersecurity!!! Invest in Wave System's solutions!!!
=================================================================
Wave's website, contact with Wave (BELOW), and the previous posts could help those new to Wave or those who want to see why Wave is so AWESOME!!! The Wave alternative below is some excellent reading!!! Everyone should read it closely!!!
=================================================================
http://www.wavesys.com/wave-alternative
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Australian government's major IT shops to help others with cybersecurity
https://www.zdnet.com/article/australian-governments-major-it-shops-to-help-others-with-cybersecurity/
The Australian government is planning on establishing three 'Cyber Hub' pilots that will see departments such as Defence, Home Affairs, and Services Australia provide cyber services for the smaller ones.
==================================================================
From Methinks post, former ASIO head David Irvine said the West is lagging behind in defensive cyber capability.
Instead of jumping through more hoops to try to do more planning around cybersecurity, use essential MFA now like Wave VSC 2.0 and Wave's other awesome solutions. It would tremendously enhance the country's cybersecurity posture so much faster, and be great long term cybersecurity for Australia and other countries to have!!!
==================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
http://www.wavesys.com/products/wave-self-encrypting-drive-management
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
US Urges Organizations to Implement MFA, Other Controls to Defend Against Russian Attacks
https://www.darkreading.com/threat-intelligence/us-urges-organizations-to-implement-mfa-other-controls-to-defend-against-russian-attacks/d/d-id/1340832
Actors working for Moscow's Foreign Intelligence Service are actively targeting organizations in government and other sectors, FBI and DHS say.
=================================================================
Time for awesome cybersecurity!!! Time for Wave VSC 2.0 (MFA) and Wave solutions!!!
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
The Five Strategies Users Use to Determine Phishing: Which Work and Which Don’t?
https://www.infosecurity-magazine.com/blogs/the-five-strategies-used-to/
Excerpt:
Verizon estimates that 90% of all data breaches originate from phishing and according to the Anti Phishing Working Group, the number of phishing websites are at an all-time high right now.
==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpts:
Strong Security
• Authenticate securely, encrypt email, and prove integrity of the device with one management console
• Protect against phishing, malware and other network security threats by storing authentication credentials in hardware
• Provide centralized enforcement of custom policies
=================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
Excerpt:
The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.
=================================================================
Protecting against phishing is another great feature of Wave VSC 2.0, and one of the reasons that every organization should be using it for their cybersecurity along with Wave's other solutions!!!
Better security at less than half the cost!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE