HomeRisk ManagementsThese Security Technologies are Outdated | CSO Online

These Security Technologies are Outdated | CSO Online

Published on

spot_img

AuditBoard is making a significant shift away from using password-based security controls, according to CISO Marcus since 2024. Instead, the company is opting for dynamic methods of user authentication. Marcus stated, “When we select a provider, we openly say that we do not want to use static authentication methods such as passwords or tokens. However, we must be realistic: if it is not feasible with certain products, the passwords used must be changed regularly. Static credentials have become the exception for us.”

This move towards dynamic authentication methods reflects a growing trend in the cybersecurity industry to move away from traditional password-based security measures. By prioritizing dynamic authentication, AuditBoard aims to enhance its security posture and adapt to evolving cyber threats in a more proactive manner.

Attila Torok, the CISO at software provider GoTo, also challenges the effectiveness of scheduled penetration tests. He believes that conducting penetration tests once or twice a year to meet compliance or vendor requirements is outdated and inadequate for assessing a company’s true security posture. Torok explained, “It is not suitable for effectively evaluating the actual security situation of a company. It is more of a snapshot. The environment at GoTo is constantly changing: we modify our code multiple times a day – an annual penetration test would be pointless and costly.”

Despite his skepticism towards scheduled penetration tests, Torok recognizes the value of ongoing vulnerability assessments. He emphasized the importance of a dynamic approach to penetration testing for environments that are constantly evolving and changing. By conducting regular vulnerability assessments, GoTo can proactively identify and address security vulnerabilities in their environment, ensuring continuous protection against potential threats.

The shift towards dynamic penetration testing reflects a broader industry shift towards more proactive and adaptive cybersecurity measures. By moving away from traditional, static security controls like passwords and scheduled penetration tests, companies like AuditBoard and GoTo are staying ahead of emerging cyber threats and better safeguarding their sensitive data and assets.

Overall, the emphasis on dynamic authentication methods and ongoing vulnerability assessments highlights the importance of adopting a proactive approach to cybersecurity. In a constantly evolving threat landscape, organizations must adapt their security practices to effectively mitigate risks and protect against cyber threats. By embracing dynamic security measures, companies can enhance their security posture and strengthen their resilience against evolving cyber threats.

Source link

Latest articles

Detecting Misuse of Fast Flux DNS with Ease

Last week, a series of cybersecurity incidents and breaches were reported around the world,...

Cyberhaven Secures $100M Funding for AI Security

Silicon Valley-based data security startup Cyberhaven has successfully secured $100 million in its Series...

SolarWinds Introduces New Incident Management Tool from Squadcast

SolarWinds, a prominent IT service management and observability tools company, recently made headlines with...

Hacker Alleges Data Breach of Twilio’s SendGrid, Offers 848,000 Records for Sale

The recent claim by a hacker going by the alias Satanic has caused a...

More like this

Detecting Misuse of Fast Flux DNS with Ease

Last week, a series of cybersecurity incidents and breaches were reported around the world,...

Cyberhaven Secures $100M Funding for AI Security

Silicon Valley-based data security startup Cyberhaven has successfully secured $100 million in its Series...

SolarWinds Introduces New Incident Management Tool from Squadcast

SolarWinds, a prominent IT service management and observability tools company, recently made headlines with...