Issue OverviewInformation Security magazine - May 2014 Vol. 16 / No. 4
The Fast Identity Online (FIDO) standards reached the public draft stage in February, and the first deployments of FIDO-ready technologies followed in April. As industry players such as Google, Microsoft and RSA work on stronger authentication methods that strive to keep personally identifiable information on the client, how will the evolution of two-factor authentication affect enterprise technologies? We look at the security implications of the open FIDO specifications and a range of emerging FIDO-ready technologies that can help security professionals track key developments as adoption of password-free authentication moves a step closer.
We also report on the evolving roles of CISOs after the Target breach, and renewed calls for federal legislation on data collection and breach notification. Columnist Marcus Ranum interviews Georgia Weidman about pen testing and network compromise. Access >>>
Premium Content for Free.
Beyond the Page: Is Fast Identity Online in your future?
by David Strom, Contributor
This Beyond the Page explores the evolution of two-factor authentication and a range of emerging FIDO-ready technologies.
Another call for federal data privacy laws
by Randy Sabett
The patchwork of state laws has not slowed epic data breaches. Will we see federal data breach notification laws in 2015?
- Beyond the Page: Is Fast Identity Online in your future? by David Strom, Contributor
Password-free authentication: Figuring out FIDO
by David Strom, Contributor
Will open FIDO standards for better interoperability of next-generation authentication technologies actually work?
Filling the CISO role: Is there any reason enterprises shouldn't?
by Brandan Blevins, News Writer
In the wake of the Target breach, many companies still don't have a dedicated CISO.
- Password-free authentication: Figuring out FIDO by David Strom, Contributor
Main Street forces new avenues to security and data privacy laws
by Kathleen Richards, features editor
Can the technology industry solve cybersecurity and data protection issues without federal legislation?
Marcus Ranum and Georgia Weidman hack into cyberdefense
by Marcus J. Ranum, Contributor
Are critics of the penetration test wrong? Find out what breaking and entering your enterprise network can reveal about the state of your security.
Advanced persistent threats: Has the industry moved on?
by Robert Richardson, Editorial Director
APT gives new meaning to targeted attacks that often rely on low-tech tactics and flawed network security.
- Main Street forces new avenues to security and data privacy laws by Kathleen Richards, features editor
More Premium Content Accessible For Free
Unified threat management aspires to the enterprise class
Unified threat management (UTM) long focused on small and medium-sized businesses, but now it's climbing the ladder and attempting to become ...
Threat intelligence and risk: Why cybersecurity hangs in the balance
As more security professionals take on greater roles in global risk management, Global 2000 companies are investing in cybersecurity measures above ...
How to respond to the latest distributed denial-of-service attacks
All indications show that DDoS attacks are increasing in variety, number and size. No network system is immune and information security pros can't ...