Given the amazing rash of hacks and ransomware attacks over the years - many enterprises are now either considering or beefing up their security audits.   But are we getting full value out of these audits - what are we missing? 

Lending his expertise is Dmitriy Sokolovskiy,  Cyber and Start-up Advisor

So contact us at YouAttest - we will address your identity audit concerns -  https://youattest.com/contact/

Segregation of Duties (S.o.D) is a KEY requirement for identity security and compliance. It is a principal requirement for a secure enterprise to fight against insider theft and to combat fraud.

But how to automate, repeatedly, across all of your identity resources in a simple, deployable manner? And to execute without a seven figure budget?

YouAttest has the answer. With its simple identity plug-in into ALL leading IAM solutions - YouAttest allows your risk managers (internal and external) to run S.O.D reports on all your enterprise resources.

To kick off the discussion and to inform all of the importance of S.o.D. YouAttest invites the esteemed GRC and compliance expert, Shannon Noonan, CEO of HiNoon consulting, LLC.

YouAttest automates the audit of access privileges for all your resources - cloud and on-premise. Contact us and we’ll help with your access review problems:  https://youattest.com/contact/ or [email protected]

“Insider Threat” is always a topic - and it became even more of a topic with the recent hacks.

Why is it such a problem? What tools can be used to mitigate - and what practices should be implemented? This is reviewed in this short video on the topic.   

Lending his expertise is Carrie Jabs,  Cyber and Compliance Specialist.  She can be reached at:    / carrie-braun-jabs-9790521 

So contact us at YouAttest - we will address your identity audit concerns -  https://youattest.com/contact/

The past months have brought us more than just the infamous MGM identity hack - unfortunately much more. Identities themselves are no longer the target now it’s the entire identity infrastructure.

To discuss these hacks we have security expert Paul Feather from Compu-netics and security expert Craig Guinasso. YouAttest’s own CEO, Garret Grajek will join in the discussion.

These are indeed scary stories - but the guest will also discuss counter measures!

And to keep your permissions in check - ensure your identity entitlements w/ YouAttest.

To learn more about YouAttest and how we can help your identity audits, contact us at [email protected]

Enterprises of all sectors are at the end of their ropes dealing with cyber attacks, ransomware and data breaches. Their only recourse is to hand off more of the cyber duties to outside services.

The managed services, e.g. the MSPs and MSSPs, need to step up. But are they?   

We have one of the leading thought leaders in the managed service space, Eldon Sprickerhoff, sharing his insights. Eldon founded and led one of the first MDR (Managed Detection and Response) services.

To learn more about YouAttest and how we can help with your identity audits, contact us at [email protected]

AWS is the premier IAAS vendor - AWS is the basis of most enterprise cloud strategy.   

To help us understand the important of AWS and AWS entitlements the video has Raj Sawhney, Managing Director, IT and Internal Audit, Cybersecurity and Business Process at CDW.

But what roles have been created?  Who has access?   What is the identity security posture of the enterprise AWS server and services?   This is not a question easily answered.

But it needs to be.   According to  Palo Alto’s Unit 42 - their threat research group, say 99% of accounts in the cloud ar overly permissive./

YouAttest walks through how customers are using YouAttest to audit their access to AWS.  This video show how YouAttest can be utilized by the risk manager and/or security manager to execute a Access Discovery on the AWS resources. 

That is YouAttest - automating the audit of access privileges for all your resources - cloud and on-premise. Contact us and we’ll help w/ your access review problems:  https://youattest.com/contact/

Search has been big business for 30 years - and no one is bigger in the search industry than Google.    

But with new advances in AI, especially around LLM (Large Language Models), with working examples like Open AIs ChatGPT - is the dominance of Google over? Is there room for new search engines - and could the current Google-type search industry days be numbered?

And where do the LLMs fit in search?

To shed light on this topic, YouAttest interviewed David Novick, search, cyber and marketing expert and author of “The Future of Search: Exploring AI's Potential to Surpass Google”.
 
Garret Grajek, CEO of YouAttest, will round out the discussion on securing AI and AI data models. 

Data security is foremost on everyone minds w/ ransomware and data attacks occurring daily.

But what can be done to secure data? And what role does IGA, identity governance, play in the fight against attacks on data?

To shed light on this topic, YouAttest interviewed MIchael Andrewes, a cybersecurity, governance and risk expert, on identity governance relates to data security - on an on-going basis.  https://www.yastis.com/

Need to automate your identity audits?  Contact us at YouAttest - we will show you how -  https://youattest.com/contact/

The world is finally becoming aware of the danger of excess privileges and unmanaged users. These are the accounts that the attackers love to take over and then stay resident in our enterprises and exfiltrate data while going undetected.

NIST, the National Institute of Standards and Technology, has created a concept to remedy this situation. They label it the Principle of Least Privilege (NIST CSF 1.1. PR.AC-04, NIST CSF 2.0 PR.AA-05), which guides companies to limiting logical, physical & system access to specific job functions. 

To get the word out - the U.S. has created CISA - the Cybersecurity and Infrastructure Security Agency to explain, promote and create dialogue on important cyber principles. The #AuditTuesday series is privileged to have one of their cyber advisors, the esteemed Donald E. Hester, to discuss the principle of least privilege and why CISA has itemized it in multiple documents including: The #StopRansomware Guide and the Zero Trust Maturing Model.  

Karina Klever, Cyber and Risk Management expert, and CEO of Klever compliance,  will round on the speaker panel with real "use cases" of how the Principle of Least Privilege is used (and to an enterprise's cost) not used in accounts.

The discussion will also include 13 U.S. patented Garret Grajek who will explain how YouAttest enables enterprises, big and small, to meet the principles of least privilege.

To learn more about YouAttest and how we can help secure your identities, contact us at [email protected]

Identities are the #1 cause and mechanisms for hacks - malware insertion, ransomware and data exfiltration.

We discuss this w/ Kevin Moss, a Financial Services expert - specializing in risk management for Fintechs and banking institutions.

Kevin Moss is an industry practitioner, board member and advisor. He was Chief Risk Officer at SoFI.. He was previously Executive Vice President and Chief Risk Officer responsible for managing Credit, Compliance, and Operating Risk for the Wells Fargo Consumer Lending Group.   Moss joined Wells Fargo in 1998 and brings 38 years of banking and financial services experience to his current role as a Board member and Advisor in the Lending and Payments space. Prior to being appointed CRO, he was the business manager for the National Home Equity Group.  Kevin was also Chief Credit officer for the Home and Consumer Finance Group, in addition to leading the Consumer Risk Management team, helping Wells Fargo manage the credit and fraud risk in the organization’s Card Services and Deposit/Debit businesses.

Need to automate your identity audits?  Contact us at YouAttest - we will show you how -  https://youattest.com/contact/