Passwordless Authentication


Downgrade Attacks: When Even Strong Authentication Can Be Tricked

FIDO-based passkeys (like hardware keys, biometrics, or “passwordless” logins) are considered one of the best ways to protect accounts from phishing and takeover threats. They’re strong because they don’t rely on passwords or codes that can be easily stolen. But researchers at Proofpoint have found a new trick called a “downgrade attack.” Here’s how it […]


Simplicity Wins

The Criticality of Reducing Complexity in Cybersecurity For decades, the cybersecurity industry has been building increasingly sophisticated security architectures in an effort to keep up with the burgeoning business of cybercrime. The problem is … Well, it’s complicated! The complexity — of our approach AND our solutions — is arguably the biggest issue in Cyber […]


Cybersecurity: Prevention is Better Than the Cure

Why Proactive Security Matters The principle that “prevention is better than cure” holds true across many fields, but it is especially relevant in cybersecurity and risk management. As organizations face increasingly complex threats, the advantages of a prevention-first approach become clear. In today’s digital landscape, companies of all sizes face relentless cyber threats. While vulnerability […]


Strengthening Cybersecurity in Uncertain Times – More Critical Than Ever

strenthening cybersecurity in uncertain times


Google to Replace SMS with QR Codes for Gmail Authentication

A Step Forward Google recently announced it will move from SMS to QR code-based authentication for Gmail accounts. This marks an important shift for cybersecurity, and further validation that companies and individuals are going to have to get beyond Traditional or Weaker security. But is this the best we can do? A Step Toward Stronger […]


How to Phish-Proof Your Login

Across the Enterprise You’ve heard it before: Phishing is the #1 method used by cybercriminals to gain access to your digital valuables. Today, according to CSO Online, 80% of reported security incidents are caused by Phishing. We’ve also heard from CISA and others that MFA is the holy grail for cybersecurity. But then last week, […]


When Cybersecurity Gets Personal 

I was a Victim of the Change Healthcare Breach -By Herbert Spencer – TraitWare Sometimes it’s frustrating being an innovator in cybersecurity. A few days ago, I received a letter from Change Healthcare, notifying me that my personal information had likely been compromised in a recent data breach – the one that affected millions of […]


Secure by Design

TraitWare Signs the Secure by Design Pledge, Joining in CISA’s Quest for Strong Security for All. In April 2023, CISA launched the Secure by Design initiative with the participation of other national and international organizations. This attempts to shift the responsibility of security from the consumer to the technology manufacturer. As part of their ongoing […]


Privacy & Cybersecurity Compliance Deadlines – 2024

What Privacy and Security Mean for Companies With Data Privacy Week coming up soon, we’re thinking about the important symbiotic relationship between privacy and security, and ahead to some pending deadlines for cybersecurity and privacy compliance. How can company leaders best navigate the waters and enjoy peace of mind? Here are a few upcoming privacy and security […]


Here are Risks and Solutions of Identity Account Takeover

OFFER ISRAELI GVP & GM, Identity Threat Defense, Proofpoint recently  wrote: “Attackers are increasingly focused on privileged identity account takeover (ATO) attacks because they can compromise organizations much more easily and quickly this way, as compared to the time, effort, and cost to exploit a software vulnerability (a common vulnerability and exposure or CVE). And […]


Cyberattack: Where the Blame Goes. And Where Kudos Belong

There have been so many articles and posts about the recent Securities Exchange Commission (SEC) lawsuit against SolarWinds and their #ciso – and plenty written about recent breaches via the Okta platform. So much has been said about how attackers used social engineering to lure users to give up information or reset accounts. …  Still, I feel like […]


Cybercrime in Schools

WHY SCHOOLS ARE PRIME TARGETS FOR CYBERATTACK, AND HOW WE CAN DO BETTER TO PROTECT THEM The University of Michigan was in the news recently following a cyberattack that caused an internet outage across all campus networks, eventually requiring password resets for all users. This is just one event amid a series of cyberattacks on […]