“Comprehensive security should be built in or enabled by default” — a statement implored by Patrick Optet, CISO at JP Morgan Chase. In an open letter to their third-party providers, Optet points out an erosion of strong authentication and authorization practices as software providers prioritize speed of development over security. Complexity is the reality for organizations of all sizes. With an ever-distributed supply chain and increasingly modern software demands, security controls exp...
