Key Takeaways from the Microsoft Exchange Breach
The recent attack on Microsoft Exchange, which seems to have affected anywhere from 30,000 to 60,000 or more organizations, appears to be far more impactful than just email. In fact, it’s extremely alarming across the whole industry supply chain given the types of affected entities from central banks to government ... Read More
What Will be the Primary Drivers of Cybersecurity Investment in 2021?
When looking back to the beginning of 2020, we can agree that the world is now in a very different place. The COVID-19 pandemic has swept across the world, bringing about changes that have impacted the way we live currently and will for years to come. By looking back, we ... Read More
How FinTechs can Avoid Data Spills from the Cloud
This recent story on TechRadar illustrates precisely the problem of data security and risk governance faced by enterprises today in the vastness of their accelerated digital transformation. Clearly, the data in question is regulated under a variety of rulings – GDPR being the most obvious, but as this is insurance ... Read More
What can we learn from the SolarWinds Breach?
SUMMARY: CISO’s and C-level leaders around the world need to look at the exposure risk of sensitive data in their organizations when attackers can infiltrate and control its IT network like in the recent Solarwinds breach scenario. While dramatic and concerning, the compromise also creates the opportunity to engage in ... Read More
How do you Protect Sensitive Data if you Can’t Even Locate it?
Knowing what risks impact your business can give security professionals a deeper grasp of what data protection tools are required to effectively protect data stored within the perimeter. However, a major obstacle to mitigating risk and protecting sensitive data is that in many organizations, no one can say precisely where ... Read More
Pandemics Create New Attack Opportunities in Travel and Hospitality
Hospitality and travel data breaches in a pandemic create new risks and threats to citizens on a global basis. Data breaches from airline, travel, and hospitality IT and cloud platforms present a potential worst case risk in the current climate. A common pattern in pandemic management today relates to travel ... Read More
How to Pass the Test of “Reasonable Security” When It Comes to CCPA
Today, we see a third CCPA class action in short order, which points to very specific claims of security failure against the CCPA regulation. This time, it affects 73 million records – that’s pretty significant. While CCPA compliance focuses on citizens’ data privacy as a whole, which includes processes to ... Read More
Is the US Ready for Centralized Data Privacy Enforcement?
The recent news about a proposed bill to create a central data privacy enforcing body shines another spotlight on the high-risk, high stakes shifting ground that many businesses operate their engines of growth on – consumer data collection, analysis, and retention. The news will no doubt be a hot topic ... Read More
Compliance Headaches and How to Avoid Them
We are in a perfect storm. Data breaches keep happening, cyberattacks are getting more sophisticated and consumers’ awareness of these risks increases daily. It’s therefore no surprise that policymakers are cutting through this noise by implementing progressively more stringent data privacy laws. 2018 marked key milestones for several new regulations ... Read More
Has storage and server encryption kept pace with modern IT to adequately reduce risk?
Storage and server vendors seem to be stuck with the historical mindset of traditional data-at-rest encryption. Data from applications is exposed while in-use, but sits blissfully protected at-rest, only to be again exposed to a potential breach when applications need to access it once again. This is a recipe for ... Read More