A staggering 44% of CISOs were unable to detect a data breach in the last 12 months using existing security tools. Moreover, nearly three-quarters (70%) of CISOs feel their current security tools are ineffective at detecting breaches due to limited visibility. These were two of the findings of a recent report from Gigamon that surveyed more than 1000 global security and IT leaders. Modern cybersecurity is about differentiating between acceptable and unacceptable risk,” says Chaim Mazal, CSO at Gigamon. “Our research shows where CISOs are drawing that line, highlighting the critical importance of visibility into all data-in-motion to secure complex hybrid…
Author: Josh Breaker Rolfe
The Court of Justice for the European Union (CJEU) has ruled that Meta Platforms, the owner of Facebook, must minimize the amount of people’s data it uses for personalized advertising. “An online social network such as Facebook cannot use all the personal data obtained for the purposes of targeted advertising, without restriction as to time and without distinction as to type of data,” the CJEU said in a ruling last Friday. The ruling comes in response to a complaint made by privacy campaigner Max Schrems, who said he was targeted with adverts aimed at gay people despite never sharing information…
Ten years ago, ransomware actors mainly worked alone or in small groups, targeting home computer users through spam emails to encrypt personal files and demand relatively small amounts of cryptocurrency for their safe return. Today, many ransomware gangs operate like legitimate businesses, boasting hundreds of staff, targeting some of the world’s largest organizations, and collecting millions of dollars in ransom payments. However, some ransomware attackers are beginning to focus on individual users. This is a growing trend. A recent report from Chainalysis found that payments to ransomware gangs under $1000 increased significantly throughout 2022/23, with gangs like Dharma and Djvu…
Interoperability is the lifeblood of the modern healthcare sector. Effective patient care relies on the ability of disparate healthcare systems, devices, and applications to seamlessly access, exchange, and ultimately use data; without interoperability, this would not be possible. A failure of interoperability in a healthcare environment can have enormous consequences, ranging from the financial – such as increased healthcare costs – to the existential – including medication errors that put lives at risk. The Importance of Interoperability in Healthcare Before the introduction of electronic health records (EHR), the healthcare sector was, in many ways, unrecognizable from the one we know…
The past decade has been incredibly important for Security Operations Centers (SOCs). Technological advances, changes in attitudes, and a rapidly evolving threat landscape have completely transformed how SOCs operate, helped analysts and managers overcome many challenges, and kept attackers at bay. Let’s look at how. Automation and Orchestration The first transformative SOC development in the past decade came in the early 2010s when automation and orchestration technologies were integrated. This development coincided with a sharp increase in cyberattack volume and sophistication, prompting cybersecurity professionals to seek a more efficient and proactive approach to security incident management. By integrating automation and…
Stay in the Loop on Emerging and Evolving Email Threat TrendsIn today’s fast-paced digital world, it seems the only constant is change. Advances in technology lead to more sophisticated cyberthreats and more sophisticated defenses, making for a sort of arms race between cybersecurity experts and cybercriminals. This is why it is always important for cybersecurity and infosec professional to keep themselves informed on the digital landscape and threat trends. VIPRE Security Group has published their Email Threat Trends Report for Q1 of 2024, examining the most common, pressing, and harmful threats delivered via email. Using over 25 years of malware…
Securing data relies upon making sense of it. To achieve this, organizations rely on two key concepts: Data Mapping and Data Lineage. While these terms are often used interchangeably, they refer to distinct processes with different objectives and implications. This article will explore the differences between Data Mapping and Data Lineage to help you better understand their roles and significance in data management. What is Data Mapping? Data Mapping defines how data elements from one system or source correspond to data elements in another method or destination. It is the blueprint for data integration, enabling organizations to transfer data seamlessly…
REST and SOAP APIs are the two most common application protocols that define how to build application programming interfaces (APIs). While they share some similarities, there are critical differences that organizations must understand to secure their REST and SOAP APIs properly. What is SOAP? Simple Object Access Protocol (SOAP) is a message protocol that allows applications built with different languages and on other platforms to communicate. Designed to be flexible and independent, SOAP enables developers to add features and functions to SOAP APIs regardless of their language. While SOAP imposes rules that increase complexity and overheads, resulting in slower load…
In today’s rapidly evolving digital landscape, organizations face an ever-increasing number of cybersecurity threats. Among these, insider threats are among the most challenging and potentially damaging. Insider threats are the intentional or unintentional misuse of an organization’s assets, systems, or data by individuals within the organization. These individuals may include employees, contractors, or business partners with legitimate access to sensitive information. Modern Data Loss Prevention (DLP) solutions have emerged as a crucial defense mechanism against such threats, helping organizations safeguard their data and prevent potential breaches. This article delves into the concept of insider threats, explains DLP, and explores how…
Data breaches can be incredibly costly. Be it lawsuits, regulatory fines, or a fall in stock price, the financial consequences of a breach can bring even the largest organization to its knees. However, in the face of economic damage, it’s too easy to overlook the vast reputational impacts that often do more harm to a business. After all, it’s relatively easy to recoup monetary losses, less so to regain customer trust. In recent years, data loss prevention (DLP) solutions have emerged as a viable option for many organizations to prevent data breaches. This article will examine the potential reputational damages…