dcsimg

How Can We Prevent Employees Violating Security Policies?

Employees violate security policies on a regular basis, hence why the majority of data breaches are caused by insiders, in some way or another. Sure, sometimes security incidents are caused by disgruntled or opportunistic employees; however, most of the time the motives are less suspicious. So, what are the main reasons employees violate security policies? 1. A Lack of Security Awareness Training … [Read more...]

Why Cybersecurity Security Isn’t Just an IT Problem

This shouldn’t be a problem that we have to discuss but unfortunately the state of modern-day cyber-security prevents us from staying quiet on the topic. Studies show us that although mass attacks have slowed, smaller, more targeted attacks have been increasing dramatically over the last few years, with targeted phishing even becoming a paid-service. The volume of spam you probably get into your … [Read more...]

How Enterprises are Making Use of User & Entity Behavior Analytics (UEBA)

One of the most important ways to address your cybersecurity in today’s threat landscape is to ensure you know how your users are interacting with your sensitive data. By sensitive data, we’re referring not just to data containing company secrets or financials, but also to consumer and employee data. Personally identifiable information (data containing credit card numbers, addresses, names etc.) … [Read more...]

Tips to Protect Office 365 Data Against Ransomware

Ransomware remains a formidable threat to organizations worldwide. According to a recent survey conducted by Bitdefender, 75% of respondents experienced up to 5 attacks in the last 12 months alone, and organizations accounted for 42% of all ransomware infections. Though cyber-criminals have always targeted Microsoft products, the rapid growth in the popularity of Office 365 has made it a #1 target … [Read more...]

Ransomware VS Cryptojacking

Cryptojacking is a relatively new technique which enables cyber-criminals to illegally “mine” cryptocurrencies on both vulnerable web servers and unsuspecting users’ devices. Cryptocurrency mining is the process by which cryptocurrency “coins” are created. In simple terms, miners use computational resources to perform calculations, which involve iterating through billions of random inputs, … [Read more...]

The Hidden Costs of a Ransomware Attack

When considering the costs associated with a ransomware attack, we tend to assume that the greatest expense is paying the actual ransom. However, this isn’t necessarily the case. There are a number of hidden costs relating to things like forensic investigations, restoring backups, down-time, damage to reputation, lawsuits and fines. It should be noted that it’s generally not a good … [Read more...]

Why it is Important to Know Where Your Data Flows

Under the GDPR, organizations are required to institute measures that enable them to closely monitor the movement of personal data throughout its life-cycle. They must establish a profound understanding about how and why sensitive data is being processed and stored. It would be inadmissible for companies to not know where their valuable physical assets are located. Yet, despite being referred to … [Read more...]

What CISOs Can Learn from the Yahoo Data Breach Fine

In April of this year, the U.S. Securities and Exchange Commission (SEC) released the news that Yahoo! (Altaba) have agreed to settle a $35 million fine for failing to publicly disclose a data breach within an acceptable time limit. This is fairly historic, as it is the first time that the SEC have enforced a financial punishment for this sort of failure, claiming that it broke numerous federal … [Read more...]

HIPAA: The Difference Between the Privacy and Security Rules

The Health Insurance Portability and Accountability Act (HIPAA) was first put in place in 1996 and developed to be the standard for ensuring the protection of sensitive patient data. It is divided into two separate rules that work in conjunction with each other to ensure maximum protection; the Security rule and the Privacy rule. The Difference Between HIPAA Privacy and HIPAA Security Both the … [Read more...]

14 Mistakes Companies Make in Preparation for GDPR

I think it’s fair to say that most organizations are still struggling to understand exactly what is required of them when it comes to GDPR preparations. There is a lot of misinformation out there surrounding this topic and it can be easy to just ignore the mandate and keep your fingers crossed that it will all be OK. Obviously, this is not the way to go about it. We’ve had … Read more … [Read more...]