What COVID-19 Means for Digital Transformation

Let’s face it, 2020 hasn’t got off to a great start. The coronavirus pandemic, which has so far infected more than 550,000 people globally, has forced Governments across the globe to effectively shut down large parts of their economies, with citizens in many countries being required to stay at home. The travel industry has been badly damaged due to the travel restrictions, and … [Read more...]

The CIO Security Checklist: Questions to Answer

Some larger companies will employ both a Chief Information Officer (CIO) and a Chief Information Security Officer (CISO). They are both responsible for protecting and managing sensitive data, although the role of the CIO is much broader. The role of the CISO is to ensure that proper controls are in place to protect the company’s digital assets, while the role of the CIO is to ensure that the … [Read more...]

Preparing for a SOC Audit – A Checklist

Have you ever received a SOC audit request and wondered where on earth to start? Maybe you’re even performed SOC audits in the past, but you weren’t thrilled with the results. Either way, it’s always a good idea to brush up on the requirements for SOC audits and how best to prepare for them. In this blog, we will go through what is required from SOC 1, SOC 2 and … Read more The post … [Read more...]

The Devastating After-Effects of a Data Breach

Are you confident that your organization would not experience a data breach? If I were you, I wouldn’t be. Recent studies have confirmed that 88% of organizations in the UK were breached last year in some way, shape or form – and the USA is doing no better. The consequences of the breaches vary drastically, with some breaches being imperceptible from the inside. It’s very possible that you have … [Read more...]

What is Credential Stuffing and How Can We Prevent a Credential Stuffing Attack?

Credential stuffing is a type of cyber-attack where cyber-criminals steal login credentials from one system and try to use them to gain access to user accounts on another. This is only possible because people have a tendency to re-use login credentials on multiple websites and applications. Credential stuffing is becoming increasingly more popular, largely due to how simple and effective it is. In … [Read more...]

What is the NYDFS Cybersecurity Regulation and How Lepide Helps

Back in 2017, the New York State Department of Financial Services (NYSDFS) brought forward a cybersecurity regulation aimed at the financial industry. The GDPR-like regulation includes incredibly strict requirements for reporting data breaches and limiting data retention. There are a few commonalities with the NYDFS Cybersecurity Regulation and other well-known regulations, including controls for … [Read more...]

Keeping Unstructured Sensitive Data Secure in the Cloud

77% of companies use at least one cloud-based service, according to an article by Forbes, and it’s inevitable that the adoption of cloud solutions will continue to grow. Why? Because cloud services are scalable, flexible, easy-to-use, and can save businesses money in the long-term. However, cloud services present a number of security issues relating to the way data is accessed and used, … [Read more...]

What to Look for When Monitoring File Activity on File Server

Monitoring file activity is not as straight forward as it sounds. After all, in order to detect and respond to suspicious or troublesome file activity, we need to know in advance what it is we are actually looking for. Below are 8 of the most common scenarios that can compromise either the security or integrity of our critical files, along with a brief summary describing how LepideAuditor can help … [Read more...]

10 Ways to Prevent Phishing Attacks

Phishing scams are one of the most common methods of attack you’re likely to come across. They are a hugely profitable attack method for cybercriminals, as thousands fall victim to them every year. Fortunately, due to their commonplace nature, phishing scams are avoidable if you know how to correctly identify and prevent them. Here are 10 simple steps to identifying and preventing phishing scams … [Read more...]

Does the UK Have Issues Employing and Training Cybersecurity Professionals?

The UK government recently launched a second audit of the cybersecurity labor market in order to find out whether organizations are failing when it comes to hiring and training cybersecurity professionals. Companies in both the public and the private sector were chosen at random to participate in the audit, with the aim being for the audit to affect future government policies to overcome the … [Read more...]