Why Transparency and Traceability Are Important Traits for Data Security

Knowing what data we have, where it is located, how it is being accessed, and by who, is crucial to ensure that we are able to adequately protect it. We need as much transparency as possible into the security controls that are in place, and whether or not those security controls are effective. Having visibility into all areas of our system, enables us to be more proactive, rather than reactive. … [Read more...]

13 Compliance Requirements for Criminal Justice Information Services (CJIS)

The Criminal Justice Information Services (CJIS) is the largest division of the United States Federal Bureau of Investigation (FBI), and is comprised of several departments, including the National Crime Information Center (NCIC), Integrated Automated Fingerprint Identification System (IAFIS) and the National Instant Criminal Background Check System (NICS). CJIS provides law enforcement agencies … [Read more...]

COVID19 Is Playing Havoc with Anomaly Detection

Normally, if an organization deployed a Data Security Platform with some sort of anomaly detection capabilities, usually backed by machine learning or artificial intelligence, they could leave it running for a few weeks to learn what normal behavior looks like. After the learning period, anything that went against this “normal” could be called an anomaly and be addressed accordingly. Companies … [Read more...]

Why Business Email Compromise is a Huge Risk to Data Security in 2020

Business Email Compromise (BEC), formally known as the “man-in-the-email” scam, is a type of cyber-attack whereby the attackers use fraudulent emails to trick unsuspecting victims into transferring money to their bank account. In some cases, the attacker may seek to obtain sensitive data instead, which they can use for other criminal activities. The average daily volume of BEC emails … [Read more...]

What is the New York SHIELD Act? How to Be Compliant

Since the advent of the GDPR, a number of data protections laws have started to spring up that are following a similar type of theme. Of course, given that 4.1 billion records were breached during the first half of 2019, it was really just a matter of time until the authorities were forced to step up their game. On the 28th of June, 2018, we saw the California Consumer Privacy … Read … [Read more...]

Key Data Privacy Issues and Trends for 2020

Data privacy is undoubtedly going to become more of a priority for consumers in 2020, and it should therefore be on the top of your list of priorities to address. Government regulations have already forced many businesses to take a long hard look at how they approach data privacy, at it’s likely that newer, more stringent regulations will be implemented over the next decade. In this article, we … [Read more...]

Complying with Data Security Regulations Doesn’t Mean Your Data is Secure

Data protection regulations such as HIPAA, PCI-DSS and SOX, have unquestionably made an impact on the way organizations protect their sensitive data. However, unlike the GDPR, the average person has probably never heard of them. Since the advent of the EU General Data Protection Regulation (GDPR), business executives have been under increasing pressure to get their house in order and clean up … [Read more...]

How Lepide Addresses the Gartner Top 10 Security Projects for 2019

In February of 2019, Gartner published their list of the top 10 security projects for 2019 – a list of security projects that security and risk management leaders need to consider implementing in order to reduce risk and achieve compliance. As organizations grow and become more complex, the prospect of introducing new security projects whilst maintaining existing ones can be daunting. Brian Reed, … [Read more...]

The Lepide Guide to California Consumer Privacy Act (CCPA) Compliance

The California Consumer Privacy Act (CCPA) is a new data protection bill that will come into effect on the 1st of January 2020. The CCPA is designed to give Californian citizens more control over how their personal data is stored and processed. Under the CCPA, companies must demonstrate that they are able to identify, delete or quarantine personal data in a timely manner, as per the data subjects … [Read more...]

Enabling People to Own Their Data Doesn’t Mitigate Privacy Concerns

With increasing concerns about data protection and privacy, there has been a lot of talk about the importance of enabling people to own their own data. What does this mean? Let’s take Facebook as an example. A user will register with the platform and fill out some basic information about themselves. After that they will likely start adding friends, posting updates, uploading photos, and so … [Read more...]