Security Policies CISOs Must Implement

Let’s face it, CISOs have a lot of weight on their shoulders. They are required to design, implement and enforce security policies with little praise for their efforts. Should something go wrong, and the entire system falls to its knees, they are generally expected to accept full responsibly for the incident. The truth is, however, that data security is everybody’s responsibility. … [Read more...]

The Danger of Delayed Threat Detection and How to Prevent it

Organizations are routinely failing to identify cyber-security attacks until it is far too late. According to the 2016 SANS Incident Response Survey, approximately 21% of respondents said that they could typically detect a cyber-attack within 2 to 7 days, while 40% said they could detect a security incident in less than 1 day. Approximately 2% of respondents reported that their average “dwell … [Read more...]

5 Steps for Developing a Successful Data Access Governance (DAG) Program

Unstructured data (which includes emails, PDFs, documents, presentations, intellectual property and any other data that may exist beyond the scope of your application or database) is fast becoming a prime target for cyber-criminals. To ensure that your unstructured data is sufficiently protected, you will need a Data Access Governance (DAG) program. A common issue, however, is that organizations … [Read more...]

Data Classification: The Why’s and the How’s

Data Classification is simply the process of organizing data based on a set of pre-defined categories. Since organizations have limited resources, it is important for them to know exactly where their most sensitive data is located, in order to be able to allocate those resources in the most effective manner. One of the issues with data classification is that it’s not always easy to know … [Read more...]

Healthcare & Public Administration Still Plagued by Insider Threats

According to the 2018 Verizon Data Breach Investigations Report, healthcare “is the only industry vertical that has more internal actors behind breaches than external”. Healthcare service providers have come under a lot of scrutiny in recent times due to repeatedly failing to protect the data they hold. While such scrutiny is both understandable and ultimately necessary, healthcare providers have … [Read more...]

How Would Your Organization Fare if Faced with This Data Security Issue?

This blog is based on a true story – names have been changed to protect the innocent. Late one Friday afternoon Nigel, a Senior Executive, gets a panicked phone call from the Head of Customer Services, Steve. Steve says one of his regular customers is on the phone claiming Steve’s company are the source of a breach that has led to his credit card details being fraudulently used. The customer … [Read more...]

Have You Left It Unlocked with The Keys In?

If you were placed in charge of your boss’ Ferrari, you’d make damn sure you knew where the keys were at all times. If anyone asked to so much as look at the car, you’d be on edge and watching them closely. You’d make sure it was always somewhere safe. You wouldn’t leave the keys in the staff canteen unguarded, and you certainly wouldn’t let the new hire in the … Read more … [Read more...]

How to Manage Privileged Users for Better Security and Compliance

Over the last few years we have seen a shift in the requirements set out in compliance mandates in an attempt to combat the increasing frequency and severity of data breaches. For example, in February of this year, PCI DSS (the compliance standard aimed at protecting payment card information) best practices were made mandatory. This was in an attempt to ensure that merchants and service providers … [Read more...]

How CISOs are Adapting to Meet the Rising Threat of a Cyber-Attack

CISOs are faced with a seemingly impossible task, as cyber-attacks are evolving faster than their ability to improve their defences. A recent survey, carried out by Ankura, shed some light on the way in which corporations are adapting to meet the demands of the evolving threat landscape. The survey involved 30 industry experts from a range of industries, including finance, healthcare, insurance, … [Read more...]

How to Prevent Data Breaches in the Healthcare Sector

In today’s world, healthcare data is spread across the cloud, end points, within the organizational network, applications, IOT and other places. As shown in a report by KPMG, there has been a significant rise in cyber security breaches around sensitive data. As per the report, 47% of healthcare providers and health plans faced violations of HIPAA compliance (Health Insurance Portability and … [Read more...]