Best Practices for Securing Your Employee Data

Organizations have a responsibility to protect their employees’ personal data. But how can they be expected to succeed if the employees themselves are not well-informed about security best practices or given the necessary tools to secure their data? Employees may heedlessly scatter their sensitive data across drives, devices, emails, and documents – often in the most overt locations. Should this … [Read more...]

5 Ways to Secure Electronic Health Records

The number of Electronic Health Records (EHR) being lost or stolen is increasing year on year, despite the best efforts of healthcare organizations and the increasing strictness of HIPAA compliance. According to the HIPAA journal, January alone saw just over half a million records breached. Now, half a million records may not sound like much compared to other breaches, such as social media … [Read more...]

Cyber-Security Best Practices: Employee Training Techniques That Stick

At Lepide, we are always pushing the idea that employee training is the best way to raise awareness about cyber-security issues and mitigate the risks of your organization being affected by a cyber-security attack. But, as many department-heads and managers know, this is far easier said than done – especially when it comes to IT security. Simply telling your employee that they need to change their … [Read more...]

Why Education Institutions Need to Pay Attention to Insider Threats

Insider threats are by no means limited to the education industry, but organizations within this sector seem to have a particularly tough time dealing with them. This could be down to a number of factors. Educational institutions have large numbers of employees that have access to the sensitive information of both other employees and students. Research also suggests that privileged users in … [Read more...]

Reddit: Is SMS-Based Authentication Really Secure?

Recently, Christopher Slowe, announced that between June 14th and June 18th, Reddit experienced a breach that affected personal data, messages, passwords, email addresses and more. Reddit typically uses two-factor authentication to secure their user accounts. One step of that authentication involves sending an SMS text message with a unique code to login with. Hackers were able to intercept these … [Read more...]

Most Healthcare Organizations Can’t Recover from Data Breaches

According to the 2018 Horizon Report, by Fortified Health Security, “over 40 percent of consumers would abandon or hesitate to use a health organization if it had been hacked”, and that “many healthcare organizations could not survive the financial ramifications associated with declining patient volume”. Healthcare organizations are faced with a particularly complex challenge, to which … [Read more...]

5 Methods for Better Insider Threat Prevention

I’m sure you already know by know what an insider threat is and the risks they pose to your organization, so I won’t go into too much detail. However, it is worth knowing that insider threats mainly fall into three categories; the malicious attacker, the opportunist and the careless employee. Understanding the different reasons why insider threats occur can help you to better prevent them from … [Read more...]

5 Common Myths About Insider Threats

There still seems to be a lot of confusion about what an insider threat is, how they caused, who they are caused by, and the steps required to minimize the damage they can caused. Below are 5 common myths surrounding insider threats. Myth #1: Insider Threats are Always Malicious and Harmful According to the following report, 36% of insider threats are the result of “ignorant or careless user … [Read more...]

SingHealth: Singapore’s Worst Cyber-Attack So Far

According to a recent news report by the Telegraph, cyber-criminals have managed to steal 1.5 million personal (non-medical) records from SingHealth – Singapore’s largest group of healthcare service providers. Singapore’s Prime Minister, Lee Hsien Loong, was amongst those who’s data was compromised. During a press conference on Friday, July 20, the authorities claimed that … [Read more...]

Are CISOs Prepared to Detect Cyber-Security Breaches?

You’ve all heard the often-repeated mantra, “prevention is better than cure,” but is this really reflective of what we’re seeing in the cyber-security industry at the moment? With threats evolving at a faster rate, it’s not realistic to assume that any organization is fully capable of preventing data breaches, especially as a large volume of data breaches originate from within. Accidental or … [Read more...]