Lepide Blog

According to Verizon’s 2017 Data Breach Investigations Report, 25% of data breaches involve insiders. And in 60% of cases, insiders take data to sell later, or 15% to a new employer or to start a rival company. Data theft doesn’t necessarily require any technical skill if users already have access to the information they need, and can be detected or prevented using logging, monitoring large data transfers and removeable USB … Read more

“The fact that a company hasn’t noticed a breach doesn’t mean that it hasn’t been breached” – itgovernance.co.uk An APT is a type of malware which uses social engineering or various phishing techniques to gain access to a network. Once the malware has gained access, it will conceal itself by hiding in unsuspected files, where it can remain undetected for weeks, months, or even years. In which time, it is … Read more

Since 1998, we have relied on the Data Protection Act (DPA) to provide us with a regulatory framework for protecting personal data. It has been effective to some extent, however, I think it is fair to say that an upgrade is long overdue. After all, so much has changed in the last 20 years. There are many more businesses processing personal data, technology has evolved beyond recognition, and cyber-attacks are … Read more

As you probably know by now, the GDPR is coming into full effect on May 25, 2018, and constitutes the most significant change to European Union (EU) privacy law in two decades. It is designed to replace the Data Protection Directive (DPD) that came into force in 1995 when web technology was nowhere near as advanced as it is today. The GDPR applies to all organisations handling the data of … Read more

In an IT environment, privileged user accounts are those which are provided comparatively more privileges or permissions than a normal user account. Any malicious activity conducted, either intentionally or mistakenly, by a privileged account can be a threat to IT security. To address this, a systematic way of determining which users have privileged access and tracking their activities is required. Follow these methods in this blog to identify privileged user … Read more

If you’re reading this, you’ve either already become the victim of a ransomware attack or you’re interested in finding out what your options are should it happen to you. So, in this article we’re going to discuss what a ransomware attack does and how best to react to one. What does a ransomware attack look like? Ransomware attacks come in many shapes and sizes, but the ultimate goal is to … Read more

It seems that almost every month we are told of yet another high-profile security breach in which sensitive data is leaked, either for profit or accidentally. In almost every case, the end result of these data leaks is damage to the reputation and/or bottom line of the organisations involved. Whilst there is no way to completely remove the risks of a data breach occurring in your organisation, there are certain … Read more

The danger posed by insider threats Many organisations with budgets allocated towards security choose to spend them on defending against external attacks and ignore the far more prevalent insider threat. This tends to be due to the fact that, in the past, external hacks were heavily publicised in the media and resulted in expensive damages to company reputations and bottom lines. However, despite recent major ransomware attacks throwing the spotlight … Read more