Data Security & Compliance Blog

Unstructured data is any data that is not stored in a pre-defined schema, and can include Word, text and PDF documents, photos, videos, MP3s, emails, data obtained via social media platforms and various types of personal data. According to a forecast by the IDC, 80 percent of global data will be unstructured by 2025. Unlike a relational database, for example, unstructured data can be difficult to identify, and thus protect. … Read more

It should come as no surprise to hear that the faster you can identify and contain a security incident, the less costly it will be, hence why it is crucial that any organization that stores large amounts of valuable data has a tried and tested incident response plan (IRP) in place. Yet, as much as 77% of companies don’t have a formal IRP, according to a recent IBM survey. Of … Read more

I would love to tell you that we’re making progress when it comes to minimizing the number of data breaches affecting healthcare service providers across the globe, but unfortunately, it doesn’t appear to be the case. In fact, the evidence from 2019 suggests that we may well be getting worse… In 2018, we recorded 503 healthcare related data breaches, with approximately 15 million patient records compromised. According to the Protenus … Read more

According to recent Trends in Cybersecurity Breach Disclosures report, the average cost of a data breach for a publicly traded company is $116 million. However, it’s worth bearing in mind that this figure will be skewed by the largest cases. The report is based on 639 cyber-security breaches that took place since 2011, and includes some of the largest breaches we’ve seen to date, which include: The Equifax breach, which … Read more

Even before the current health crisis began to unfold, a shift was taking place. Employers were allowing their staff to user their own devices in the workplace – a trend referred to as BYOD (Bring Your Own Device). It was a shift that made sense to many organizations as it eliminated the need to buy and maintain expensive devices and equipment. Employees tended to feel more comfortable using their own … Read more

Data is the lifeblood of any organization, yet many CISOs still struggle to convey the financial risks associated with the loss or theft of that data. Data breaches continue to dominate the headlines with alarming regularity and new the challenges arising from global shifts in work habits are creating a growing number of risks that organizations have to deal with. These new challenges bring with them potentially crippling financial risks … Read more

It’s safe to say that most organizations that rely on information technology to carry out business operations will already have anti-virus software installed and a firewall (that is hopefully configured properly). Most will have some form of access control solution in place, protocols and solutions that deal with backup and recovery, and some (not all) will use encryption to protect their sensitive data. Some larger organizations will utilize more advanced … Read more

Most business leaders are not experts in data security, or any IT-related field for that matter. Their attention is typically focused on streamlining business operations in order to maximize profits. If they can avoid spending money on endeavors that are unlikely to yield any kind of ROI, they will. Face it, data protection doesn’t typically yield any noticeable returns. It’s simply something we must do. Data security is a complex … Read more

Knowing what data we have, where it is located, how it is being accessed, and by who, is crucial to ensure that we are able to adequately protect it. We need as much transparency as possible into the security controls that are in place, and whether or not those security controls are effective. Having visibility into all areas of our system, enables us to be more proactive, rather than reactive. … Read more

“If you see something, say something”, is the motto of the Department of Homeland Security. It’s a motto that is also highly relevant to ensuring that our systems and data are secure. In order to have an effective cyber security program, you need eyes and ears everywhere. All staff members of staff need to be involved, as the IT department simply doesn’t have the resources to be able to identify … Read more