Upcoming Webinar - Why the CISO Needs to Take a Data-Centric View on Security         April 22 at 2 pm EDTRegister Now
Archive for the ‘Data Security’ Category

A lot has changed since the COVID-19 pandemic arrived on our shores, including the already complex and evolving world of data security. Many more employees are now working from home, and many will continue to do so, even after the pandemic eventually subsides. Allowing employees to work from home can be beneficial for both parties, however, many companies were woefully unprepared for the security challenges that such a shift would … Read more

In January 2021, an American Health insurer by the name of Excellus agreed to pay over $5.1 million to the Office for Civil Rights (OCR) at the US Department of Health and Human Services (HHS) in a settlement after violating the Health Insurance Portability and Accountability Act (HIPAA). Excellus Data Breach The violation in question relates to a data breach that resulted in the sensitive data of over 9.3 million … Read more

Over the past fifteen years, we’ve seen a relatively consistent increase in the number of annual data breaches. We’ve also seen an increase in the number of stringent data privacy laws being introduced across the globe, and a failure to comply with these laws may result in large fines being levied against the non-compliant organization. That said, 2020 has actually seen a decrease in the number of data breaches, which … Read more

Let us start the new year with some positive news. Despite the coronavirus pandemic, the number of data breaches in 2020 fell by 52%, at least in the first six months anyway. That said, we’ve still seen a large number of high-profile cases, some of which involving billions of exposed records. Top Data Breaches of 2020 Below is a round-up of the 20 biggest data breaches we saw in 2020. … Read more

The healthcare industry continues to grapple with a myriad of security threats, ranging from insider threats to malware and DDoS attacks. Unlike other industries, healthcare is faced with a unique set of challenges. Budgetary constraints and a general lack of executive leadership have made it very difficult for service providers to stay ahead of the curve, yet a failure to do so could cost lives. Not only that, but protected … Read more

Kerberos is an authentication protocol that uses tickets to provide strong authentication for client/server applications and became the default authentication method for Windows 2000 and later versions. The Kerberos protocol uses either symmetric-key or public-key cryptography to provide secure communication with other services and applications on the network. However, as with any widely adopted authentication protocol, Kerberos has become a prime target for hackers, where the main goal is to … Read more

Organizations have a tendency to hoard large amounts of unstructured data, some of which may contain data that is confidential, such as credit card numbers, passport numbers, health-related information, and so on. When I say, “unstructured data”, I’m talking about data that doesn’t fit into a traditional relational database, with rows, columns, and keys. Such data might include Word documents, spreadsheets, and emails. As the number of data breaches continues … Read more

While the difference between cyber-security and cyber-resilience might not be obvious to some, the implications of failing to address both are significant. In simple terms, cyber-security describes an organization’s ability to protect themselves from security threats, such as malware, phishing, DDoS, SQL injection and insider threats. Cyber-resilience, on the other hand, focuses more on damage limitation and remediation, whether that be damage to an organization’s systems, finances or reputation. Of … Read more

At Lepide, I chat with quite a lot of customers, and there is a common sentiment that comes up; “we need a bigger security budget.” I think everyone would agree that addressing the security problems of today requires the allocation of a sensible budget. However, I think that the main challenge is not the amount of money being spent, it is spending that available budget on the right things and … Read more

Even before the current health crisis began to unfold, many executives and IT personnel have been debating about the practicalities and implications of storing and processing sensitive data in the cloud. Using cloud services for the storage and processing of valuable data is understandably tempting, as it allows organizations to eliminate numerous costs and responsibilities. There are, however, trade-offs that need to be taken into consideration, especially if you are … Read more