Archive for the ‘IT Security’ Category

At Lepide, we have been shouting about the risks posed by insider threats for years, and new research form the SANS Institute suggests that, whilst organizations are beginning to recognize this threat, budgets and incident response strategies have yet to catch up. With this in mind, we have created the below infographic – using information from SANS, IBM and the Ponemon Institute – to highlight what exactly insider threats are, … Read more

According to the 2017 State of the Phish survey, 76% of respondents reported being the victim of a phishing attack in 2016, and 2018 is no different. A phishing attack is when a cyber-criminal sends an email posing as a trusted entity in order to extract sensitive information from the target. Below are the five main types of phishing bait currently being employed. If you can train your employees to … Read more

Unstructured data consists of any type of data that exists beyond the scope of an organization’s application or database. Such data includes things like word documents, audio files, videos, photos, webpages, presentations, and so on. The amount of unstructured data that companies store has exploded in recent years due to the rapid increase in storage capabilities. While it is true that many companies are still not engaging in any form … Read more

You may have heard of the popular social app, Timehop, which trawls through users’ historic social media data to display posts from the same day years ago in a “before and after” style. The nature of the app means that users have to give it permission to access their social media data, meaning that Timehop have access to a LOT of personally identifiable information (PII). Well, as it turns out, … Read more

Recently, the UK government’s Cabinet Office published the Minimum Cyber Security Standard (MCSS); the first technical standard that they plan to incorporate into the Government Functional Standard for Security. Otherwise known as the HMG Security Policy Framework (SPF), the policy sets out the mandatory protective security outcomes that all Departments of the UK government are required to achieve. However, just because this policy applies solely to UK Government, this does … Read more

2017 saw an average of at least one healthcare data breach per day, according to a report published by Protenus. But what is it about healthcare information that makes it so alluring? Let’s take a look… 1. Patient information is very valuable As they say, “data is the new oil”, and hospitals are sitting on large amounts of it. They store vast numbers of medical records, social security numbers, credit … Read more

It may sound ridiculous, especially in today’s climate, but many organizations we speak to are not regularly measuring their cyber-security preparedness. If you don’t measure, how can you know for sure if you’re doing your utmost to prevent disastrous data breaches? A lack of historic cyber-security incidents is absolutely no guarantee that you are effective in preventing them. In fact, it may just signify that you have been lucky. If … Read more

Earlier this month, Tesla CEO Elon Musk learned of a security breach perpetrated by one of his own employees. The incident was described by Musk as an employee “making direct code changes to the Tesla Manufacturing Operating System under false usernames and exporting large amounts of highly sensitive Tesla data to unknown third parties.” The Tesla employee was thought to have done this because he felt that the company were … Read more

In April of this year, the U.S. Securities and Exchange Commission (SEC) released the news that Yahoo! (Altaba) have agreed to settle a $35 million fine for failing to publicly disclose a data breach within an acceptable time limit. This is fairly historic, as it is the first time that the SEC have enforced a financial punishment for this sort of failure, claiming that it broke numerous federal security laws. … Read more

It’s no great surprise that insider threats account for 75% of data security breaches. After all, employees are in the best position to compromise our sensitive data, whether intentionally, or by accident. A breach could be caused by a disgruntled ex-employee, a lost or stolen device, or a naïve employee clicking on a fraudulent email. Whatever the reason, confronting insider threats needs to be our top priority. Preparation In order … Read more

Lepide® is a Registered Trademarks of Lepide Software Private Limited. © Copyright 2018 Lepide Software Private Limited. All Trademarks Acknowledged.