Archive for the ‘IT Security’ Category

Over the last few years we have seen a shift in the requirements set out in compliance mandates in an attempt to combat the increasing frequency and severity of data breaches. For example, in February of this year, PCI DSS (the compliance standard aimed at protecting payment card information) best practices were made mandatory. This was in an attempt to ensure that merchants and service providers took action to ensure … Read more

CISOs are faced with a seemingly impossible task, as cyber-attacks are evolving faster than their ability to improve their defences. A recent survey, carried out by Ankura, shed some light on the way in which corporations are adapting to meet the demands of the evolving threat landscape. The survey involved 30 industry experts from a range of industries, including finance, healthcare, insurance, manufacturing, media, telecommunications and retail. Firstly, the report … Read more

In today’s world, healthcare data is spread across the cloud, end points, within the organizational network, applications, IOT and other places. As shown in a report by KPMG, there has been a significant rise in cyber security breaches around sensitive data. As per the report, 47% of healthcare providers and health plans faced violations of HIPAA compliance (Health Insurance Portability and Accountability Act). This is a 10% percent increase when … Read more

Perhaps the most common challenge for the modern IT department; who has permissions to what, how did they get them and are they acting responsibly? Reporting on current permissions and ensuring any changes to permissions are recorded and checked. It’s one we’ve heard time and time again and it’s a real problem. Data leakage can arise as a result of the wrong people having access to data and inadequate practices … Read more

I was writing a whitepaper recently on privilege abuse and I noticed spellcheck had picked up on a typo on the word ‘privilege.’ I right clicked, and the thesaurus gave me some possible alternatives which really made me think about what it is for a user to be privileged. Figure 1: Definition of ‘Privilege’   Imagine if we actually thought about the people we are granting privileged access to in … Read more

Here at Lepide we talk a lot about how we help companies identify and prevent data leakage and how we can help mitigate the risks of data breaches. However, it’s not always clear as to what constitutes a breach in real world terms. At what point is a breach technically a breach (i.e. what conditions need to be met before you are liable to disclose)? In the USA, definitions vary … Read more

You may be familiar with Troy Hunt’s simple, yet sophisticated, domain monitoring site, Have I Been Pwned (HIBP). The site gives users the opportunity to instantly check whether their personal or company domain has been involved in a data breach incident. It’s a very interesting site, and you might be surprised to learn just how many data breaches your personal information was involved in. I thoroughly recommend you take a … Read more

The term “Risk Assessment” has become a bit of a buzzword that is regularly being used by vendors to confuse, intimidate and fear-sell tools. Risk assessments are quite often misunderstood by organizations looking to improve their overall IT security, and the misinformation circling the web isn’t helping in this regard. With that being said, risk assessments are a vital part of understanding how vulnerable you may or may not be … Read more

We think there’s a big problem with how a lot of organisations approach IT security – and here’s why. We speak to IT teams on a daily basis about their security measures and hear all the same products being referred to and the vast sums of money spent on ensuring their systems are secure. However, the reality is that so many of the deployments of these security solutions fail due … Read more

Unfortunately, ransomware isn’t going to go away any time soon. In fact, Cybersecurity Ventures predicts that the cost of ransomware attacks is likely to reach $11.5 billion by 2019. The primary cause of this is the increasing regularity of attacks. In 2019, the same report predicts that a new ransomware attack will occur every 14 seconds. Scary numbers! Naturally, many organizations are turning to popular ransomware prevention tools to help … Read more

Lepide® is a Registered Trademarks of Lepide Software Private Limited. © Copyright 2018 Lepide Software Private Limited. All Trademarks Acknowledged.