Moving from Checkbox Compliance to True Data Security

Moving from Checkbox Compliance to True Data Security

Organizations are shifting their focus to a core set of principles around protecting their credentials and data, but they struggle with a starting point. In this 6-part ‘Checkbox Compliance to True Data Security’ blog series, we will provide a foundational blueprint. The series will cover an overview of Data Access Governance (DAG) and introduce the 5 phases that will help shape a true data security program. In an interview with Dark Reading, Brian Christensen, head of global audit for Protiviti…

Read More Read More

2017 Cybersecurity Recap & 2018 Predictions

2017 Cybersecurity Recap & 2018 Predictions

As we begin to wrap up 2017 and reflect back on the year, we looked at what the industry has accomplished and in some cases where we have fallen short. In the early part of this year many industry thought leaders were stating that 2017 would again be the year of ransomware. They were all very correct in their statements, but this year has shown us much more, it has shown us the increasing need for cybersecurity insurance, data access…

Read More Read More

Data Mapping in the age of GDPR – Unknown Application Workflows

Data Mapping in the age of GDPR – Unknown Application Workflows

When the enemy is already inside Security breaches is a fact of life. Employees click on links in phishing emails, web applications get compromised, weak passwords get guessed, and insiders misuse their privileges. As a matter of fact, internal actors play a role in every 4th breach according to the latest 2017 Data Breach Investigations Report from Verizon (http://www.verizonenterprise.com/verizon-insights-lab/dbir/). Once the enemy is within the external defenses it is critical to protect the internal data and the business operations. Not…

Read More Read More

Malware: ILOVEYOU Melissa & still you make me WannaCry

Malware: ILOVEYOU Melissa & still you make me WannaCry

Protect Your Unpatched Systems Against Malware What do the Melissa virus, ILOVEYOU worm and the WannaCry ransomware have in common? After patches were made available, they were still successfully spreading. Secondary storage also played a role in these infections. As malware evolved from nuisance to profit-driven, secondary storage became less of an infection vector and more of an opportunity to ransom data. I choose to highlight Melissa somewhat randomly, but mostly because it was 18 years ago and basic information…

Read More Read More

Lucky 13: WannaCry Ransomware and EU GDPR

Lucky 13: WannaCry Ransomware and EU GDPR

WannaCry Ransomware and GDPR 13 Months. That is the number of months (from the time of this writing) separating the #WannaCry attack from being not just a massive information security “incident” but the single largest test of the EU General Data Protection Regulation (GDPR). We are not going to focus on the WannaCry ransomware in this post though. If you’re interested in my technical breakdown, you can read my previous post. Today, I want to double-click past the malware and…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.