data protection - News, Features, and Slideshows

• CSO Roadshow 2018: How do we build a secure IoT?

  The Internet of Things (IoT) poses a significant challenge to IT security teams. Suddenly, instead of having users in control of the majority of end-point devices, the devices will out-number people by a factor of seven to one if analyst predictions are accurate. That means we need to think about how we secure our networks and these devices in new ways.

  Anthony Caruana | 22 Jun | Read more

• 

  Medibank Private finds the cure for ransomware

  Like most large businesses, health insurer Medibank Private was regularly experiencing a few of what CISO Stuart Harrison calls “significant incidents” every month.

  David Braue | 12 Jun | Read more

• 

  CSOs shouldn’t assume employees care as much about security as they do

  Employees generally want to protect data against compromise but few understand the sensitivity of their data or the role of anything but passwords in protecting it, according to a new study that highlighted the difficulties that over-optimistic CSOs have in building an active security culture.

  David Braue | 02 Jun | Read more

• 

  “Shocking” data-breach volumes only hint at the true magnitude of Australia’s data insecurity

  Revelations about the rate at which Australian companies are being compromised were “shocking”, a security specialist has warned in the wake of new breach analysis figures suggesting that most global incidents involve identity theft and are perpetrated by malicious outsiders.

  David Braue | 23 Apr | Read more

• 

  As Facebook scandal deepens, data sovereignty is back on Australia’s secure-cloud agenda

  As the Facebook data sharing scandal ignites concern and

  David Braue | 11 Apr | Read more

• How to achieve better third-party security: Let us count the ways

  No enterprise is an island. In a connected world, a business cannot function without multiple relationships with third parties -- outside vendors, contractors, affiliates, partners and others.

  Taylor Armerding | 30 Jun | Read more

• How to defend against the OpenSSL Heartbleed flaw

  CSOs need to take a number of steps as soon as possible to protect their organizations against the OpenSSL vulnerability that has shaken the tech industry, experts say.

  Antone Gonsalves | 10 Apr | Read more

• How to Test the Security Savvy of Your Staff

  How do you know your employees retain what you teach them in company-required security awareness training? You don't -- unless you regularly test their security savvy and effectively address their mistakes during post-test follow-up sessions.

  Kim Lindros and Ed Tittel | 24 Feb | Read more

• Your Twitter account has been hacked! Here's what to do about it.

  Kirsty woke up to find that someone else had taken control of her Twitter account. I tell her how to get it back.

  Lincoln Spector | 09 Sep | Read more

• Send attackers on a wild goose chase with deception technologies

  Midsized companies with revenues from $100 million to $1 billion spent an average of $3 million on information security as of 2014 per "The Global State of Information Security Survey 2015" from PwC.

  David Geer | 18 Aug | Read more

• The 4 most insecure areas of online behavior

  Security experts and users follow a drastically different set of best practices to protect their security online, according to a new report from Google.

  Kristin Burnham | 12 Aug | Read more

• CRM backups or audit trails? Yes, please

  Like nearly any transactional system, usable CRM data backups are tricky because the data is always changing and dependent on coherency across several tables. Ideally, you'd fully quiesce the system and do a full backup every day, or enable the online backup. But with modern cloud systems and 7x24 customer access (via portals or mobile apps), you can't take the system down, and cloud vendors like SFDC don't provide a full backup more often than once a week. The situation with audit trails is different: they may reliably capture all the changes, but you may only be allowed to track a limited number of fields (the default in SFDC is 20 per object).

  David Taber | 30 Jul | Read more

• Data explosion offers challenges, opportunities to security pros

  230 million patients. 3,300 hospitals. 900,000 healthcare professionals. 98 percent of U.S. pharmacies. More than 700 different electronic health record platforms. 764 million medication histories. 6.5 billion transactions processed last year alone.

  Maria Korolov | 17 Jul | Read more

• Cyber insurance: Buy, but be aware

  "Caveat emptor" - buyer beware - is the most common warning to those shopping for big-ticket items. That, apparently, applies in spades to buying cyber insurance.

  Taylor Armerding | 10 Jul | Read more

Whitepapers about data protection

• 

  Whaling - Anatomy of an Attack, Protecting Your Organisation from CEO Email Scams

  Whaling — derived from an analogy with a big “phish” — is particularly threatening because it’s both highly deceptive and damaging. A cyber-criminal, disguised as the CEO, CFO or other senior executive, typically sends an email message to a recipient and convinces this person to initiate a wire or data transfer. These attacks are also referred to as impersonation attacks or business email compromise attacks.

• 

  The myths of mobile security

• 

  The challenge of protecting critical data

• 

  Key Communications Systems Are Always Available, Highly Responsive for Global Mining Company