data protection - News, Features, and Slideshows

• 

  As Facebook scandal deepens, data sovereignty is back on Australia’s secure-cloud agenda

  As the Facebook data sharing scandal ignites concern and

  David Braue | 11 Apr | Read more

• 

  Relatively benign, cryptomining is displacing ransomware – but that’s not necessarily a good thing

  Cybercriminals’ surging interest in cryptocurrency miners has seen the quickly-evolving technique apparently displacing ransomware, a new analysis has found, as instigators work to keep ahead of enterprises’ slowly-maturing information defences.

  David Braue | 28 Mar | Read more

• 

  The week in security: Fallout from Facebook-Cambridge Analytics scandal continues

  The explosive Facebook/Cambridge Analytics scandal was set to claim the scalp of Facebook security head Alex Stamos, who was said to be preparing to leave after disagreements about how the company should handle disinformation investigations and disclosures.

  David Braue | 26 Mar | Read more

• Poor patching, user education leave healthcare providers sitting ducks for cyber attacks

  Despite the masses of highly sensitive data that healthcare companies manage, new analysis has warned that chronically poor endpoint security, weak patching practices and high exposure to social engineering make the industry one of the worst-performing sectors when it comes to protecting data.

  David Braue | 15 Feb | Read more

• 

  Valentine’s Day malware surge is a test of corporate email defences

  It may be a day for love and for lovers, but Valentine’s Day is also living up to expectations as a magnet for cybercriminal activity.

  David Braue | 14 Feb | Read more

• How to achieve better third-party security: Let us count the ways

  No enterprise is an island. In a connected world, a business cannot function without multiple relationships with third parties -- outside vendors, contractors, affiliates, partners and others.

  Taylor Armerding | 30 Jun | Read more

• How to defend against the OpenSSL Heartbleed flaw

  CSOs need to take a number of steps as soon as possible to protect their organizations against the OpenSSL vulnerability that has shaken the tech industry, experts say.

  Antone Gonsalves | 10 Apr | Read more

• How to Test the Security Savvy of Your Staff

  How do you know your employees retain what you teach them in company-required security awareness training? You don't -- unless you regularly test their security savvy and effectively address their mistakes during post-test follow-up sessions.

  Kim Lindros and Ed Tittel | 24 Feb | Read more

• Your Twitter account has been hacked! Here's what to do about it.

  Kirsty woke up to find that someone else had taken control of her Twitter account. I tell her how to get it back.

  Lincoln Spector | 09 Sep | Read more

• Send attackers on a wild goose chase with deception technologies

  Midsized companies with revenues from $100 million to $1 billion spent an average of $3 million on information security as of 2014 per "The Global State of Information Security Survey 2015" from PwC.

  David Geer | 18 Aug | Read more

• The 4 most insecure areas of online behavior

  Security experts and users follow a drastically different set of best practices to protect their security online, according to a new report from Google.

  Kristin Burnham | 12 Aug | Read more

• CRM backups or audit trails? Yes, please

  Like nearly any transactional system, usable CRM data backups are tricky because the data is always changing and dependent on coherency across several tables. Ideally, you'd fully quiesce the system and do a full backup every day, or enable the online backup. But with modern cloud systems and 7x24 customer access (via portals or mobile apps), you can't take the system down, and cloud vendors like SFDC don't provide a full backup more often than once a week. The situation with audit trails is different: they may reliably capture all the changes, but you may only be allowed to track a limited number of fields (the default in SFDC is 20 per object).

  David Taber | 30 Jul | Read more

• Data explosion offers challenges, opportunities to security pros

  230 million patients. 3,300 hospitals. 900,000 healthcare professionals. 98 percent of U.S. pharmacies. More than 700 different electronic health record platforms. 764 million medication histories. 6.5 billion transactions processed last year alone.

  Maria Korolov | 17 Jul | Read more

• Cyber insurance: Buy, but be aware

  "Caveat emptor" - buyer beware - is the most common warning to those shopping for big-ticket items. That, apparently, applies in spades to buying cyber insurance.

  Taylor Armerding | 10 Jul | Read more

Whitepapers about data protection

• 

  Whaling - Anatomy of an Attack, Protecting Your Organisation from CEO Email Scams

  Whaling — derived from an analogy with a big “phish” — is particularly threatening because it’s both highly deceptive and damaging. A cyber-criminal, disguised as the CEO, CFO or other senior executive, typically sends an email message to a recipient and convinces this person to initiate a wire or data transfer. These attacks are also referred to as impersonation attacks or business email compromise attacks.

• 

  The myths of mobile security

• 

  The challenge of protecting critical data

• 

  Key Communications Systems Are Always Available, Highly Responsive for Global Mining Company