Data security news & resources

Customer service teams are often the first point of call for your customers. Armed with tools like Zendesk, Salesforce, HubSpot, Kustomer, and more, they’re on the front lines, tackling order disputes, service issues, inquiries, and account updates. Beyond that, they also play a vital role in upholding cybersecurity. While they’re certainly not expected to find […]

Authors:   Yasir Ali (Founder Polymer DLP) &  Aaron Bray (Founder Phylum) Software supply chain is at risk with LLM adoption Developers now have access to powerful generative AI models that assist in writing code, automating mundane tasks, and improving productivity. While this technology holds tremendous promise, it also brings to light a pressing concern—the […]

On March 2, 2023, the Biden administration announced the release of a new National Cybersecurity Strategy, outlining the government’s approach to strengthen cybersecurity governance, improve online safety for citizens and build a fortified digital ecosystem resilient to attacks. Whether your organization resides in the public or private sector, the National Cybersecurity Strategy will have implications […]

It’s no secret that the healthcare sector is a prime target for cyber-attacks. Research shows healthcare organizations in the US experienced 1,426 attacks per week in 2022 – up 60% from the year before.  But while healthcare companies spend their limited resources and time shielding patient health information (PHI) from external threats, they forget that […]

The Federal Information Security Management Act (FISMA) is a United States federal law enacted in December 2002 under the E-Government Act.  The act mandates federal agencies to develop, document and implement an information security program, considering both processes and systems controls, to “protect information and information systems from unauthorized access, use, disclosure, disruption, modification, or […]

This time next year, PCI DSS 4.0 will come fully into effect, replacing the current standard, 3.2. 1, that has been in place since 2018.  PCI SSC’s newest version shouldn’t come as a surprise to most. It was first released in March 2022. But with a two year grace period to allow vendors and credit […]

Miami-based healthcare software provider, Independent Living Systems, is in the hot seat this week, after announcing a data breach that impacted over 4.2 million individuals.  The incident, which is the largest healthcare breach of the year so far, came to light on March 14, when the company shared an announcement stating it experienced an “incident […]

Over the past 18 months, the Securities and Exchange Commission (SEC) has levied an onslaught of fines against public companies for inadequate disclosures of cybersecurity issues. In the latter half of 2021, British company Pearson agreed to pay $1 million, while First American Financial agreed to a settlement of $500,000.  Then, just last week, the […]

Software-as-a-service (SaaS) platforms are wonderful for boosting employee productivity and collaboration. Apps like Slack, Microsoft Teams and Google Workspace are essentially a prerequisite in the modern workplace, facilitating remote and hybrid work setups, while empowering employees to enhance efficiency.  However, while executives and employees love SaaS, security teams often have a different opinion. These apps […]

Under the Health Insurance Portability and Accountability Act (HIPAA), healthcare organizations must put in place specific controls to protect the confidentiality, integrity and availability of protected health information (PHI).  However, complying with HIPAA today is much more complex than it was twenty years ago. As congress recently noted, “advances in electronic technology could erode the […]

SaaS security solutions like cloud access security brokers (CASB) and cloud-based data loss prevention (DLP) have become a must-have to prevent data leakage and exfiltration in popular cloud apps like Slack, Google Workspace and Office 365.  In theory, these tools give security administrators much needed visibility and control over the sensitive information that resides in […]