Last week, news broke that games publisher Electronic Arts (EA) fell victim to a data breach. While EA won’t say when the incident occurred, the ramifications are clear: the malicious actors made off with a whopping 780gb of data. While no player’s personal data was compromised in the breach, among the stolen data were source […]
Data breach risks from Microsoft Teams
Microsoft Teams has rapidly turned out to be the to-go-to application for remote work, accelerating exponentially in usage over the last twelve months. Teams boasts an impressive 145 million active daily users, marking a 26 percent increase up from 115 million daily active users in October 2020. However, despite the intrinsic trust, the success of […]
Secure access service edge: What is SASE?
The Software-as-a-Service (SaaS) industry is forecast to generate $157 billion by 2022, as more and more organizations move their workloads to the cloud and embrace the world of hybrid work. As companies increase their dependency on the cloud, however, they will likely experience latency and cost issues. This is because the traditional way of backhauling traffic through […]
HIPAA deep dive series: when is patient authorization not needed for sharing personal data?
HIPAA has strict rules governing patient data storage and sharing. However in limited circumstances, the HIPAA Privacy Rule allows a covered entity to use or disclose a patient’s Protected Health Information (PHI) without prior written authorization. First in our series of HIPAA in-depth blog posts, this piece looks at circumstances under which you don’t require […]
What is the principle of zero trust security?
Zero trust security is an IT security model centered around the concept that organizations should verify every person and device attempting to access their systems and data, whether they are inside or outside the network perimeter, before permitting access. In essence, it’s the idea that no digital entity can simply be trusted to be who […]
Colonial Pipeline data breach; document malware likely cause
Colonial Pipeline got hacked recently. The cyberattack that forced the United States’ largest gasoline pipeline shutdown has triggered fresh questions about the vulnerability of the country’s vital infrastructure and businesses at large to cybercriminals. The breach at Alpharetta, Ga.-based company, is the latest high-profile cyberattack reminder that many of the nation’s businesses aren’t prepared to […]
How remote work setups can lead to higher risks of sensitive data leaks
The benefits of a distributed, remote workforce are plentiful for organizations. From low costs to improved employee wellbeing, it’s easy to see why many companies are planning to let their employees work remotely even after the pandemic ends. However, remote working also presents unique cybersecurity challenges. As employees communicate and collaborate across different cities, states […]
Current trends in phishing emails
Phishing is the single most important risk for employees to introduce malware within organizations. Effective training to spot this risk in incoming emails is table stakes for all organizations, no matter the size. This article synthesis the latest research on what phishing email look like and tips on improving your company’s risk posture. According to […]
When documents attack: malware inserted in attachments
Document-based malware is pretty common these days. An email analysis by Barracuda Networks revealed malware hidden in documents accounts for over 50 percent of all malicious files. This trend appears to be gaining momentum as cyber crooks continue to spam documents, according to WatchGuard, a tech security company. While these documents look legit, they come […]
What is sensitive data?
Every time you sign up for a new service, buy something online or, even apply for a job, you automatically share your personal information. If you look back over the hundreds of online interactions you’ve had over the years, it gives you an inkling as to how many businesses have processed information about you. Then, […]
Shadow IT 2.0: New Risks in the PaaS Era
For IT and security leaders, the term ‘shadow IT’ tends to send a shiver down the spine. About ten years ago, it became an epidemic in the corporate world. The consumerization of cloud applications, combined with the rise of bring your own device (BYOD), led to employees downloading non-authorized applications, for work purposes, in their […]