• Reset
Compliance - CPRA and HR data

Is employee & B2B personal data covered under the CPRA?

On August 31st, the California legislative session notably adjourned without the enactment of Assembly Bill 1102. This bill would have extended the exemption for the inclusion of employee and B2B personal data within the California Privacy Rights Act (CPRA). Without the exemption in place, compliance and governance around B2B and HR personal information will become […]

read more
AstraZeneca breach

Slack for healthcare—Do’s, don’ts, & best practices

So, you’re a healthcare organization that’s started using Slack? Chances are, you want to help your employees communicate and collaborate more effortlessly, and you’ve heard on the grapevine that Slack is the collaboration tool to use. We’ve heard the same. Slack adoption is soaring. The company generated $902 million in revenue between March 2020 and […]

read more
zero trust for SaaS

How to set up zero trust for your SaaS tech stack

Data loss has long been a challenge for organizations. Even in the good old days when company data was stored on-premises, worries about data loss kept IT and security leaders up at night.  Today’s waking nightmare, of course, is the threat of data loss through SaaS applications and cloud infrastructure. In this environment, securing data […]

read more
lastpass breach

I am a LastPass customer. Does the breach affect me?

Over the weekend, the popular password management tool, LastPass, published a blog post, letting its customers know that it suffered a data breach. Here’s everything you need to know. What’s LastPass? LastPass is a very well known security tool used by individuals and organizations alike to streamline password management.  Essentially, LastPass works by storing all […]

read more
twitter whistleblower allegations

5 lessons to be learned from Twitter whistleblower allegations

You’d think that a technology company as large and influential as Twitter would be hot on the case of data privacy and cyber security. Well, recent allegations claim the opposite is true.  This week, an 84-page whistleblower report hit the headlines, featuring damning allegations about Twitter’s security practices. This is a report with weight. It […]

read more
VPN security remote work

Why a VPN isn’t enough to secure remote work!

VPN stands for Virtual Private Network. There are two types of VPNs: personal ones and corporate ones. Personal VPNs are the likes of NordVPN and Surfshark, which enhance users’ privacy as they browse the internet. These services can also be used to unblock geo-restricted applications and websites.  Then there are corporate VPNs – which are […]

read more
Microsoft 365 Russian hack

How did russian hackers target Microsoft Office 365 accounts?

Background on Cozy Bear Cozy Bear is a Russian cyber-espionage group classified by the United States federal government as advanced persistent threat 29 (APT29).  It’s responsible for several high-profile data breaches over the last few years, including the SolarWinds attack and recent Google Drive phishing scams.  While APT29 is notorious in the public domain, the group’s infamy hasn’t […]

read more
Cisco breach

How did Cisco get hacked?

Overview of the Cisco data breach  On Wednesday, August 10th, 2022, the networking giant, Cisco, confirmed that it suffered a data breach on 24th May of this year. Below, we’ll talk you through how the hack happened, what data was lost and who was responsible.  We’ll also discuss key learnings from the incident, so you […]

read more
Dropbox phishing

How do Google Drive and Dropbox phishing scams work?

We all know what a traditional phishing scam is, where a cyber-criminal sends a fraudulent email to their victim in a bid to trick them into sharing sensitive information or downloading malware.  Phishing scams are so widespread that most email providers have now installed impressive features that block standard phishing emails. However, just because email […]

read more
Twilio breach

Twilio data breach: What happened and lessons to be learned

Over the weekend, the US-founded communications company, Twilio, disclosed that it suffered a data breach, after some of its employees fell for a sophisticated phishing scam. Below, we’ll give you an overview of the security incident: what happened, who was impacted and how you can prevent the same thing happening in your organisation. Quick background: […]

read more
Cloud security

What is autonomous compliance?

The world of compliance is evolving at an astounding rate. It seems like there’s a new regulation every year. Plus, with the advent of state compliance laws, companies will soon have to deal with a myriad of shifting expectations around how they deal with consumer data.  On top of this, frameworks like ISO 27001 and […]

read more

Get Polymer blog posts delivered to your inbox.