On August 31st, the California legislative session notably adjourned without the enactment of Assembly Bill 1102. This bill would have extended the exemption for the inclusion of employee and B2B personal data within the California Privacy Rights Act (CPRA). Without the exemption in place, compliance and governance around B2B and HR personal information will become […]
Slack for healthcare—Do’s, don’ts, & best practices
So, you’re a healthcare organization that’s started using Slack? Chances are, you want to help your employees communicate and collaborate more effortlessly, and you’ve heard on the grapevine that Slack is the collaboration tool to use. We’ve heard the same. Slack adoption is soaring. The company generated $902 million in revenue between March 2020 and […]
How to set up zero trust for your SaaS tech stack
Data loss has long been a challenge for organizations. Even in the good old days when company data was stored on-premises, worries about data loss kept IT and security leaders up at night. Today’s waking nightmare, of course, is the threat of data loss through SaaS applications and cloud infrastructure. In this environment, securing data […]
I am a LastPass customer. Does the breach affect me?
Over the weekend, the popular password management tool, LastPass, published a blog post, letting its customers know that it suffered a data breach. Here’s everything you need to know. What’s LastPass? LastPass is a very well known security tool used by individuals and organizations alike to streamline password management. Essentially, LastPass works by storing all […]
5 lessons to be learned from Twitter whistleblower allegations
You’d think that a technology company as large and influential as Twitter would be hot on the case of data privacy and cyber security. Well, recent allegations claim the opposite is true. This week, an 84-page whistleblower report hit the headlines, featuring damning allegations about Twitter’s security practices. This is a report with weight. It […]
Why a VPN isn’t enough to secure remote work!
VPN stands for Virtual Private Network. There are two types of VPNs: personal ones and corporate ones. Personal VPNs are the likes of NordVPN and Surfshark, which enhance users’ privacy as they browse the internet. These services can also be used to unblock geo-restricted applications and websites. Then there are corporate VPNs – which are […]
How did russian hackers target Microsoft Office 365 accounts?
Background on Cozy Bear Cozy Bear is a Russian cyber-espionage group classified by the United States federal government as advanced persistent threat 29 (APT29). It’s responsible for several high-profile data breaches over the last few years, including the SolarWinds attack and recent Google Drive phishing scams. While APT29 is notorious in the public domain, the group’s infamy hasn’t […]
How did Cisco get hacked?
Overview of the Cisco data breach On Wednesday, August 10th, 2022, the networking giant, Cisco, confirmed that it suffered a data breach on 24th May of this year. Below, we’ll talk you through how the hack happened, what data was lost and who was responsible. We’ll also discuss key learnings from the incident, so you […]
How do Google Drive and Dropbox phishing scams work?
We all know what a traditional phishing scam is, where a cyber-criminal sends a fraudulent email to their victim in a bid to trick them into sharing sensitive information or downloading malware. Phishing scams are so widespread that most email providers have now installed impressive features that block standard phishing emails. However, just because email […]
Twilio data breach: What happened and lessons to be learned
Over the weekend, the US-founded communications company, Twilio, disclosed that it suffered a data breach, after some of its employees fell for a sophisticated phishing scam. Below, we’ll give you an overview of the security incident: what happened, who was impacted and how you can prevent the same thing happening in your organisation. Quick background: […]
What is autonomous compliance?
The world of compliance is evolving at an astounding rate. It seems like there’s a new regulation every year. Plus, with the advent of state compliance laws, companies will soon have to deal with a myriad of shifting expectations around how they deal with consumer data. On top of this, frameworks like ISO 27001 and […]