Data security news & resources

The cloud storage service Dropbox is used by over 17.2 million individuals and organizations worldwide. This SaaS platform makes it easy to store, manage, and collaborate on documents from anywhere, on any device.  However, despite its popularity, Dropbox has a checkered past when it comes to data privacy and security. Here, we’ll look at Dropbox’s […]

In the eight years since it launched, Notion has become a much-loved collaboration and productivity tool used by enterprises large and small across the globe.  Because it’s intuitive to use, cloud-based and brimming with helpful features, many employees rely on Notion for tasks like note taking, sharing documents, project management and database storage.  But, despite […]

It’s a difficult time to be a chief information security officer (CISO). Today’s IT estate is vast, complex and opaque—a jumble of on premises systems, unmanaged devices, SaaS applications and generative AI tools. Sensitive data could be anywhere and, as we all know, the cost of that data being leaked, lost or stolen is higher […]

In today’s ultra competitive digital landscape, businesses need to ace their customer service offering to attract, win, and retain customers.  In fact, McKinsey research shows that investing in the customer experience (CX) can improve sales revenues by up to 7% and profitability by up to 2% in just one year.  To enhance the CX, many […]

In 2024, human error continues to be the number one cause of data breaches, leaks and compliance fines in the enterprise. Despite organizations consistently investing in cybersecurity awareness training, something is going amiss: employees aren’t learning.  For CISOs and their teams, the fallout of ineffective training programs can be severe. Many training initiatives are expensive, […]

Medium and large organizations that operate in the European Union (EU) have just months to comply with NIS2, the EU’s latest and most stringent piece of cybersecurity legislation yet.  Here, we’ll explore how data loss prevention (DLP) can help businesses meet NIS2 compliance requirements before the October deadline.  Key focus areas of NIS2 NIS2’s requirements […]

The National Institute of Standards and Technology (NIST) has released the latest iteration of its renowned Cybersecurity Framework (CSF), designed to help organizations mitigate cybersecurity risk.  The new CIST CSF 2.0 is aimed at organizations of all sizes in all sectors. What’s new in the NIST CSF 2.0?  NIST initially released the CSF in 2014 […]

As the cost of data breaches rises year over year, many organizations look to cyber insurance to protect themselves from potential losses. Even in supplier contracts, more companies are now making cyber insurance a prerequisite to do business.  However, cyber insurance is costly. Five years ago, obtaining coverage was easy and relatively cheap. But, today’s […]

Microsoft has revealed that Russian state-sponsored threat actors successfully breached its corporate email system, stealing sensitive email attachments and messages from the senior leadership team.  This was not a sophisticated attack based on zero days or vulnerability exploits. The attackers leveraged simple cloud misconfigurations and poor password management practices to breach the company.  All companies […]

In a recent security lapse, Mercedes-Benz inadvertently exposed a wealth of internal data when a private key, providing “unrestricted access” to the company’s source code, was found in a public GitHub repository.  Details about the Mercedes-Benz data exposure During an internet scan in January 2024, a threat hunter at RedHunt Labs stumbled upon a Mercedes […]

Data loss prevention (DLP) tools have long been a cause of frustration in the security operations center (SOC). Known for generating an overwhelming amount of false positives and being manually intensive to configure, many security teams see DLP as more of a burden than an asset.  But it’s not DLP, in itself, that’s the problem. […]