A little while back in December 2020, the Office of Civil Rights (OCR) issued a Notice of Proposed Rulemaking (NPRM), notifying us of upcoming augmentations to the HIPAA Privacy Rule. Three years and a lot of back and forth later, and it looks like those changes are about to be finalized into law. While we […]
Data security news & resources
Lessons from Reddit data breach of internal documents and source code
News just in! Reddit, the hugely popular social news website and forum, has suffered a data breach. How did it happen? What did hackers steal? Should you be worried? We’ll answer all that and more below. Let’s dive in. How did the Reddit breach happen? As with many breaches these days, the Reddit incident has […]
Psychology, security & SaaS: A better approach to security awareness training
Human error and negligence are among the top causes of data breaches and leaks today. Most organizations have cybersecurity awareness initiatives in place, but these programs fail to drive impactful, long-term change. Why? Well, research shows it’s probably because your people haven’t been given the right ‘nudge.’ Cybersecurity through the eyes of psychology Five years […]
What is shared cybersecurity defense?
Hands up if your organization uses cloud applications like Microsoft 365, Google Workspace, Slack or AWS? If you do, you’re in the majority. It’s estimated that 90% of companies use the cloud. It’s a huge part of the future of work. But the cloud is complex—especially when it comes to security. This is because it […]
How to avoid holiday cybersecurity scams?
It’s October: the start of fall, the impending holiday season and, of course, cybersecurity awareness month. While you might not initially think thanksgiving, Black Friday and cybersecurity have much in common, there’s actually a lot to know about, especially when it comes to phishing. You see, there’s been a general trend in recent years of […]
Why does the $1.8B fine on US big banks make data loss prevention essential for all financial services firms?
This week, The U.S. Securities and Exchange Commission (SEC) hit more than a dozen banks with fines totaling almost $2 billion. The likes of Bank of America, Barclays, Morgan Stanley and more must pay $125 million each to the SEC for improper use of messaging apps, collaboration tools and other unauthorized services for communication, without […]
How to win at cybersecurity training for remote & hybrid employees
If you’re like most organizations with knowledge workers, you probably allow your employees to work remotely at least some of the time. This trend is on the rise and, by 2028, it’s expected that 75% of organizations across the world will enable hybrid and remote work. While the work-from-anywhere approach has its perks, it also […]
5 lessons to be learned from Twitter whistleblower allegations
You’d think that a technology company as large and influential as Twitter would be hot on the case of data privacy and cyber security. Well, recent allegations claim the opposite is true. This week, an 84-page whistleblower report hit the headlines, featuring damning allegations about Twitter’s security practices. This is a report with weight. It […]
How did Cisco get hacked?
Overview of the Cisco data breach On Wednesday, August 10th, 2022, the networking giant, Cisco, confirmed that it suffered a data breach on 24th May of this year. Below, we’ll talk you through how the hack happened, what data was lost and who was responsible. We’ll also discuss key learnings from the incident, so you […]
What is a software bill of materials?
A SBOM is an inventory of metadata. It enables developers to track each of the components used to create their customized software.
4 tips for training & enforcing data compliance
69% of employees have received cybersecurity training from their employers, yet 61% fail basic security tests. What’s going amiss?