Security Experts:

long dotted


Human error led to the personal details of millions of Verizon customers being exposed online, but the telecoms giant has downplayed the incident [Read More]
Cloud security firm HyTrust acquires data visibility company DataGravity and raises $36 million in a funding round led by AVP [Read More]
Dell EMC provides patches and workarounds for vulnerabilities found in its Data Protection Advisor and ESRS Policy Manager products [Read More]
WikiLeaks publishes documents on BothanSpy and Gyrfalcon, tools used by the CIA to steal SSH credentials from Windows and Linux systems [Read More]
Researchers show side-channel attack on Libgcrypt, crypto library used by GnuPG, allows recovery of RSA secret keys [Read More]
The Automobile Association (AA) -- the UK's largest motoring organization with over 15 million members -- is being heavily criticized over its public handling of a major data incident that occurred in April. [Read More]
The UK's Information Commissioner's Office (ICO) has ruled that the Royal Free NHS Foundation Trust contravened the Data Protection Act when it provided the personal data of 1.6 million patients to Google-owned DeepMind. [Read More]
Google notifies employees that their information may have been stolen as a result of the recently discovered Sabre breach [Read More]
An analysis of the Alexa top 1 million websites with Mozilla Observatory showed significant improvements in the use of modern security technologies [Read More]
Kaspersky patches several vulnerabilities, including ones that allow code execution, in its Anti-Virus for Linux File Server product [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Alastair Paterson's picture
By using best practices to protect credentials, while at the same time monitoring for leaked credentials and changes in the tools attackers use, you can mitigate the risk of account takeovers to your organization.
Erin O’Malley's picture
The CIA conducts extensive background investigations and requires polygraph examinations to gain a security clearance, yet a malicious insider apparently made off with a trove of secret CIA hacking tools.
Ashley Arbuckle's picture
The healthcare industry has a lot to gain by digital transformation. However it also has a lot to lose if it doesn’t start with security as a foundation.
Travis Greene's picture
Whether US government officials improve their handling of classified information in the new administration or not, industry can certainty learn from the blunders and reduce risks.
Eddie Garcia's picture
To reduce the chances of falling victim to an insider-driven breach, security and risk professionals should start by learning what their available data can tell them.
Aditya Sood's picture
The cloud is here to stay, and so long as employees use cloud apps from within an organization’s firewall, we’ll always have to wrangle with Shadow IT, Shadow Data and the attendant problems and risks.
Steven Grossman's picture
Beginning November 30, 2016, DoD third party contractors will be required to establish and maintain an insider threat program.
Eddie Garcia's picture
This article explains how to encrypt data in a Hadoop cluster. The tools are available, and if you are brave enough, you could attempt this at home.
Eddie Garcia's picture
A common misconception about native HDFS encryption is the belief that the data is encrypted when written to disk on the data nodes like most disk encryption solutions.
Torsten George's picture
Google Dorking can be used to identify vulnerable systems and trace them to a specific place on the Internet.