Category Archive

This week, it was announced that the Chinese government was behind the massive 2017 Equifax data breach that exposed the information of 147 million people. Since Mandiant (now FireEye) exposed the People’s Liberation Army’s secretive hacking group in 2013, dozens of other state-sponsored groups, known as Advanced Persistent Threats (APTs), have been identified. These groups, sponsored by the likes of … Read More

How many times do you enter a username and password online every day? 10? 20? More? Passwords remain the universal choice for authentication on the Web. But, these strings of numbers, letters and symbols can be dangerous if they fall into the wrong hands. In more than two thirds of data breaches, stolen credentials are found to be at fault. … Read More

Are you providing the tools your company needs to do its job? You may get different — and surprising — answers depending on exactly who you ask. While you may feel that you are providing good service to your employees, they may have a different viewpoint. And that difference presents a serious security threat to your business. “Shadow IT” is … Read More

In the last few years, data-at-rest (DAR) encryption has exploded in popularity. Most smartphones now come with chips dedicated to encrypting the data stored on them. And after some high-profile data thefts involving external hard drives and laptops, more companies are now making use of technologies like BitLocker to secure data on devices that could be lost or stolen. Companies … Read More

You probably know Murphy’s Law: “Anything that can go wrong will go wrong.” Though we understand it as a statement of the cruelty of fate and the Universe, it actually has a deeper meeting for those who design systems that involve a human factor. Taken this way, Murphy’s Law can be summed up as: “If there are two ways of … Read More

Many organizations are taking a serious look at insider security threats. While we hope we can trust those who work for us, there have been numerous cases where employees or contractors have “gone rogue” and caused a major security breach for their organization. But insider threats don’t just refer to malicious activity. Accidental actions or oversights can lead to security … Read More

In addition to holiday sales and end-of-year promotions, you’ve likely noticed another common theme in your email inbox this month: “Notice of Privacy Policy Update”. That’s because on January 1, 2020, the California Consumer Privacy Act takes effect. This law, which was passed in 2018 and amended in 2019, is designed to regulate how companies store and use the personal … Read More