Data and Information Security

Data and Information Security | News, how-tos, features, reviews, and videos

CSO > secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms
Feature

Top cybersecurity M&A deals for 2021

broken binary code matrix / breached / failed / hacked
Opinion

Twitch breach highlights dangers of choosing ease of access over security

A magnifying lens examines top secret information amid binary code.
Feature

How corporate data and secrets leak from GitHub repositories

Attackers constantly search public code repositories like GitHub for secrets developers might inadvertently leave behind, and any tiny mistake can be exploited.

Threat assessment > Differentiating elements / good vs. bad / angel vs. devil amid abstract data.
Feature

7 deadly sins of Salesforce security

Your Salesforce system holds a lot of sensitive customer data. Don’t fall victim to one of these common sins, errors, and blindspots.

cso security hack breach water leak gettyimages 466029458 by firmafotografen 2400x1600px
News

Exchange Autodiscover feature can cause Outlook to leak credentials

A design issue in the Microsoft Exchange Autodiscover feature can cause Outlook and other third-party Exchange client applications to leak plaintext Windows domain credentials to external servers. Here’s what companies can do now to...

Encrypted blocks of multicolored data cubes rolling out.
Feature

Steganography explained and how to protect against it

Steganography is reasonably easy to implement yet difficult to detect, which is why threat actors use it to deliver malware, evade detection, and gain persistence.

database data center network security
Feature

12 database security landmines, failures, and mistakes that doom your data

Lapses in protecting databases are common and attackers know it. Here are the top database weaknesses they try to exploit.

A man casts the shadow of an ominous hooded figure against a circuit-based wall.
Opinion

Proofpoint lawsuits underscore risk of employee offboarding

Nearly every employee leaving a company takes data or intellectual property, but few companies adequately screen and monitor for it. Recent court cases underscore the risk.

Insider threats > Employees suspiciously peering over cubicle walls
Opinion

China theft of US agriculture sector trade secrets prompts government guidance

China and other countries have used insiders to steal intellectual property from agricultural research. The government has responded with guidance for identifying insider threats.

radar grid / computer circuits / intrusion detection / scanning
News Analysis

LockFile ransomware uses intermittent encryption to evade detection

This newly discovered ransomware works fast, has multiple ways to avoid detection, and preys on Windows systems with known vulnerabilities.

Data Security
Feature

Java deserialization vulnerabilities explained and how to defend against them

Java provides a means to conveniently serialize data to maintain its integrity as it's sent over a network. Attackers can exploit vulnerabilities in the deserialization process if there aren't safeguards in place.

A magnifying lens examines top secret information amid binary code.
Feature

Intellectual property protection: 10 tips to keep IP safe

Your company's intellectual property, whether that's patents, trade secrets or just employee know-how, may be more valuable than its physical assets. This primer covers everything from establishing basic policies and procedures for IP...

The shadow of hand unsettlingly hovers over a keyboard.
Opinion

Recent shadow IT related incidents present lessons to CISOs

Employee use of unauthorized applications and services have resulted in high-profile data losses and exposure. CISOs need to understand why shadow IT exists before they can address it.

A binary eye sits within the center of a targeted virtual framework.
News Analysis

Apple plan to scan users’ iCloud photos raises new fears of government-mandated data access

Experts argue that Apple is clearing a path for governments to gain access to their citizens' data--essentially an encryption backdoor.

CSO > global security
Feature

CSO Global Intelligence Report: The State of Cybersecurity in 2021

The message is clear in a fresh survey of 2,741 security, IT, and business professionals around the world: The damage from attacks is widespread and organizations are increasing security budgets to fend off further impact.

security trust
Feature

Secure multiparty computation explained: Ensuring trust in untrustworthy environments

Secure multiparty computation is a collection of algorithms that allow people to work together over a network to find a consensus or compute a value and have faith that the answer is correct. Everyone contributed fairly and there was...

lock circuit board bullet hole computer security breach
Analysis

The 15 biggest data breaches of the 21st century

Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.

database data center futuristic technology
Feature

11 technologies improving database security

The database does not have to be a security and privacy liability. These technologies can reduce risk and help ensure regulatory compliance.

GDPR data privacy / data protection / security / risk management
Feature

What is personally identifiable information (PII)? How to protect it under GDPR

The EU's General Data Protection Regulation requires companies to protect the privacy of their EU customers. That means keeping personally identifiable information (PII) safe. Here's what you need to know.

Dark net warning sign against black and yellow warning stripes in the background.
The State of CybersecurityBy

What is the dark web? How to access it and what you'll find

The dark web is part of the internet that isn't visible to search engines and requires the use of an anonymizing browser called Tor to be accessed.

Load More