Data and Information Security

Data and Information Security | News, how-tos, features, reviews, and videos

CSO  >  secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms
broken binary code matrix / breached / failed / hacked

A magnifying lens examines top secret information amid binary code.

How corporate data and secrets leak from GitHub repositories

Attackers constantly search public code repositories like GitHub for secrets developers might inadvertently leave behind, and any tiny mistake can be exploited.

Threat assessment  >  Differentiating elements / good vs. bad / angel vs. devil amid abstract data.

7 deadly sins of Salesforce security

Your Salesforce system holds a lot of sensitive customer data. Don’t fall victim to one of these common sins, errors, and blindspots.

cso security hack breach water leak gettyimages 466029458 by firmafotografen 2400x1600px

Exchange Autodiscover feature can cause Outlook to leak credentials

A design issue in the Microsoft Exchange Autodiscover feature can cause Outlook and other third-party Exchange client applications to leak plaintext Windows domain credentials to external servers. Here’s what companies can do now to...

Encrypted blocks of multicolored data cubes rolling out.

Steganography explained and how to protect against it

Steganography is reasonably easy to implement yet difficult to detect, which is why threat actors use it to deliver malware, evade detection, and gain persistence.

database data center network security

12 database security landmines, failures, and mistakes that doom your data

Lapses in protecting databases are common and attackers know it. Here are the top database weaknesses they try to exploit.

A man casts the shadow of an ominous hooded figure against a circuit-based wall.

Proofpoint lawsuits underscore risk of employee offboarding

Nearly every employee leaving a company takes data or intellectual property, but few companies adequately screen and monitor for it. Recent court cases underscore the risk.

Insider threats  >  Employees suspiciously peering over cubicle walls

China theft of US agriculture sector trade secrets prompts government guidance

China and other countries have used insiders to steal intellectual property from agricultural research. The government has responded with guidance for identifying insider threats.

radar grid / computer circuits / intrusion detection / scanning

LockFile ransomware uses intermittent encryption to evade detection

This newly discovered ransomware works fast, has multiple ways to avoid detection, and preys on Windows systems with known vulnerabilities.

Data Security

Java deserialization vulnerabilities explained and how to defend against them

Java provides a means to conveniently serialize data to maintain its integrity as it's sent over a network. Attackers can exploit vulnerabilities in the deserialization process if there aren't safeguards in place.

A magnifying lens examines top secret information amid binary code.

Intellectual property protection: 10 tips to keep IP safe

Your company's intellectual property, whether that's patents, trade secrets or just employee know-how, may be more valuable than its physical assets. This primer covers everything from establishing basic policies and procedures for IP...

The shadow of hand unsettlingly hovers over a keyboard.

Recent shadow IT related incidents present lessons to CISOs

Employee use of unauthorized applications and services have resulted in high-profile data losses and exposure. CISOs need to understand why shadow IT exists before they can address it.

A binary eye sits within the center of a targeted virtual framework.

Apple plan to scan users’ iCloud photos raises new fears of government-mandated data access

Experts argue that Apple is clearing a path for governments to gain access to their citizens' data--essentially an encryption backdoor.

CSO > global security

CSO Global Intelligence Report: The State of Cybersecurity in 2021

The message is clear in a fresh survey of 2,741 security, IT, and business professionals around the world: The damage from attacks is widespread and organizations are increasing security budgets to fend off further impact.

security trust

Secure multiparty computation explained: Ensuring trust in untrustworthy environments

Secure multiparty computation is a collection of algorithms that allow people to work together over a network to find a consensus or compute a value and have faith that the answer is correct. Everyone contributed fairly and there was...

lock circuit board bullet hole computer security breach

The 15 biggest data breaches of the 21st century

Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.

database data center futuristic technology

11 technologies improving database security

The database does not have to be a security and privacy liability. These technologies can reduce risk and help ensure regulatory compliance.

GDPR data privacy / data protection / security / risk management

What is personally identifiable information (PII)? How to protect it under GDPR

The EU's General Data Protection Regulation requires companies to protect the privacy of their EU customers. That means keeping personally identifiable information (PII) safe. Here's what you need to know.

Dark net warning sign against black and yellow warning stripes in the background.

What is the dark web? How to access it and what you'll find

The dark web is part of the internet that isn't visible to search engines and requires the use of an anonymizing browser called Tor to be accessed.

Load More