Data and Information Security

Data and Information Security | News, how-tos, features, reviews, and videos

big data merger and acquisition big business smb
Feature

Top cybersecurity M&A deals for 2022

The shadow of hand unsettlingly hovers over a keyboard.
Opinion

FBI arrests social engineer who allegedly stole unpublished manuscripts from authors

computer keyboard delete trash
Opinion

Machine as insider threat: Lessons from Kyoto University’s backup data deletion

Kyoto University lost terabytes of data in a machine-as-an-insider scenario triggered by human error. Here are questions CISOs should ask to avoid a similar situation.

One avatar is uniquely identified among others at the center of a bullseye in a digital environment.
Feature

Protecting PII: Examples, laws, and standards

Personally identifiable information (PII), is any piece of data that could be used—either alone or when combined with other data—to identify an individual. Some types of PII are obvious, such as a name or Social Security number, but...

CSO > secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms
Feature

Top cybersecurity M&A deals for 2021

The cybersecurity market is hot, and vendors are buying competitors to solidify their position or acquiring other firms to expand their offerings.

human weak link cybersecurity primary
News

Supply chain attacks show why you should be wary of third-party providers

The weak link in your enterprise security might lie with partners and suppliers. Here’s how to understand and mitigate that risk.

video conferencing / remote work
Feature

9 video chat apps compared: Which is best for security?

Zoom, Microsoft Teams, Google Meet, Cisco Webex, FaceTime, Tauria, Signal, Wire and WhatsApp. What does their encryption look like? What are the trade-offs?

CSO > breakthrough / penetration testing / hammer breaking binary glass
Feature

11 penetration testing tools the pros use

Automated and open source tools can help you conduct web application, network, and database penetration tests.

Encryption > A conceptual technological lock and encrypted code.
Opinion

Collect today, decrypt tomorrow: How Russia and China are preparing for quantum computing

All encrypted data will eventually become vulnerable to quantum computing along with the secrets they hold.

cloud security / data protection / encryption / security transition
Feature

Avery Dennison overhauls DLP program in enterprise-wide effort

The company’s DataSafe initiative marries technology improvements and a new enterprise-wide security mindset.

eliminate insider threats 1
Opinion

What CISOs can learn from the US Navy insider who stole nuclear secrets

The theft of government secrets by Jonathan Toebbe and others raises the question: How should CISOs deal with insider threats who have had insider threat training?

Encryption > Encrypted data / hexadecimal code
Feature

Spike in encrypted malware poses dual challenge for CISOs

Faced with a surge in malware hidden in encrypted traffic, CISOs are being tasked with managing technical solutions while also adhering to privacy considerations.

An engineer reviews strategy framework data.
Feature

5 IT risk assessment frameworks compared

Formal risk assessment methodologies can help take guesswork out of evaluating IT risks if applied appropriately. Here is real-world feedback on using COBIT, OCTAVE, FAIR, NIST RMF, and TARA.

man with megaphone yelling buzzwords
Feature

11 cybersecurity buzzwords you should stop using right now

These cybersecurity buzzwords are inaccurate, outdated, misleading, or even harmful. Here's why they should be laid to rest.

mobile security / threat detection / traffic analysis
How-To

How to hack a phone: 7 common attack methods explained

Mobile security often beats PCs, but users can still be fooled and smartphones can still be hacked. Here’s what you need to watch for.

broken binary code matrix / breached / failed / hacked
Opinion

Twitch breach highlights dangers of choosing ease of access over security

Attackers essentially broke into the Twitch house and cleaned out everything. Following least-privilege access principles and encrypted datasets will help others avoid that scenario.

A magnifying lens examines top secret information amid binary code.
Feature

How corporate data and secrets leak from GitHub repositories

Attackers constantly search public code repositories like GitHub for secrets developers might inadvertently leave behind, and any tiny mistake can be exploited.

Threat assessment > Differentiating elements / good vs. bad / angel vs. devil amid abstract data.
Feature

7 deadly sins of Salesforce security

Your Salesforce system holds a lot of sensitive customer data. Don’t fall victim to one of these common sins, errors, and blindspots.

cso security hack breach water leak gettyimages 466029458 by firmafotografen 2400x1600px
News

Exchange Autodiscover feature can cause Outlook to leak credentials

A design issue in the Microsoft Exchange Autodiscover feature can cause Outlook and other third-party Exchange client applications to leak plaintext Windows domain credentials to external servers. Here’s what companies can do now to...

Encrypted blocks of multicolored data cubes rolling out.
Feature

Steganography explained and how to protect against it

Steganography is reasonably easy to implement yet difficult to detect, which is why threat actors use it to deliver malware, evade detection, and gain persistence.

Load More