Data is the foundation of modern business strategies. Organisations are navigating a complex landscape to harness the power of their data effectively, from ensuring seamless integration and accessibility to upholding quality standards and compliance, all while fostering strategic data governance. In an era where data holds the key to unlocking AI capabilities and driving advanced analytics, the quest for leveraging sensitive data safely has never been more pressing.

In the first part of this blog series, we discussed the primary data security challenges identified as most significant for c-suite respondents from our executive research. In the ever-changing landscape of modern business, harnessing the full potential of data has become imperative for enterprises aiming to future-proof their operations. However, to truly unlock this potential, organisations must critically assess their approach to data security across three vital areas.

The Chinese espionage group Daggerfly, also known as Evasive Panda or Bronze Highland, has significantly upgraded its malware arsenal, allowing it to target a wide range of operating systems including Windows, Linux, macOS, and Android. This development marks a notable escalation in the group's cyber capabilities, as detailed in a recent analysis by Symantec.

In a significant development in the realm of data security, Verizon Communications has agreed to a $16 million settlement with the Federal Communications Commission (FCC) following a series of data breaches at its subsidiary, TracFone Wireless. The breaches, which occurred between 2021 and 2023, have led to increased scrutiny on Verizon's data protection practices and will result in mandatory improvements to its security measures.

Data backup is an important part of cybersecurity. Implementing appropriate data backup solutions may save both time and money. Understanding and adhering to current backup procedures is critical, as is partnering with IT workers. Imagine an organization experiencing a sudden hardware failure on their computer. Without proper backups, restoring critical records gets delayed or even impossible. If there is no backup policy in place, one must be created.

Personally Identifiable Information (PII) is any data that uniquely identifies an individual. This can range from apparent details like names and Social Security numbers to more subtle information like IP addresses and login IDs. The growing volume of data collected in our digital age amplifies the significance of distinguishing between sensitive and non-sensitive PII, given their different handling requirements and associated risks.

In the ever-evolving landscape of cybersecurity, API attacks pose significant threats to organizations. These attacks, particularly the low and slow variety, are notoriously challenging to detect and mitigate. Salt Security stands out as the premier solution for identifying and addressing these sophisticated threats, setting a benchmark that competitors struggle to match. Here’s why Salt Security is unparalleled in catching low and slow API attacks.

Vanta was founded on a mission to secure the internet and protect consumer data. We got our start in 2018 by automating compliance with information security frameworks like SOC 2, making it faster and easier for companies to demonstrate their security and unblock revenue.

Artificial intelligence (AI) has emerged as a promising solution to modernize power grids. The technology, alongside other upgrades like Internet of Things (IoT) connectivity, could make energy infrastructure more reliable and sustainable. However, AI power grids also pose significant cybersecurity risks. Attacks against critical infrastructure are becoming more common. As energy authorities ramp up their investments in AI, they should pay attention to these risks to enable a safer tech transformation.

Accuracy is important in just about everything we do, so it’s difficult to think of a situation in which one can be too exact. But it’s not impossible.

In November 2023, while conducting a security assessment on a client’s instance of the Oracle Integration Cloud Platform, I discovered a medium severity vulnerability nestled within the handling of the “consumer_url” URL parameter. This flaw unveiled a Cross-Site Scripting (XSS) vector that could be exploited by a user with malicious intent.