Security analytics has become an increasingly popular field as more and more organizations take a different tact to cybersecurity. Historically, IT teams focused on prevention and protection, but today’s priority is detection. Hackers tend to use a wide range of ever-changing tools to exploit vulnerabilities. It can feel like whack-a-mole to constantly try to defend against evolving threats.
If you ask the question “who is responsible for a company’s cybersecurity,” the answer you’ll most likely hear is no longer the CTO, or the IT department, but instead the CEO. In fact, Gartner believes that 75% of CEOs will be held personally liable for cyber and physical breaches by 2024. That means there’s no more passing the buck on this complex issue.
From our beginnings as childhood friends to coming up together in the tech industry, Isaac and I would catch up on our adventures as professionals working in Silicon Valley: him in the VC world, and me as an engineer at Uber Eats. We’re both very interested in entrepreneurship, so we would always come back to discussing various business ideas, including a topic we’d both become intrigued with — the existing challenges enterprises faced with cloud data security.
Controlling access to sensitive data is tough. Be too restrictive, and your employees run into too many roadblocks to do their jobs effectively. Too loose, and you are effectively guaranteeing that your organization will find itself on the front page as a victim of one of the many data breaches happening every day. That is why it is important to craft an effective data security strategy: one that relies on automation and oversight to ensure the privacy of your users’ data.
If you receive a Data Subject Access Request (DSAR) today, what will you do? How does your organization respond to a request from a customer who wants to know what personal data you have and how you use it? What if a customer requests the “right to be forgotten”? How do you know you have deleted every instance of personal data from all locations in your company? Will you be able to respond quickly and completely?
‘Privacy by design’, or as it’s now known, ‘data protection by design and default’, refers to Article 25 of the UK GDPR. This principle makes it a legal obligation for controllers to implement organisational controls which ensure data protection issues are addressed at the design stage of any project. But what does the regulation mean when it refers to organisational controls?
Rubrik can gracefully backup hosts with petabyte-scale filesystems containing around a billion files. It took us focused effort and innovation, both in scaling existing systems and verifying the changes work before shipping to our customers. One of the innovative systems that helped us achieve this scalability is the FileSystem Simulator.
A new day, a new wave of S3 leaks… Cloud misconfigurations continue to be a major concern for organizations and a constant source of data leaks. A recent report by IBM has revealed that misconfigurations are behind two-thirds of cloud security incidents.
Nightfall, the leading cloud-native data protection platform, has successfully achieved Service Organization Control (SOC) 2 Type 2 compliance. Nightfall is the first cloud-native data loss prevention vendor to complete this certification and meet the American Institute of Certified Public Accountants (AICPA) criteria for managing customer data.
Chat and messaging systems have helped customer experience teams expand and improve the services they offer through instant communications. As customers reach out to your business via platforms like Intercom, they can often share personal information like personally identifiable information (PII), credentials, email addresses, and credit card numbers (for PCI compliance) in their messages.
With the rapid growth of ransomware attacks, enterprises all share the same concern: “If we get hit by ransomware, can we recover?” The reality is, when traditional security products fail and data is compromised, the stakes are high, and IT and Security teams are often left on their own. So we asked ourselves, can we give them the ultimate assurance that Rubrik will be there for them?
The impact of Data Exfiltration, which is the act of copying or transferring data from a computer or server without authorization, has increased over the years and it can be difficult to detect because data is transferred regularly for normal business purposes. If not monitored accurately, company data can be stolen without anyone being aware. Companies in every industry, no matter the size, have sensitive data that must remain private (e.g. PHI, PII, PCI).
The Nightfall blog is a knowledgebase for cybersecurity professionals with news and insights from the world of cloud security. Each week, we’re publishing new content to help you stay up-to-date on cybersecurity topics and to prepare you for the issues and threats that occur every day on the job.
Protecting your data is an important component of your cyber risk management plan, and one that involves a certain level of preparedness for an event like a data breach. Even the best cybersecurity efforts, however, will still fail at some point — when attackers abscond with your organization’s confidential data, either to resell it on the dark web or to post it for all the world to see.
Covid-19 pushed the boundaries of both healthcare and technology providers, and nudged people to finally embrace telehealth services. In fact, telehealth has proven to be the next frontier for the healthcare industry as it minimizes the need for in-person patient, clinic, or hospital visits which prevents overwhelming our healthcare systems. A McKinsey report shared that the use of telehealth in the US in 2021 surged 38 times compared to pre-pandemic levels.
When your customers reach out for help, they send messages to your support team that likely contain personal information. Help desk ticketing systems can often harvest for personally identifiable information (PII) like email addresses and credit card numbers, while healthcare providers using ticketing systems may request protected health information (PHI) like patient names and health insurance claim numbers or phone numbers.
At the Rubrik Data Security Summit, leaders from both the public and private sectors discussed an important topic: ransomware. Cyber threats continue to expand in both volume and sophistication with attacks growing at a rate of 150% annually. As attackers increasingly target backups, it will be even more paramount for policies and guidance from government agencies to match the security innovation of private sector businesses to mitigate the risks of this cyber pandemic head-on.
The popularity of cloud services has soared in recent years, as ever more companies move towards a remote or hybrid workplace model. While cloud computing comes with many benefits, it can also create new vulnerabilities that might give criminals access to your sensitive data. If your company is using cloud technology, you need to make sure that your data is secure. Keep reading to learn what threats affect cloud services and what you can do to keep your cloud safe.
