The Data Security and Protection Toolkit (DSP Toolkit) is an NHS operated online tool that enables organisations in benchmarking their security against the National Data Guardian’s 10 Data Security Standards (NDG Standards).

The Gramm-Leach-Bliley Act, known as the GLBA, was passed in 1999 under President Clinton. The goal of the GLBA was to update and modernize the financial industry. Today, it’s primarily used to protect customer and consumer information, with steep penalties for financial institutions that violate its privacy rules. Here’s what you need to know about the GLBA and its regulations.

The increasing prevalence of data breaches was discussed often in 2021 as enterprises such as LinkedIn, Colonial Pipeline, and Volkswagen were breached, exposing massive volumes of personal information and causing damage worth millions of dollars.

Our team has been hard at work with continuous updates to improve and streamline the Nightfall DLP platform. We wanted to share with you the latest platform updates guaranteed to improve the speed at which security administrators and teams will be able to remediate incidents. Here’s what’s new.

Skip below to the results, otherwise read on to learn more about our specific use case.

This is a data-driven era. Every day tons of data are generated and it is a herculean task to manually provide security to all the data that is produced. Large enterprises generate huge amounts of data that are maintained by ERP systems like SAP. Transactions with third-party vendors and partners happen almost every day with lots of data being exchanged.

Observability (logs, traces, metrics) is a core tenet to building strong software systems. Logs are used to debug issues and check on system activity, traces provide valuable insights into system performance and architecture, and metrics allow engineering teams to closely track business metrics within their systems.

As businesses and health organizations seek to strengthen cybersecurity, they’re turning frequently to compliance frameworks to help prioritize, guide, and improve decision-making and implementation. Two of the more popular compliance frameworks are the NIST CSF and the ISO 27001. For IT teams seeking to better understand the difference between these frameworks, as well as which is the ideal tool for their business, here’s what to know.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week let’s zoom in on Privacy Enhancing Technologies (PETs), which deals with the common, yet pressing concern of data privacy and security. Illustrated by Balaji K R

Conversations about consumer data privacy grow louder each year, with the news headlines to match. Trust in the technology sector is now at an all-time low and customers are increasingly concerned about the privacy of their personal information. It’s become a serious topic that all business owners need to follow, not just security specialists and tech bloggers.

2021 was the year of ransomware. You couldn’t watch or read the news without hearing about another business falling victim. Cybersecurity Ventures estimates that a ransomware attack took place every 11 seconds in 2021, with global damages reaching an estimated $20 billion – that is 57x more than it was in 2015. Unfortunately, the reality is that ransomware is here to stay, and every organization, regardless of industry or size, is a potential target.

Data exfiltration, quite simply, is the risk of your data ending up somewhere it doesn’t belong. Though this definition might seem simple, understanding this risk is quite complicated — especially as companies migrate their data into the cloud. Companies that work remotely using cloud platforms like Google Drive, AWS, or Jira often struggle to maintain the visibility needed to ensure their data remains secure.

PII, or Personally Identifiable Information, is any information that directly or indirectly identifies an individual, such as name, address, payment information, or contact information. The U.S. The Department of Homeland Security defines a second category of PII: Sensitive PII, which includes Social Security Numbers, driver’s license numbers, Alien Registration numbers, financial or medical records, biometrics, and criminal history.

Have you considered how often your phone number has been shared? Most of us give out our cell phone numbers all the time – to friends, acquaintances, colleagues, and even big, monolithic, impersonal companies. We may even print them on business cards or list them on public forums. A cell phone is no longer just a way to contact someone to engage in conversation.

Your Microsoft 365 data is a prime target for ransomware. Attackers know that Microsoft 365 lives directly in the path of business-critical operations now more than ever. As highlighted by Mandiant – one of the industry's leading cyber security firms – this translates to “targeted threat groups investing a lot of time and money into understanding Office 365 and understanding how to attack it.”

Data loss can cause tremendous damage to a business. It diminishes trust in your brand and can lead to financial losses from lawsuits, fines for non-compliance, and theft of intellectual property. Data loss prevention (DLP) is the set of practices and tools designed to prevent data leakage through intentional and unintentional misuse. These practices and tools include encryption, detection, preventative measures, educational pop-ups, and even machine learning to identify vulnerabilities.

Unstructured data is data that cannot be processed and analyzed using conventional data tools and methods: qualitative data, such as customer feedback or social media posts are considered unstructured data. Unstructured data is particularly prevalent in the healthcare industry, where patient records, doctors’ notes, and other unstructured data can make upward of 80% of data within a healthcare organization.