Cybersecurity awareness is an increasingly hot topic, especially during this year’s Cyber Security Awareness Month. There are many things individuals and organisations can do to improve their awareness around security, helping to protect data confidentiality. In this blog post, we will discuss some essential tips for securing your data coming to the end of this important month.

Recently, we caught up with Frank Kyazze, Privacy Director here at Kintent, to chat about his experience at the Data Connectors conference in Dallas last month. Frank had the opportunity to serve on the “Protecting Against Cyber Attacks” discussion panel while in attendance. Frank took part in the panel, discussing how now more than ever, it is imperative for organizations to be vigilant against bad actors.

In the early days of internet security, an access-centric security model made sense. Access lists on routers were complemented by firewalls and, later, intrusion detection systems. Given the processing capacity available at the time, this was absolutely adequate and appropriate for protecting a website, even with e-commerce. But that was the 1990s, and the internet has become so much more than websites with some shopping capabilities. Now, it’s the backbone of our society.

The threat landscape in IT is ever-evolving, with new risks arising practically daily. Trying to anticipate the next type of threat can feel a little like playing whack-a-mole. Instead, IT teams are focusing on vulnerability management: reducing the opportunities for hackers and other bad actors to find a weakness in cyber defenses. Vulnerability management is an iterative process that allows companies to proactively defend valuable assets, no matter how the threat landscape changes.

Despite the increase in cloud adoption, many organizations are still hesitant to move their confidential and highly sensitive data to the cloud. It’s not uncommon for companies to have concerns about being able to maintain the privacy, integrity, and security of their data when they migrate to the cloud or leverage cloud services. This is especially true for organizations that operate in highly regulated industries, such as healthcare, financial services, insurance, and the public sector.

Data encryption goes back to ancient civilisations that used forms of message concealment, in peace as well as in wartime. The Egyptians used Disordered Hieroglyphics, the Greeks Steganography, the Spartans Scytale and the Romans, the Caesar Shift Cypher. While these basic methods laid the foundations for modern cryptography, what has evolved are two fundamental approaches based on complex mathematics: symmetric and asymmetric encryption.

Data encryption is a bit like insurance - we all know we need it (a necessary evil you might say), but it’s difficult to decide what we need to protect, and with an increasing amount of options out there, it’s a mission in itself to find the right provider. That’s probably why when we take out insurance we tend to only get coverage when we feel it’s absolutely necessary – for example, for our property, our cars and when we travel.

Now that remote work has become the norm, employees are taking advantage of this opportunity to travel the globe and work from anywhere in the world—as long as it’s within company policy. With the rise of digital nomads, it is important that you know how to keep yourself safe from cyberattacks when working remotely from city to city. This blog will help you understand what you need to do to secure your data as a digital nomad.

With the rise of cloud-based applications, data loss prevention (DLP) has become an increasingly important part of information security. DLP refers to the policies and technologies used to prevent sensitive data from being lost or stolen. In the context of SaaS, this can include both the security measures implemented by the SaaS provider and the steps taken by the customer to protect their data.

In the past when organizations had a new security need, they would meet that need by purchasing a new security product. But that approach is how we ended up with an average of 76 security tools per enterprise, according to a 2021 survey from Panaseer. You may have a lot of tools, but that doesn’t mean your information is protected.

In its 2022 Cost of a Data Breach report, IBM notes that for 83% of companies, it’s not if a data breach will happen — but when. The sheer volume of data, as well as the difficulty in monitoring shadow IT and the shift to remote work, means that IT security teams face a persistent and ever-changing risk landscape that makes it extremely difficult to keep information secure. Protecting sensitive data starts with data discovery.

Schools and non-profits share the same problem when it comes to cybersecurity budgeting: limited resources which forces a choice between staff with the right expertise and effective tools that work for the organisation.

Register Now Nearly every day, news articles showcase big-name companies that became victims of cyberattacks and the hundreds of millions of dollars of loss it will have on their business. These headlines should not be surprising when you look at the data. The number of ransomware detected in Q1 2022 alone was double that of the whole year of 2021.

According to a 2021 study by UpGuard, over 51% of analyzed Fortune 500 companies were unknowingly leaking sensitive metadata in public documents - data leaks that could be very useful in a reconnaissance campaign preceding a major data breach. Without timely detection solutions, all corporate (and personal) accounts impacted by data leaks are at a critical risk of compromise, which also places any associated private internal networks at a high risk of unauthorized access and sensitive data theft.

Today, we are delighted to announce that Nightfall has launched the first and only DLP solution for Asana. As part of this launch, Nightfall has joined the Asana Partner program as an official Technology Partner. Nightfall’s solution for Asana builds comprehensive data protection into the Asana app.

The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996 and sets forth a comprehensive set of standards for protecting sensitive patient health information. The Privacy Rule applies to all entities that fall within the definition of a “covered entity“, which generally includes healthcare providers, health plans, and clearinghouses.

As a CIO, you are responsible for safeguarding your company's data. This includes both protecting it from accidental loss and preventing unauthorized access. A Data Loss Prevention or dlp solution can help.

The FTC Safeguards Rule, is a set of regulations promulgated by the Federal Trade Commission in order to protect the privacy of consumers’ personal information. The Rule requires financial institutions to develop, implement, and maintain a comprehensive information security program designed to safeguard customer information.

When two companies merge, there is typically a lot of data that needs to be transferred between the two organizations. This data may include confidential information such as customer records, financial reports, and employee data. If this data falls into the wrong hands, it could be used to commit fraud or theft. That’s where data loss prevention (DLP) comes in.

As an employer, you have both a moral and legal obligation to shore up sensitive information about your employees. Sensitive information includes genetic and biometric data, medical records, SNNs (social security numbers), and criminal history records, just to name a few. Fail to do so, and you will open yourself up to loads of risk. Hackers are constantly on the hunt for applicant and employee data that they can further sell on the dark web or use to perpetrate fraud.

The number of secrets exposed in public repositories is staggering. With reports in 2021 reaching up to 6 million secrets detected, an increase of 50% from 2020. Secret sprawl is part of every organization, but it is a plague on the open-source world of software development. Even if your organization has a top-notch security-aware culture, human error will inevitably cause secrets to leak and data to be lost or compromised.

Strong data loss prevention requires two things: a strong policy that guides user actions and permissions, and the tools to monitor and manage data security. Many organizations know they need to invest in software, platforms, and other security settings to create secure networks, endpoints, and cloud settings. But not every organization has a strong DLP policy to guide these tools. Many compliance regimes require companies to record data loss prevention policies.