Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

May 2024

tripwire

Data Destruction: The Final Line of Defense Against Cyber Attacks

May 29, 2024 By Chester Avey In Tripwire
Data is the lifeblood of modern organizations, and while watertight data protection policies are undeniably crucial, the need for robust data destruction methods has never been more pressing. Ultimately, all parties and vendors in your supply chain trust you to maintain the integrity of their data. Once that data is no longer needed, transparency about its whereabouts is vital.
Read Post
levelblue

Volatile Data Acquisition on Linux Systems Using fmem

May 29, 2024 By Kushalveer Singh Bachchas In LevelBlue
The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article. Memory forensics is a critical aspect of digital forensics, allowing investigators to analyze the volatile memory of a system to uncover evidence of malicious activity, detect hidden malware, and reconstruct system events.
Read Post

Nightfall's Firewall for AI

May 22, 2024 By Nightfall In Nightfall
From customer service chatbots to enterprise search tools, it’s essential to protect your sensitive data while building or using AI. Enter: Nightfall’s Firewall for AI, which connects seamlessly via APIs and SDKs to detect sensitive data exposure in your AI apps and data pipelines. With Nightfall’s Firewall for AI, you can… … intercept prompts containing sensitive data before they’re sent to third-party LLMs or included in your training data.
View Video
riscosity

DFPM and DSPM: Two Steps Towards Modernizing Data Security

May 22, 2024 By Anirban Banerjee In Riscosity
Data security is evolving. This evolution is making the need to understand what is going on with your data more critical. Teams need to be able to answer questions like, where is data being stored? Which vendor or team is using it? When is sensitive data being used? Where is data being sent?
Read Post
archTIS

DFARS 7012 Class Deviation and NIST 800-171 Rev 3 Guidance for DIBs

May 21, 2024 By Irena Mroz In archTIS
NIST 800-171 revision 3 was released on May 14, 2024, prompting DoD to issue an indefinite class deviation for DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting (DFARS 7012). US Defense Industrial Base (DIB) contractors must now comply with NIST SP 800-171 revision 2 rather than the version in effect at the time the solicitation is issued, as was previously required.
Read Post
nightfall

Is Slack using your data to train their AI models? Here's what you need to know.

May 21, 2024 By Rohan Sathe In Nightfall
AI is everywhere—but how can you be sure that your data isn’t being used to train the AI models that power your favorite SaaS apps like Slack? This topic reached a fever pitch on Hacker News last week, when a flurry of Slack users vented their frustrations about the messaging app’s obtuse privacy policy. The main issue?
Read Post
securitysenses

What Are the Benefits of Using Data Masking Software in Ensuring Security?

May 19, 2024 By SecuritySenses In SecuritySenses
Businesses face a crucial challenge of safeguarding sensitive data while ensuring compliance and enabling seamless operations. Data masking software emerges as a powerful solution, striking a balance between robust protection and practical utility. This innovative technology transforms sensitive information into fictitious yet realistic data, rendering it unrecognizable to unauthorized individuals while preserving integrity for legitimate uses.
Read Post

How to Protect Your Business From API Data Leaks

May 16, 2024 By Panoptica In Panoptica
Application Programming Interfaces (APIs) are rapidly becoming the primary attack vector for cloud native applications. In fact, according to one study, 92% of organizations have already experienced a security incident resulting from insecure APIs. This is because loosely coupled microservices predominantly intercommunicate via APIs. In this video, we will analyze a ‘ripped from the headlines’ case-study example of data leakage via insecure APIs. Then we will examine various API vulnerabilities that can be exploited by attackers to enable data leaks, including Broken User Authentication (BUA), Broken Object Level Authentication (BOLA), and Broken Function-Level Authentication (BFLA).
View Video
teramind

The Top 8 Endpoint DLP Solutions in 2024

May 16, 2024 By Taran Soodan In Teramind
Endpoint Data Loss Prevention (DLP) solutions are critical tools for organizations looking to safeguard sensitive information from insider threats, unintentional leaks, and external attacks. These solutions monitor, detect, and block the transfer of valuable data outside company networks, ensuring compliance with data protection regulations. In this post, we’ll explore the top eight endpoint DLP solutions that offer robust security features, ease of use, and integration capabilities.
Read Post
keeper

How Do Cybercriminals Gather Personal Information About Their Targets?

May 16, 2024 By Aranza Trevino In Keeper
Cybercriminals gather personal information about their targets by using social engineering techniques, looking at social media accounts and collecting data that gets leaked from public data breaches. The more personal information a cybercriminal can collect about their target, the easier it is for them to launch cyber attacks that their targets will easily fall for. Continue reading to learn more about how cybercriminals gather their target’s personal information and how you can keep your data safe.
Read Post
keeper

How Should Sensitive Information Be Stored?

May 15, 2024 By Aranza Trevino In Keeper
When we think about storing sensitive information, two types of information come to mind: digital data and physical data. While physical data can be securely stored in a physical vault, digital data should be stored in an encrypted cloud storage solution to protect it from common cyber threats. Continue reading to learn the best ways to store your sensitive physical and digital information, plus the storage methods to avoid.
Read Post
nightfall

Building your own AI app? Here are 3 risks you need to know about-and how to mitigate them.

May 14, 2024 By Brian Hutchins In Nightfall
After the debut of ChatGPT, and the ensuing popularity of AI, many organizations are leveraging large language models (LLMs) to develop new AI-powered apps. Amidst this exciting wave of innovation, it’s essential for security teams, product managers, and developers to ensure that sensitive data doesn’t make its way into these apps during the model-building phase.
Read Post
nightfall

5 things you need to know to build a firewall for AI

May 13, 2024 By Brian Hutchins In Nightfall
Everywhere we look, organizations are harnessing the power of large language models (LLMs) to develop cutting-edge AI applications like chatbots, virtual assistants, and more. Yet even amidst the fast pace of innovation, it’s crucial for security teams and developers to take a moment to ensure that proper safeguards are in place to protect company and customer data.
Read Post

Improve Data Governance with DSPM Classification

May 13, 2024 By Lookout In Lookout
Businesses struggle to find and protect sensitive data scattered across various sources. Manual tagging for classification is error-prone and inconsistent. Data Security Posture Management (DSPM) automates discovery, classification, and remediation – finding sensitive data, applying consistent tags, and fixing past mistakes. This ensures efficient and accurate data security, especially with ever-growing data volumes.
View Video

Secure Collaboration with DSPM Access Controls

May 13, 2024 By Lookout In Lookout
Cloud storage is convenient but misconfigured access can expose data. Data Security Posture Management (DSPM) finds publicly accessible files and folders, fixing them to prevent leaks. It also tackles hidden risks in folder sharing by detecting sensitive information and preventing accidental oversharing. By automatically fixing these issues, DSPM keeps your cloud data secure while enabling collaboration.
View Video

Protect Data-at-Rest with DSPM Encryption

May 13, 2024 By Lookout In Lookout
Data breaches threaten valuable info like PII and financial records. Data Security Posture Management (DSPM) with AI helps you find sensitive data and secure it. Encryption scrambles data using keys you can customize. DSPM automates encryption and enforces data protection policies to keep your information safe.
View Video

The Australia's Data Privacy Report Impacts Business Data Protection | Protegrity

May 10, 2024 By Protegrity In Protegrity
We’re entering an age where technology is quickly surpassing us, with advancements and capabilities outshining any other time in history. As businesses look to evolve with emerging technologies, so do regulatory requirements designed to protect PII used in creating these systems and programs. If the stakes weren’t high enough, the 2024 Australian Data Privacy Act is shifting full data responsibility back onto businesses, holding big enterprises to a more significant standard in their data ownership.
View Video
archTIS

The 2024 Cybersecurity Excellence Awards Recognizes archTIS Products as Winners in Data-centric Security and National Cyber Defense

May 8, 2024 By Irena Mroz In archTIS
archTIS is excited to share that the company has been honored with two significant awards in the 2024 Cybersecurity Excellence Awards. Our products, Kojensi and NC Protect, have been recognized in the National Cyber Defense and Data-centric Security categories. We are proud to be acknowledged by the Cybersecurity Excellence Award judges for our commitment to excellence, innovation, and leadership in cybersecurity.
Read Post
egnyte

Empowering Your Defense: Synergy between Data Loss Prevention Controls and Automated Alert Remediation

May 6, 2024 By Ram Boreda In Egnyte
In today's digital world, the stakes of data loss are high, and the cost of cybercrime continues to escalate. In fact, IBM recently estimated that the average cost of a data breach was $4.45 million in 2023, a 15% increase over the previous three years.
Read Post
nightfall

4 key takeaways from the 2024 Verizon Data Breach Investigations Report

May 6, 2024 By The Nightfall Team In Nightfall
It’s that time of year again: The 2024 Verizon Data Breach Investigations Report is back with the top trends in security breaches over the past year. Read on for an at-a-glance look of some of the report’s most interesting—and actionable—findings.
Read Post
manageengine

How to secure PHI with an identity governance solution

May 1, 2024 By ADManager Plus In ManageEngine
Cyberattacks pose a growing threat across all industries, but healthcare is especially vulnerable. In 2023, hacking incidents in the healthcare sector accounted for 79.7% of data breaches. While patients, providers, and policymakers all have a stake in protecting health information, a critical weak point lies with the technology companies that offer electronic health record (EHR) systems. These systems hold a treasure trove of PHI, making them prime targets for cybercriminals.
Read Post
nightfall

Top 5 SaaS misconfigurations to avoid and why

May 1, 2024 By Aziz El Ouaqid In Nightfall
Cloud storage services and SaaS apps like Google Drive and Microsoft OneDrive provide convenient, scalable solutions for managing documents, photos, and more—making them indispensable for modern work and personal life. However, misconfigured settings and permissions can lead to serious security breaches, noncompliance, and even the loss of customer trust. Let’s explore the 5 most common misconfiguration issues with real-world examples.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.