The real risk of business disruption, brand damage, and potential liabilities caused by ransomware attacks has elevated cybersecurity from a technical or operational issue normally handled by security teams, to a major Board level priority and discussion. Even the most sophisticated and mature organizations that once believed their cybersecurity defenses were robust are now rethinking their preparedness and response capabilities required to address the imminent threat of ransomware attacks.

As digital transformation continues post-COVID more organizations, including those covered by HIPAA, will seek out SaaS solutions that make collaboration easier. Fortunately more and more applications like Slack are enabling HIPAA compliant use. In early 2019 as Slack filed for its IPO, the company also updated its security page to provide details on its qualifications as a HIPAA compliant messaging app.

Data loss prevention (DLP) refers to a category of tools and technologies that classify, detect, and protect information (data) in three states: data in use, data at rest, and data in motion. The purpose of DLP is to enforce corporate data security policies that govern where data does — and doesn’t — belong. As such, there are some key strategies and best practices required to build these data security policies.

Data loss prevention (DLP) refers to a category of tools and technologies that classify, detect, and protect information (data) in three states: data in use, data at rest, and data in motion. The purpose of DLP is to enforce corporate data security policies that govern where data does — and doesn’t — belong.

The rules set forth by PCI-DSS can seem complicated. Four levels, 12 requirements, multiple credit card brands: it’s easy to get lost in the details of PCI-DSS requirements. However, merchants who fail to meet the PCI compliance standard face heavy consequences. Not only do these companies put their customer data at risk, they also may face hefty fines that can range from $5,000 to $100,000 per month.

In this tutorial, we’ll demonstrate how easy it is to redact sensitive data and give you a more in-depth look at various redaction techniques, how Nightfall works, and touch upon use cases for redaction techniques. Before we get started, let’s set our Nightfall API key as an environment variable and install our dependencies for our code samples in Python.

In late August 2021, a major data leak exposed where 38 million private records through Microsoft’s Power Apps portals, a powerful low-code tool that enables both professional and citizen developers to create external-facing applications. The misconfiguration was discovered by the research team at UpGuard and is now well-known as one of the most severe low-code security incidents to date.

We’re excited to announce that Nightfall DLP for Jira now has real-time detection. Services like Jira, which are part of the Atlassian ecosystem, are among some of the most popular cloud tools leveraged by companies today. Like most SaaS applications, Jira is an always-on service where many collaborators share information. In some cases, this may result in the unintentional exposure of sensitive data.

The air gap, a cybersecurity countermeasure that isolates digital assets to put them out of reach of malicious actors, is the subject of many industry myths. Are you confused by all the myths around air gaps? Does it seem odd that logical air gaps are not considered air gaps in spite of their ability to defend against attacks? If you answered “yes” to these questions, you're likely not alone.