Managing Insider Threats with Vigilance

Two factors continue to be substantial risks to personal data in an enterprise environment: insider access and third-party breaches. According to the latest Verizon’s Data Breach Investigations Report, the former accounts for 59% of all security incidents.  Now, it seems the Office of Civil Rights (OCR) has published its own report, a newsletter called “Managing… Read More

Vulnerable data and rising breach costs

It’s no surprise that data breach costs, which have consistently risen in recent years, continue to do just that. A recent annual report from IBM Security examines the causes of breaches, as well the associated costs and their contributing factors.  For starters, even the data breach life cycle, wherein an organization discovers and contains a… Read More

Surveillance in the Skies

Every so often, you come across a data security story that hits hard, that really stirs the ire.  A story where a company displays such contempt for the customer and their privacy that one can’t suppress the disgust.  Such is sadly what we’re seeing with Cathay Pacific, the Hong Kong airline. In the aftermath of… Read More

Massive Capital One Breach – How did this happen?

I was just in the middle of writing something else when the Capital One story broke.  Considering I’ve already seen it referred to as “the new Equifax,” I thought it might be worth a look (that’s me understating it).  Especially since Equifax was itself in the news again lately for its settlement story. The full… Read More

Preventing a breach and countries targeted by hackers

As we’ve seen recently, the penalties for data breaches are rising across the board.  Just last week British Airways received the new record in GDPR fines, and now Marriott faces a $700 million sum in the US.  These figures are only going to grow. According to HIPAA Journal, March of 2019 saw an average of… Read More

European regulators not afraid to enforce GDPR penalties

By now you might have heard the news that British Airways is facing a record fine from the UK’s Information Commissioner’s Office (ICO) for a late 2018 breach affecting 500,000 customers, after cyber criminal group Magecart injected lines of script to compromise the airline’s card checkout pages on its website and mobile app and steal… Read More

Continuing consequences from the Equifax breach

Just when you might have thought the Equifax story had been long put to bed, the seventh greatest breach in history has more to offer. While half of all breaches may be targeted at small businesses (according to CPO Magazine), the larger entities are the ones whose plots are likely to keep popping up from… Read More

Watch your screen, because someone else is too

When considering the various complex and sophisticated ways cyber criminals can steal data, it can be easy to overlook more mundane risks.  Take a simple screen, for example.  When you use an ATM, it’s often recommended that you take care to obscure the screen, so that potentially curious eyes around you can’t glance at the… Read More

Who is responsible for encrypting data?

Fortunately, the mass Target outage dubbed the Targetpocalypse does not appear to have been the result of a data breach.  Stores nationwide saw their registers go offline on Saturday, much to the chagrin of consumers who were left unable to consume.  A subsequent statement from the company explained it was simply a technological error at… Read More

A data buffet for cyber criminals

Both the hospitality and healthcare industries have found themselves in cybersecurity news lately.  Last month, we covered a mysterious data breach where the owner of the compromised server was in question.  As it turns out, vpnMentor researchers Noam Rotem and Ran Locar, who discovered the initial breach, have since published findings of another breach, involving… Read More