Data Security, Risk Assessments/Management

Sensitive data security challenges prevail

SC StaffApril 12, 2022

More than 90% of organizations reported challenges in implementing security policies for sensitive data, VentureBeat reports. Extreme concerns regarding dark data were reported by 84% of organizations, while 80% noted that unstructured data management and security were most challenging, a report from BigID revealed. Unstructured data, including business, financial, and intellectual property data, as well as customer IDs account for most of organizations' dark data. "The risk landscape is evolving: data breaches aren’t an if, but a when; data privacy and protection regulations are becoming more prevalent; and data is simply growing [in] an exponential way. Data is driving business — and when an organization doesn’t know what they have, they’re unable to protect and manage it," said BigID CEO Dimitri Sirota. Sirota noted that organizations will have to determine critical data by scanning, classifying, and making an inventory of data. However, data inventory accuracy is crucial in determining and cataloging exposed data before securing it, according to Sirota.

SC Staff

Related

Department of Health and Human Services Office for Civil Rights enforcement

Governance, Risk and Compliance

HIPAA updated to include more robust reproductive health data privacy protections

SC StaffApril 23, 2024

The Department of Health and Human Services has introduced updates to the Health Insurance Portability and Accountability Act that would prevent healthcare organizations, doctors, and insurers from providing protected health information to state prosecutors in a bid to bolster abortion providers' and patients' privacy protections, according to The Record, a news site by cybersecurity firm Recorded Future.

Detecting malware program concept - binary code and malware warning. 3d rendering

Network Security

Sophisticated tool arsenal enables widespread ToddyCat data compromise

SC StaffApril 23, 2024

Stealthy industrial-scale data exfiltration attacks have been launched by Chinese cyberespionage operation ToddyCat against government entities, including defense organizations, across the Asia-Pacific through its arsenal of advanced hacking tools, according to The Hacker News.

Russia and Presidential elections

Network Security

Novel tool leveraged by APT28 to exploit old Windows vulnerability

SC StaffApril 23, 2024

Data exfiltration and privilege escalation attacks leveraging the novel GooseEgg hacking tool to exploit an already addressed Windows Print Spooler flaw, tracked as CVE-2022-38028, have been deployed by Russian cyberespionage operation APT28, also known as Forest Blizzard, against government, education, transportation, and non-government organizations since April 2019, BleepingComputer reports.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news