Data Protection

Data Protection news, analysis, research, how-to, opinion, and video.

Black Hat 2015
hacking cybercrime cybersecurity internet coding programming code

computer programmer or hacker

Closing the CVE gap: Is MITRE up to it?

Critics say the The Common Vulnerabilities and Exposures (CVE) program, managed by MITRE, is falling far behind in its mission to catalog and identify all known vulnerabilities. Its defenders say a new model is closing that gap.

pc antivirus

Review: Minerva protects endpoints with trickery and deception

Minerva's Anti-Evasion Platform targets the new breed of environmentally-aware malware. The idea is that most normal threats will be blocked by traditional antivirus and Minerva will stop anything that attempts to get around that...

European Union EU

General Data Protection Regulation (GDPR) requirements, deadlines and facts

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that...

04 insider threat

How to spot and prevent insider threats

Are departing employees taking data with them? Here’s what you need to know about detecting insider threats and better protecting your enterprise network and proprietary information.

group of millennials using mobile devices

8 ways millennials impact your security awareness program

The millennial generation has arrived. Is your awareness program up to the challenge?

1 incident response police tape crime death

10 steps for a successful incident response plan

Incident response plans are often left unused, leaving firms far less able to detect and respond to cyber attacks or data breaches. Here’s our 10-point plan to ensure you set up -- or improve -- an IR plan that actually works.

Hacking stealing password data

Two years after the OPM data breach: What government agencies must do now

Recent reports show declining grades for government agencies’ efforts to improve cybersecurity. Experts weigh in on what needs to be done.

hiding in plain sight

Mobile app developers: Make sure your back end is covered

Developers need to make sure they are baking security into the application code and protecting how their apps handle data, but as the so-called HospitalGown security issue shows, they also need to know how the back-end servers and...

black white hat

How computer security pros hack the hackers

If you want to meet a really smart hacker, talk to a cybersecurity defender. These talented professionals are working every day to make cybercrime harder and less lucrative.

Gmail Google Mail

Google uses machine learning for new security features in Gmail

Google has pushed four new security features to enterprise users on G Suite, the search giant's hosted business offering. The new protections come shortly after Citizen Lab report exposed a Russia-linked Phishing and disinformation...

03 bounty hunter

10 things threat hunters watch for

Pursuing cyber threats is much like conventional hunting in that it requires patience, persistence and a keen eye, and when done correctly, it can be both exhilarating and rewarding. Threat actors do everything in their power to blend...

maze lost question direction wayward

5 common ways businesses lose valuable data

David Zimmerman, CEO and Founder of LC Technology, lists five ways individual employees and IT are causing companies to lose data, and some best practices for preventing a crippling data loss.

Few firms will be ready for new European breach disclosure rules, fines

The new European General Data Protection Regulation goes into effect next May, with onerous notification requirements and high penalties, but a year might not be enough for firms to get ready

ryan benson

A day in the life of a threat researcher

After leaving Exabeam at the end of the workday, Ryan Benson’s mind doesn’t shut off when it comes to thinking about designing new defenses against Black Hats. See what his day looks like.

shadowy attacker hooded (public domain)

How to maintain data oversight to avoid ‘shadow data’

As more companies take a liberal approach to cloud app provisioning, they need to make sure that all apps – including vetted ones – are carefully secured, optimized and monitored. Al Sargent, senior director at OneLogin, offers the...

tatu ylonen

Unmanaged, orphaned SSH keys remain a serious enterprise risk

There are many ways attackers can try to infiltrate an enterprise, but many times enterprises make it so easy that the attackers don’t have to try too hard. Consider the current state of orphan SSH (Secure Shell) keys and how...

3 keychain keys

Outsourcing security: Would you turn over the keys to a third party?

Years ago it would have been unthinkable to give up control to securing your most valuable assets. But for some companies the risk of handing the security keys to a third party is less than the idea of facing the daily barrage of...

microphone interview voice reporter

Vocal theft on the horizon

Voice imitation technology has the potential to undermine yet another form of biometric authentication. Security experts say the key is to make sure the individual voice information is stored on the user’s device, not in a centralized...

Load More