The choices you make when a cyberattack happens are critical. They can either mitigate the damage or make it worse. Even those companies that have built robust defenses miss an important step: a comprehensive response plan that will guide them in the event of a breach. So, what steps can you take to ensure business resilience and continuity?
On November 4, 2020, the California Privacy Rights Act (CPRA) passed, with a decisive majority of Californians (56% according to the Secretary of State's web site) supporting the measure to strengthen consumer privacy rights. Here, we talk to Heather Federman, Vice President of Privacy & Policy at BigID, about this sweeping privacy law that will set the bar for privacy rights for the rest of the nation.
Overlooked risks can cost companies millions in financial and reputational damage — but existing commercial threat intelligence solutions often lack data coverage, especially from these alternative web spaces.
How does this impact corporate security operations, and how can data coverage gaps be addressed?
In its quarterly report, toy maker Mattel announced it was the victim of a ransomware attack on its information technology systems that caused data on a number of systems to be encrypted in July 2020.
Japanese gaming giant Capcom has disclosed a data breach which led to unauthorized access of some files and systems. The developer claimed that the incident impacted email and file servers, among other systems.
Blackbaud, cloud software provider, has been sued in 23 proposed consumer class action cases in the U.S. and Canada related to the ransomware attack and data breach that the company suffered in May 2020.
Risk Based Security released their 2020 Q3 Data Breach QuickView Report, revealing that the number of records exposed has increased to a staggering 36 billion. There were 2,935 publicly reported breaches in the first three quarters of 2020, with the three months of Q3 adding an additional 8.3 billion records to what was already the “worst year on record.”
While breaches are an inevitable part of doing business, you can limit the negative impact by developing a solid playbook that charts a course to recovery. Examine potential threats, work out how to handle discrete scenarios, and spell it all out for your employees. By compiling policies and work streams, assigning responsibilities, and setting expectations you can build real resilience.
Cool heads prevail in a crisis, and nothing curbs the spread of panic as well as a clearly delineated plan. But it’s not enough to craft a playbook, you also need to test it before it can serve as a critical piece of governance for your organization. Let’s take a closer look at the best way to go about developing a playbook.
Traditional Enterprise Data loss prevention (DLP) tools were not initially designed for protecting unstructured data, and encryption and policy are not centralized and few have taken advantage of improvements in recent years. In the meantime, unstructured data has piled up and is growing.
To target this problem, a new set of vendors and products emerged with “data-centric” solutions adding to the confusion. So many vendors with a variety of capabilities to choose from, but how do you know which is right? What vendor do you choose? The answer to these questions is to think more about what you want to accomplish and weigh the approaches first.
