Blog Authors

radfordC.J Radford
Vice President of Cloud
Andy KicklighterAndy Kicklighter
Director of Product Marketing
Robert BigmanRobert Bigman
Guest Author, Former CIA CISO
socialtis2Tina Stewart
Vice President Marketing

DEFENDERS OF DATA

24 Jul
2014
Categories : Data Security            Leave a comment           

This seems to be the year that Cloud offerings, hosting providers and MSPs have turned the corner in readiness to support compliance requirements within their offerings.  For IaaS, I’m seeing our enterprise customers directly drive providers to support compliance related initiatives – meet the requirement or lose the business.  The same trend plays out in SaaS environments as well, but to a different “tune” – heavily differentiated or discrete offerings designed for specific industry segments. This change is clearly driven […]

22 Jul
2014
Categories : Data Security            Leave a comment           

Vormetric has now reached 1400 customers worldwide, with strong deployments in place and expanding throughout the US, Europe and Asia / Pacific regions.  In the vast majority of these customer implementations, compliance in all its many forms plays a primary role in customers’ decisions to deploy Vormetric solutions, and in fact, usually there is a need to meet multiple compliance requirements. Not surprising given the complex web of regulation, industry compliance requirements and privacy laws worldwide.  A short snapshot of […]

17 Jul
2014
Categories : Data Security            Leave a comment           

When thinking about data encryption, businesses typically view this as a proactive measure to avoid security breaches.  Naturally, this is correct – data that’s encrypted is harder to hack – but what’s often missed from the equation is how encryption can reduce organizational risk should a security breach still happen. This is because of the impact encryption has on businesses’ data breach reporting requirements.  Many countries around the world now have data breach reporting rules, and these can attract serious […]

Making Compliance a Useful Cyber Security Tool

Posted By: Robert Bigman, Former CIA CISO
15 Jul
2014
Categories : Data Security            1Comments           

It was Albert Einstein who defined insanity as: “Doing the same thing over and over again and expecting different results.” But, yet again, the Government (e.g., the Cyber Security Framework or the Federal Financial Institutions Examination Council cybersecurity vulnerability and risk-mitigation assessment) is on the compliance band-wagon to attempt to drive industry to “up-their-game” and better defend their organizations from cyber-criminals and nation-state hackers.  Within the U.S. Government administrative branch, the primary compliance mechanism is the Federal Information Security Management […]

10 Jul
2014
Categories : Data Security            Leave a comment           

With penalties as high as $500k a new Florida law, effective July 1, adds big teeth to the state’s data breach notification statute. One of the most interesting changes redefines the concept of ‘personal information.’ The new Florida Information Protection Act of 2014, states an organization must provide written notice to the state attorney general no later than 30 days after determination that a breach affecting 500 or more Floridians has occurred, down from 45 days in an earlier law.1 […]

08 Jul
2014
Categories : Data Security            Leave a comment           

The existing EU data protection regime is built around the Data Protection Directive 1995 (the 1995 Directive) and the Privacy and Electronic Communications Directive 2002 (ePrivacy Directive).  With a new EU Data Protection law said to be on-track for next year, organizations need to start thinking now about how they will manage and conform to the expected changes. Looking first at the existing regulations – here’s what’s required today. The existing 1995 Directive sets the overarching framework for data protection […]

01 Jul
2014
Categories : Data Security            Leave a comment           

Introduction Let’s suppose the United States I.R.S. is in the process of chasing down a tax-dodging expatriate and wants access to financial records from a Finnish company the expat has done business with. The U.S. would simply ask the company to fork over the data and all would be copacetic, right? Wrong. With more than 99 countries with data privacy laws on the books as of mid-2013 (and a further 21 countries with bills pending), there are wide global variations […]

30 Jun
2014
Categories : Data Security            Leave a comment           

Vormetric was a platinum sponsor at the 2014 Gartner Security and Risk Summit, which is held in the Washington, DC area.  Since I run both Vormetric product marketing and analyst relations, it is a busy event.  I don’t mind it being such a busy week because it is an awesome event! Now that it is over, I thought I’d look back and reminisce in my blog.  I’m in the bar with everyone else taking care of end-of-show business – watching […]

24 Jun
2014
Categories : Data Security            Leave a comment           

On a Saturday morning a few weeks ago, I was at home having breakfast with my family around the kitchen table.  Suddenly, in between eating and chatting about plans for the day, we heard something scurry across the ceiling.  It sounded like a fast moving squirrel.  Of course, my wife exclaimed that I needed to call an exterminator right away for immediate removal of whatever was crawling above us.  I had a different idea.  I thought with a trip to […]

19 Jun
2014
Categories : Data Security            Leave a comment           

Regardless of industry affiliations, enterprises are universally tasked with protecting sensitive information – and will have data-at-rest that needs protection somewhere within their environment. Compliance and regulation drives some of this need for data-at-rest protection Risks from potential data breaches of consumer or customer information other requirements The need to protect sensitive intellectual property may be primary for other organizations And contractual requirements from customers might also drive the need to protect information. These needs acquire an additional level of […]