BLOG AUTHORS

radfordC.J Radford
Vice President of Cloud
waynelewandowskiWayne Lewandowski
Area Vice President, Federal
mikeMike Yoder
Senior Security Architect
socialtis2Tina Stewart
Vice President Marketing

DEFENDERS OF DATA

22 Apr
2014
Categories : Data Breach, Encryption            Leave a comment            Tags: , , ,

Organizations that have sensitive data have a perennial problem with using cloud resources …. Gaining the benefits of their use without exposing data that is required to be protected by compliance regimes, government data breach regulations or just because it is critical intellectual property. Click to Tweet: Protect high value data in AWS – @Vormetric teams with @AWSMarketplace in Security Software Free Trial amzn.to/QAhz95 If this is you, we’d really like you to “give our solution a spin” on Amazon […]

15 Apr
2014
Categories : Data Encryption, Data Security            Leave a comment            Tags: , , , ,

Just released is our latest Vormetric Insider Threat Report.  This latest report focuses on Europe, and an earlier version in September of last year detailed responses from the US.  Today, I’m taking a deeper look at the combined government data from both US and European government at a level you won’t see elsewhere. One point before I get to the results – Insider Threats aren’t just traditional insiders, people with access to sensitive data in the course of accounting, financial, […]

11 Apr
2014

If you’re reading this blog, chances are good that you’ve heard of a horrid bug in OpenSSL named Heartbleed.  Rarely has a software bug caused such a ruckus in the security community.  The bug is sufficiently bad – an attacker can read random parts of the server’s memory – that an upgrade to the fixed version is an urgent matter.  To add to this, the versions of OpenSSL with the bug are very widely used – up to 2/3rds of […]

10 Apr
2014

Last month, I called out the Top 5 Data Breach Trends for 2014. Trend 1—Revenue Loss Means Board Room Focus Trend 2—Retail Breaches: An Easy Target Trend 3—Cloud and Big Data= Big Target for Cybercriminals Trend 4—Government and Healthcare: High Risk Trend 5—Compliance Will Grow Bigger Teeth Since then, supermarket chain Morrisons suffered an insider attack through stolen staff payroll systems that were published online which links back to trend 2; retail data breaches an easy target. Also surfacing this week—18 […]

08 Apr
2014

Here at Vormetric, we just issued the European Edition of our Insider Threat Report.  Although the report focused on Insider Threats, we also included a strong focus on SaaS and Cloud Provider use for enterprises – both on the additional Insider Threat concerns around SaaS and Cloud Services and about what those enterprises would like to see that would increase their use.  Today I’m going into details that we didn’t highlight in the report, but which are directly relevant to […]

03 Apr
2014
Categories : Data Security, Key Management            Leave a comment            Tags: , , , , , ,

While we’ve since learned it was a relatively unsophisticated attack, the Target data breach remains anchored in the headlines and, thanks to the more recent security breach reported at giant grocery chain Morrisons in the UK, we can’t get away from the risk posed to business by the ‘Insider Threat’. Events of the last few months have thrust the dangers of privileged user abuse into the spotlight. However, while these security incidents do vary in terms of scale and impact, […]

01 Apr
2014
Categories : Data Breach            Leave a comment            Tags: , , , ,

It may not be obvious, but there’s a common thread through the endless procession of data breach disclosures, and it’s the Insider Threat. Insider threats are no longer just traditional insiders with access to special information within a company (a classic is the accountant that walks off with all the cash), it now includes privileged users of all types and the compromise of accounts to gain access to sensitive data. Take a look at a couple of cases recently – […]

27 Mar
2014
Categories : Data Breach, Data Security            Leave a comment            Tags: , , , , ,

It’s been a while—December 2013 in fact—since my last Data Breach Round-up post and a lot has happened since. Snowden-related discussions are still dominating the news cycle, often pointing to insider threats as the most prominent issue organizations are facing today. The sheer amount of data breaches (ie. Target, Adobe, Korea Credit Bureau, Neiman Marcus) sends a signal that cybercrime will continue to rise. New security threats and regulations make the case for more transparency going forward; all signs point […]

20 Mar
2014

It isn’t any surprise that Cloud Security is still at the top of every Enterprise’s concerns about using cloud resources and services.  Since the inception of cloud services, security has been a top concern, and one of the reasons that the largest investments by enterprises to date have been private cloud related.  That hasn’t stopped lines of business from using cloud services without authorization, or stopped enterprises from putting their “toe in the water” with non-critical projects, limited SaaS applications […]

The U.S. Cybersecurity Framework

Posted By: Robert Bigman, Former CIA CISO
18 Mar
2014
Categories : Data Security            Leave a comment            Tags: , , , ,

Only Suggestions and Encouragement – When we are at Cyber War All you need to know about why the presidentially directed cybersecurity framework effort by the National Institute of Standards and Technology (NIST) represents (at best) minimal progress in our war against cybercriminals and nation-state actors is summed up in the second paragraph of the summary. The framework states that: “[i]t is the Policy of the United States to enhance the security and resilience of the Nation’s critical infrastructure and […]