Data Mapping: A Tricky First Step to GDPR Compliance

Last Thursday, the one year countdown to GDPR compliance officially began. For those of you still wondering what all the fuss is about, new research commissioned by Centrify has revealed that public companies suffer on average a 5% share price drop immediately following disclosure of the breach. The EU General Data Protection Regulation (GDPR) will ensure there’s no room to hide: as of 25 May 2018, if you’ve been breached you must notify the Supervisory Authority within 72 hours of becoming aware, unless particular circumstances apply. To help organisations figure out a plan of action, Centrify is running a monthly…

Am I Affected by the European General Data Protection Regulation?

It’s a year until the biggest shakeup to Europe’s privacy laws in nearly a generation takes effect. The European General Data Protection Regulation (GDPR) will bring sweeping new rules into force, including new consumer rights over how personal data is used, and mandatory 72-hour data breach notifications. Yet there’s still confusion over which companies and what types of data are covered by the law. With firms currently complying with less than 40% of GDPR principles on average, time is running out. That’s why Centrify is running a new monthly blog series designed to raise awareness about the GDPR, as the clock…

Verizon 2017 DBIR: Key Takeaways

Summary The 2017 DBIR is an essential read for organizational leaders, cybersecurity practitioners and security industry professionals. The report provides clear information that helps cyber security practitioners and executives devise strategy, and implement tactical responses to the cyber battlefield of today. In this year’s 10th publication of Verizon’s Data Breach Investigation Report, data from nearly 2,000 confirmed breaches were submitted by IT professionals and analyzed by Verizon security experts. In the report, 88% (up from last year’s 83%)  of incidents fall into same industry categories that were first identified in the 2014 report. These attacks are further categorized into key…

How to Stop the Breach in a Hybrid Enterprise

Has your enterprise experienced a data breach in the past two years? If so, it’s time for a wake-up call. In fact, 66% of organizations reported falling victim to a breach an average of five or more times during that time span. The security status quo is a slippery slope. Enterprise networks have expanded beyond the well-defined boundaries that used to protect our important assets from falling into the wrong hands and a new security reality has set in. Traditional security methods can’t protect your organization from breaches, and failure to recognize this new reality leaves your business at risk…

RSA: Centrify Survey Reveals Almost Half of Respondents Lack Confidence in Their Company’s Cybersecurity Strategies

Yesterday, we conducted an onsite survey of IT professionals attending the RSA Conference, being held this week at Moscone Center, San Francisco. The poll asked respondents how their companies secure applications and infrastructures in the age of access, and it revealed that only slightly more than half (55%) believe their company’s current technology investment ensures their company’s cybersecurity. This leaves about half of respondents with a lack of confidence in their own organization’s corporate security! While this fact is startling, it shouldn’t be too surprising, since a recent Forrester study, commissioned by Centrify, confirms that in the past two years, two-thirds…

The Cybersecurity Tipping Point Nears

If we’d take a moment to pull our heads out of the sand and look around, we’d quickly see that we’re on an ominous trajectory. There’s no arguing that over the last several years, we’ve been suffering from increasing numbers of breaches, cyberhacks and data leaks. What’s truly puzzling is the fact that we’ve grown so used to the headlines, they no longer seem to impact us: Target spent $250 million to manage a breach? A massive 1 terabytes per second attack against a DNS provider that knocks out major websites? One billion Yahoo identities hacked? Even a hacked election?…

Uh Oh, Yahoo Breach Hits 1 Billion User Accounts

Could this be the catalyst for change to end hacks? Compromised enterprises face huge barriers to rebuilding customer trust and brand reputation. And for Yahoo, this may be an insurmountable task. In September, Yahoo disclosed that the company lost access control for over 500 million accounts. Turns out the largest breach in history of 500M Yahoo accounts in 2014 is only half as much as the latest and largest hack ever discovered – 1B Yahoo accounts lost in 2013. Will this event finally be the catalyst for not only Yahoo but every other company that maintains customer accounts to force…

How to Prevent Another SFMTA Ransomware Attack

By now, many have heard about the recent ransomware attack against the San Francisco’s “Muni” system on Black Friday where the hacker locked out the railway’s system and demanded 100 BTC as payment. The second, less known, part of the story was published by Brian Krebs on his blog yesterday: “On Monday, KrebsOnSecurity was contacted by a security researcher who said he hacked this very same cryptom27@yandex.com inbox after reading a news article about the SFMTA incident. The researcher, who has asked to remain anonymous, said he compromised the extortionist’s inbox by guessing the answer to his secret question, which then allowed him to reset the attacker’s…

How to Avoid a Snowden-esque Security Breach at Your Company

What would happen to your company’s reputation or market share if its data was hacked? This article originally appeared on Inc. Magazine and is reprinted with permission. The recent release of Snowden, the 2016 film about exiled former cyber-security contractor Edward Snowden, highlights some of the inherent cyber-security risks that organizations face. These concerns have been reinforced by the controversy over hacked emails during the current election cycle. In Snowden’s case, it was the National Security Agency (NSA) that was breached, but the vulnerabilities he exploited exist in many enterprise-level companies as well. Security Breaches in recent memory While I worked at Symantec for the…

How To Prevent Cybercrime: CFO Insights for Mid-Market and SMB Companies

Cybersecurity Risk From the Break Room to the Board Room How can CFO’s enable an organization to effectively combat cybercrime, while reducing IT security budgets? If this sounds too good to be true, let me explain how it can be done. Cyber risk is present at every level in every company from the break room to the board room. In retail, data breaches occur in companies of every size; from Yellowfront, a one-store grocer in Maine to the massive Home Depot and Target breaches. Cyber awareness of social engineering attack modes is a management priority, and all employees have responsibility in preventing…