Protecting the world's information...
must evolve as new threats, risks and opportunities emerge. To stay in front of the quick-paced security landscape, PKWARE's in-house experts regularly offer blogs covering best practices, fresh resources and the trends behind the headlines. The blogs are meant to spark conversation, so please add your comments, share competing thoughts or pass along topics you'd like us take on.
With Data Security, Compliance Is The Beginning, Not The End
Ask PKWARE customers about the biggest challenge they face, and many respond with one word: compliance.
Every industry has separate mandates to worry about, such as HIPAA for healthcare, and PCI DSS for financial services. The common denominator in just about every compliance mandate is the need for Data Loss Prevention.
Overall, compliance requirements have been good for security. If it weren’t for these regulations and industry standards, many enterprises wouldn’t be doing nearly enough to safeguard sensitive data.
But there are risks in how enterprises handle compliance. A checkbox mentality often ensues, where companies put their primary focus on checking off the boxes on a list during a compliance audit.
When The Security Expert Is The Idiot
Here at PKWARE, when we describe the types of adversaries our technology is designed to block, we say “thieves, snoops and idiots.”
The first two are easy to describe. The thief wants to break into enterprise networks and steal sensitive information and the snoop is either out to invade your privacy or is a trusted employee with access to information that, if shared with the outside world, could cause a lot of damage to the enterprise’s reputation.
Top 3 HIMSS Takeaways
I recently presented at the Healthcare Information and Management Systems Society – North Carolina Chapter – where I talked about the importance of securing data within the healthcare industry. During my time at the conference, I kept my ear to the ground to better understand broader trends impacting the industry and left with three big takeaways:
Apple Phone Case Exposes Stubborn Skills Gap
Like many of us in the cybersecurity industry, I paid close attention to the recent fight between the FBI and Apple over an encrypted phone.
Safe and Sound
(When No One is Paying Attention)
The worlds of fantasy and security have collided twice recently, once in practice and the other in principle.
Why We Are Teaming Up with Google, Facebook and a Few of Our Rivals
Protecting the world’s information can create strange bedfellows. But sometimes it’s worth the unexpected allegiances with potential rivals or social media companies in an effort for everyone to get a better grasp on data security.
First Principles of Data Security: The 4 Key Questions You Need to Be Asking
Looking at the volume of recent data breaches, it appears that malicious hackers are becoming increasingly savvy. Maybe. But the more likely cause is that miscreants are walking through doors left open by a legacy of bad security practices – or they are working with people already inside with access to sensitive data.
Nerds on the Attack: The Most Important Shot in the New Crypto Wars
The nerds have shot back. For those of us who remember the “crypto wars” during the Clinton Administration, it was the technical takedown of bad encryption plans for the Clipper chip by security leaders which acted as data security discussion’s denouement. When cracking open encryption was proven at the technical level to be bad practice for everyone – government, law, business, private citizens – it was time for the snooping and surveillance advocates to take their ball and go home. Ever since, we’ve enjoyed the ability to implement encryption for better privacy and stronger business security. You can even draw a link from stronger crypto to the great tech companies that popped up and thrived before and after the Dot Com Bubble.