Computer Business Review – The True Cost of a Data Breach

cbr-logo“Encrypting data at rest and in motion, securely managing the encryption keys and storing them securely, while also managing and controlling user access, are vital steps for businesses to take to protect themselves”

From the implementation of the General Data Protection Regulation (GDPR) back in May, which fundamentally changed the rulebook for storing data of EU citizens at least to the Butlin’s hack, 2018 has been a very significant year for cybersecurity.

One of the biggest changes centred around transparency, specifically businesses being forced to reveal within 72 hours if they have suffered a breach. While the US has had this type of policy for a while, businesses in the EU were not required to publicly state when a breach occured, leaving them free to keep significant news like this from their customers. But now that things have changed, and it’s starting to heat up in the EU.

To read the full article click here.

Computer Business Review – MyHeritage Hack: “Future Hackers Could Amend Stolen DNA”

cbr-logoNo DNA data has been lost as a result of a hack at genealogy and DNA testing website MyHeritage that resulted in the leak of 92,283,889 email addresses and hashed user passwords the company has claimed.

“Sensitive data such as family trees and DNA data are stored by MyHeritage on segregated systems, separate from those that store the email addresses, and they include added layers of security. We have no reason to believe those systems have been compromised,” the Israel-based company said.

Gemalto CTO of Data Protection Jason Hart said: “This reinforces again that being breached is not a question of ‘if’ but ‘when’. Perimeter defences are just what they are, first lines of defence. When those fail, the only way data can be protected is to encrypt it. It is especially important that sensitive personal data is always be encrypted. That way, if the data is stolen it is useless to the thieves.”

He added: “MyHeritage noted that it plans to add additional protective measures in the future. While it appears that MyHeritage hashed its passwords, this is a weak form of protection. Given today’s security climate, all online companies should have multi-factor authentication activated by default for all online accounts as well as using encryption and key management to secure sensitive data.”

To read the full article click here.

Computer Business Review – Uber data breach scandal: A shocked tech industry reacts to the cover-up

cbr-logoWe are all used to news of data breaches and the reputational apocalypse that follows, but this one stands out head and shoulders above the rest. Uber has been found trying to cover its tracks by paying hackers to delete 57 million sets of customer and driver data stolen in 2016.

The right way to be ready for a breach

Jason Hart, CTO, Data Protection at Gemalto, said: “The goal should not be to hide these breaches or even prevent them—it should be to make them secure breaches by taking a more intelligent, data-centric approach to security. This means knowing exactly where your valuable data resides, who has access to it, how it is transferred, and when and where it is encrypted and decrypted. Of the 1.9 billion data records compromised worldwide in the first half of 2017, less than 1 percent were encrypted. That’s all that had to be done here and it’s what other organizations need to do in the future to avoid this.”

To read the full article click here.

Computer Business Review – Businesses believe data is as valuable as currency, but are struggling to secure it

cbr-logoAs data grows in value to businesses, cybercriminals actively monitor businesses to understand exactly what data they collect and store.

How much data do businesses now store? With more being created in the last two years than every previous year combined, it shouldn’t be surprising that it’s a lot.

Add on top of this the massive impact the adoption of IoT devices will have on the amount of data being produced, and this growth shows no signs of slowing down. Data is now intrinsic to understanding market trends and customer demand, and its value to a business and impact on bottom lines has grown.

To read the full article click here.

CBR Online – ‘Perimeter security is effective’ say 94% of IT decision makers

cbr-logoMany believe all their sensitive data to be secure despite not knowing where it is.

“It is clear that there is a divide between organisations’ perceptions of the effectiveness of perimeter security and the reality,” said Jason Hart, Vice President and Chief Technology Officer for Data Protection at Gemalto.

“By believing that their data is already secure, businesses are failing to prioritise the measures necessary to protect their data. Businesses need to be aware that hackers are after a company’s most valuable asset – data. It’s important to focus on protecting this resource, otherwise reality will inevitably bite those that fail to do so.”

To read the full article click here.

Computer Business Review – How to keep data safe on Data Protection Day: From cyber insurance and GDPR, to cloud and encryption

cbr-logoProcrastinating in the cloud? Relying on cyber insurance? On Data Protection Day you should look into your data security processes and reevaluate how you are protecting the hot commodity that is data.

With Great Data, Comes Great Responsibility

Jason Hart, CTO, Data Protection, Gemalto

In an age of convenience, consumers are more than happy to share personal data with businesses and organisations, as long as it enhances their online and offline experiences. Whilst this provides considerable benefits to the business receiving the data, it also comes with a huge responsibility – consumers expect that their data will only be accessed by internally authorised individuals, and be completely secure from external threats.

Businesses must implement encryption to ensure that the data they hold is secure, and can only be accessed by select individuals. Additionally, two factor authentication is crucial in helping mitigate any outside threats. By encrypting the data, and managing the encryption keys properly, the data is useless to the hacker, as well as any unauthorised personnel within the organisation. This means that, even if a breach takes place, consumer data remains private.

To read the full article click here.