eSecurity Planet – Massive SEC Breach Highlights Need for Broader Use of Encryption

esp_logoU.S. Securities and Exchange Commission (SEC) chairman Jay Clayton recently announced that a software vulnerability in its Electronic Data Gathering, Analysis and Retrieval (EDGAR) system “was exploited and resulted in access to nonpublic information” in 2016.

Jason Hart, vice president and CTO for data protection at Gemalto, said by email that stopping breaches like these is an unrealistic goal. “A better starting point is for organizations to truly know what they are trying to protect and then putting the right safeguards like encryption in place,” he said. “Of the 1.9 billion data records compromised worldwide in the first half of 2017, less than 1 percent used encryption to render the information useless.”

According to Gemalto’s Breach Level Index for the first half of 2017, the proportion of stolen, lost or compromised data that was protected by encryption dropped by 4 percent compared to the last six months of 2016.

The first half of 2017 also saw a 164 percent increase in stolen, lost or compromised records — over 10 million records were compromised or exposed every day, or 122 records every second.

To read the full article click here.

eSecurity Planet – HBO Hack Highlights Importance of Encryption, Data Governance

esp_logo1.5 TB of data, including unreleased episodes of upcoming shows, was stolen and leaked online.

Gemalto CTO of data protection Jason Hart said by email that broadcasters in particular face a unique threat. “Due to the nature of the industry, hackers have the opportunity to access data as it is transmitted between multiple data centers, and so they require solutions to help encrypt their high value TV transmissions — without interfering with the audience’s viewing experience,” he said.

“HBO now joins a list of other Hollywood victims of crime such as Netflix and Sony,” Hart added. “This incident is another reminder that broadcasters must invest in fundamental security controls and practices — encryption, key management and two-factor authentication — to control access to highly sought-after content and protect it in the event that a breach takes place.”

To read the full article click here.

eSecurity Planet – Massive Breach of Swedish Citizens’ Data Points to Desperate Need for Risk Management

esp_logoVehicle registration data for every Swedish citizen was exposed — including those under witness protection.

“It is clear that there is a divide between organizations’ perceptions of the effectiveness of perimeter security and the reality,” Gemalto vice president and chief technology officer for data protection Jason Hart said in a statement. “By believing that their data is already secure, businesses are failing to prioritize the measures necessary to protect their data.”

To read the full article click here.

eSecurity Planet – Shoney’s Restaurants, IHG Hotels Hit by Credit Card Breaches

esecurityplanetA pair of separate credit card breaches were recently confirmed at 37 Shoney’s restaurants and at hundreds of InterContinental Hotels Group (IHG) hotels across the United States.

Gemalto CTO of data protection Jason Hart told eSecurity Planet by email that these types of attacks will inevitably continue until organizations leverage end-to-end encryption to protect payment data. “Breaches are inevitable and companies and IT staff must accept that fact, but that doesn’t mean action can’t be taken — they need to secure the breach,” he said. “Doing so requires a data-centric view of threats in which essentially the value of data is made useless to hackers,” Hart added. “And that entails better identity and access control techniques, foremost, multi-factor authentication and the use of encryption and key management to secure sensitive data.”


To read the full article click here.