Blog

Fasoo Highlights Unstructured Data Security at RSA 2018
Cybersecurity Data security

Fasoo protects unstructured data

Fasoo’s message of finding, protecting and controlling unstructured data definitely made an impact on attendees at the 2018 RSA Conference in San Francisco.  With new regulations like the General Data Protection Regulation (GDPR) coming on quickly and the general feeling that businesses need to do more than just track file access, companies are looking for a more comprehensive and practical approach to providing secure ways to conduct business.

Over 45,000 senior executives and IT security professionals attended this year’s conference with about 2,000 visiting Fasoo’s booth.  Visitors saw hourly presentations and demonstrations on how to manage and control their unstructured data which is by far the largest problem of data security.  While someone hacking a database and stealing credit cards seems to make the headlines, the reality is that the majority of an organization’s intellectual property and sensitive information is stored in documents.  Fasoo staff showed how Fasoo Data Radar, Fasoo Enterprise DRM, Fasoo RiskView and Wrapsody helps manage and protect the critical business information inside documents.

Can An Oops Data Breach Make You Scramble?
Cybersecurity Data breach Data security

Most of the data breaches you hear about in the news are from external hackers infiltrating a network and stealing credit cards, personal data or intellectual property.  You don’t always hear about the oops or mistake that caused the same problem from a trusted insider.  This past week Heathrow Airport and London’s Metropolitan Police were scrambling to find out how security plans for the airport that included those related to Queen Elizabeth wound up on a USB stick found on a London street.

The USB memory stick had about 2.5 GB of unencrypted data, including details of the route used to convey Queen Elizabeth to the airport, details of every type of identification required to access restricted areas, a timetable of patrols around the airport perimeter and a map of CCTV cameras, tunnels and escape shafts.  Heathrow and the London Metropolitan Police launched an investigation to discover how this information ended up on a street.

Fasoo Shows Wrapsody Productivity and Security Platform at Gartner Symposium 2017
Cybersecurity Data security Secure collaboration

Fasoo Shows Wrapsody Productivity and Security Platform at Gartner Symposium 2017Fasoo demonstrated the latest version of the Wrapsody productivity and security platform at the Gartner Symposium/ITxpo 2017 from October 2 – 5, 2017 in Orlando, FL.  There was a lot of interest from CIOs, other executives and security professionals as many are struggling with how to secure sensitive information while also providing enhanced productivity for documents or unstructured data.

This year’s Symposium continued Gartner’s focus on helping organizations transform into digital businesses, which is far more than just automating processes.  It includes a holistic change of thinking, where data is the driver of growth and secure business processes are a given.  Since documents make up about 80% of the information that drives business processes, simplifying secure collaboration with documents while enhancing governance and compliance are key components of digital business.

Is Encryption Really That Hard?
Cybersecurity Data breach Data security Insider threat

Is Encryption Really That Hard?The problem today is sensitive information is leaking from organizations like a dripping faucet.  The recent Equifax data breach is just the latest example of a constant barrage of leaks in the news.  All the experts say the best way to stop data leaks is by encrypting sensitive data.

So why isn’t everyone doing it?   What’s the problem?  New regulations are now in place that mandate encrypting sensitive data, NYDFS part 500 and GDPR being two of the most visible.

It’s not like using an Enigma machine to manually encrypt a message.  Today’s encryption mechanisms are easy to use and fit into the daily work of employees everywhere.

You Need Data-Aware Protection Mechanisms
Cybersecurity Data breach Data security Insider threat

You Need Data-Aware Protection MechanismsData breaches pose one of the greatest threats to business and government.  With the recent data breach at Equifax magnifying the problem of data loss in businesses and the public sector, it’s time for organizations to think hard about using data-aware protection to safeguard sensitive information.

The ever-changing cybersecurity landscape requires organizations to evolve beyond merely protecting the network perimeter and end-points to implementing protections on the data.  When data breaches are successful, the costs can be staggering.  How much will it cost Equifax to offer credit monitoring to millions of people?  What makes these data breaches so disheartening is that many could be avoided or mitigated by modernizing legacy IT systems and protecting information at the data or document level.

Can Updated FFIEC Cyber Assessment Tool Help With Other Regulations?
Cybersecurity Data breach Data security Privacy

Use the FFIEC Cyber Assessment Tool to help comply with NYDFS 23 NYCRR Part 500The Federal Financial Institutions Examination Council (FFIEC) released an update to its Cybersecurity Assessment Tool to help financial institutions establish a better baseline to identify their risks and determine their cybersecurity preparedness. The original intent of the Assessment was to provide a repeatable and measurable process for financial institutions to measure their cybersecurity preparedness over time.

The updates are a response to criticism since its release in June 2015 for its vagueness and diversion from other well-established cybersecurity assessment frameworks, such as the NIST Cybersecurity Framework.  While there are similarities between these tools, the FFIEC is trying to provide guidance to its constituency where the NIST framework is general for all organizations.

Practical Advice At Buffalo NYDFS 23 NYCRR 500 Pathways to Compliance Event
Cybersecurity Data security News

Practical Advice At Buffalo NYDFS 23 NYCRR 500 Pathways to Compliance EventFollowing our successful event in Rochester, the second of the NYDFS 23 NYCRR 500 roadshow events at Phillips Lytle LLP in Buffalo, NY on May 17, 2017 brought together executives, insurance, legal, and security professionals in a great forum to discuss challenges for financial services organizations to meet the new cybersecurity regulations that went into effect on March 1, 2017.  A full house heard some practical advice designed to assist entities regulated by the New York Division of Financial Services (NYDFS) comply with the new regulations.

Jennifer Beckage of Phillips Lytle LLP started with her “Survival Guide to Navigating the NYDFS Cybersecurity Regulation”.  Jennifer talked about the challenges covered entities face not only developing their own cybersecurity programs, but how those spill over to their service providers.  Developing, implementing and monitoring vendor management programs will affect contracts, day-to-day operations and the technology used to secure and control information shared.

Fasoo Hits Nerve with Message of Security, Governance and Productivity at RSA 2017
Cybersecurity Data breach Data security News

Fasoo Hits Nerve with Message of Security, Governance and Productivity at RSA 2017After two days at the 2017 RSA Conference in San Francisco, it looks like Fasoo’s message of Security, Governance and Productivity is hitting a nerve with security professionals, analysts, executives and other attendees.  As the regulatory and business climate change to overcome constant threats to businesses and the data they use to drive profitability, companies are looking for a more comprehensive and practical approach to providing secure ways to conduct business.

An interesting theme at this year’s show is Business Driven Security.  I think the convergence of business and security is finally coming to a head as boards and executives realize they must think of security solutions as a business driver that helps mitigate business risk so they can propel their businesses forward.

One main focus this year is helping financial organizations comply with the New York State Department of Financial Services (NYS DFS) cybersecurity regulations.  Fasoo employees spoke to numerous banks and mortgage companies at the booth that are affected by this new regulation to encrypt nonpublic data and provide clear access control and audit trails.  The Fasoo Data Security Framework can help protect sensitive data from getting into the wrong hands and help meet this comprehensive regulation.

Choose Security Over Convenience
Cybersecurity Data security

Choose Security Over ConvenienceOne of the problems of implementing security is that people perceive it as an inconvenience.  People always take the path of convenience because it’s easy.  Many years ago no one locked their doors because we weren’t worried that someone would come into our house and steal anything.  Over time that thinking changed and we all lock our homes and businesses before going out.

Many organizations think about data security and cybersecurity the same way.  While no one questions locking the doors to the office or manufacturing plant, some don’t think about locking all the doors to their sensitive information.  A common approach is to merely check the boxes to be compliant with a regulation or standard, but don’t think about the unique situation of your company.

Top Four Security Predictions For 2017
Cybersecurity Data breach Data security Insider threat

Top Four Cyber Security Predictions For 20172016 has been an epic year for cyber security and data breaches.  From recent hacks at Yahoo and LinkedIn to problems at the FDIC and stolen intellectual property from Glaxo-Smith Kline, this year has been a boon for data breaches large and small.

The past year has shown us that malicious attacks and inadvertent mistakes continue at an alarming rate and the consequences are legal, financial and brand reputation woes.

So how will 2017 fare?  Will we see more of the same or a change in the cyber security landscape?

Here are four security predictions for 2017.

1. Cyber Security Legislation will Change the Face of Business