Why do so many data loss prevention projects either stall or de-scope? Why with significant industry expenditures in the space do we continue to experience record-breaking instances of data breaches and exfiltration? What are the latest methodologies and technologies security and privacy executives should consider to protect their sensitive data and comply with ever-increasing and pervasive privacy regulations such as GDPR and CCPA.
Join Deborah Kish, former Gartner data security analyst, as she shares insights gleaned from hundreds of sessions with CISO, CIO, CDO, CPO and CCOs to offer an insider’s playbook to implementing an unstructured data security and privacy program. Whether migrating from existing DLP point solutions or wondering where your unstructured data lives today, Deborah will provide a life-cycle perspective as to the best methodologies and how to avoid the pitfalls that have plagued enterprise projects.
Register for this webinar and learn how:
A file-centric approach overcomes data leakage shortfalls of traditional approaches and best meets new privacy requirements
Aligning data classification with your data protection methods will put your projects on the fast track
Automation and integration of discovery, classification, access control and file-based encryption is your best first line defense
This year at the Gartner Security & Risk Management Summit in National Harbor, MD there was a lot of focus on reducing business risk through improved cybersecurity that focuses on protecting data as users create and share it. One area of concern to many organizations is how to find and protect sensitive data without impacting how employees and customers work. Data protection regulations, like GDPR, are making things more complicated, but companies need to balance security with productivity.
At the Fasoo booth, a lot of people talked about issues with combining different technologies that still focus more on protecting the location of data rather than the data itself. One executive from a manufacturing company talked about how her DLP system can tell them that sensitive documents were shared with external parties, but can’t really control their access or stop them from going out. This is a common concern as companies use DLP, CASB and other technologies that can’t control access everywhere.
Ron Arden, Executive Vice President & COO, Fasoo, Inc. spoke to security professionals and executives on how to meet the data-centric requirements of the NYDFS 23 NYCRR 500 cybersecurity regulations for financial services organizations at the 2017 Rochester Security Summit at the Rochester Hyatt in Rochester, NY.
Ron delivered a presentation entitled “Do You Have a Pathway to Data Security and Compliance?” as part of the risk and compliance track during the October 19 – 20, 2017 event. With deadlines approaching for some of the more challenging components of the NYDFS cybersecurity regulations, timing was right as Ron reviewed results from the recent Ponemon Institute survey on NYDFS readiness and Fasoo’s approach to help meet the technical challenges of protecting unstructured data or data stored in files. This is an area that most organizations are struggling with, since about 80 percent of their information is not in databases, but is in office documents.
Fasoo demonstrated the latest version of the Wrapsody productivity and security platform at the Gartner Symposium/ITxpo 2017 from October 2 – 5, 2017 in Orlando, FL. There was a lot of interest from CIOs, other executives and security professionals as many are struggling with how to secure sensitive information while also providing enhanced productivity for documents or unstructured data.
This year’s Symposium continued Gartner’s focus on helping organizations transform into digital businesses, which is far more than just automating processes. It includes a holistic change of thinking, where data is the driver of growth and secure business processes are a given. Since documents make up about 80% of the information that drives business processes, simplifying secure collaboration with documents while enhancing governance and compliance are key components of digital business.
The event was part of a continuing dialog with organizations on the needs for stricter cybersecurity controls in the wake of the ever growing threat of data breaches and threats to business operations. Recent data breaches at Equifax, Verizon and others show that any organization is vulnerable to external attacks or insider threats. Regulations and legislation, such as the New York NYDFS 23 NYCRR 500 cybersecurity regulations and GDPR in Europe, are causing businesses to improve their security posture to protect business and customer information.
This year at the Gartner Security & Risk Management Summit in National Harbor, MD there was a lot of focus on managing and mitigating risk to a business and how to improve cybersecurity through data-centric protection. One area of concern to many organizations is how to comply with some of the newer cybersecurity and data protection regulations, like GDPR, as governments are trying to improve customer and business data security.
With all the recent malware, ransomware and data breaches, there was obviously a focus on how to prevent harm to one’s business. As businesses move more into the realm of digital business, the concept of trust is becoming a larger issue. If your customers do not trust you with their data, they will be less likely to do business with you.
Following our successful event in Rochester, the second of the NYDFS 23 NYCRR 500 roadshow events at Phillips Lytle LLP in Buffalo, NY on May 17, 2017 brought together executives, insurance, legal, and security professionals in a great forum to discuss challenges for financial services organizations to meet the new cybersecurity regulations that went into effect on March 1, 2017. A full house heard some practical advice designed to assist entities regulated by the New York Division of Financial Services (NYDFS) comply with the new regulations.
Jennifer Beckage of Phillips Lytle LLP started with her “Survival Guide to Navigating the NYDFS Cybersecurity Regulation”. Jennifer talked about the challenges covered entities face not only developing their own cybersecurity programs, but how those spill over to their service providers. Developing, implementing and monitoring vendor management programs will affect contracts, day-to-day operations and the technology used to secure and control information shared.
The first of the NYDFS 23 NYCRR 500 roadshow events in Rochester, NY on May 16, 2017 was a great success as numerous people from local financial services companies participated in a great forum to help organizations understand how to meet the new cybersecurity regulations that went into effect on March 1, 2017.
The event was held at Harter Secrest & Emery LLP in Rochester and started what will be a continuing series of forums to assist entities regulated by the New York Division of Financial Services (NYDFS) comply with a strict and wide-ranging group of regulations.
On March 1, 2017 new sweeping cybersecurity regulations from the New York State Department of Financial Services (NYDFS) took effect. The NYDFS 23 NYCRR 500 regulations affect thousands of regulated financial institutions that do business in New York as well as thousands of Third Party Service Providers that support those financial institutions, world-wide. The regulations add to the complexity that financial institutions already face in developing and implementing their comprehensive information security programs. They also bring with them challenges and uncertainty as organizations implement new tools and practices designed to protect customer and company information.
In response to this sea-change, Fasoo is sponsoring a roadshow across three major markets in New York (Rochester, Buffalo and NY city) to help affected organizations comply with the new regulations. The highlight of the roadshow will be a keynote by Dr. Larry Ponemon of the Ponemon Institute reviewing a study sponsored by Fasoo to gauge industry readiness and reaction to the new regulations.