News & Events

Check out our press releases, news stories and events we will be at

Blog

Live Webinar: Overcoming Unstructured Data Security and Privacy Choke Points
David Kwag May 27, 2019

Why do so many data loss prevention projects either stall or de-scope? Why with significant industry expenditures in the space do we continue to experience record-breaking instances of data breaches and exfiltration? What are the latest methodologies and technologies security and privacy executives should consider to protect their sensitive data and comply with ever-increasing and pervasive privacy regulations such as GDPR and CCPA.

Join Deborah Kish, former Gartner data security analyst, as she shares insights gleaned from hundreds of sessions with CISO, CIO, CDO, CPO and CCOs to offer an insider’s playbook to implementing an unstructured data security and privacy program. Whether migrating from existing DLP point solutions or wondering where your unstructured data lives today, Deborah will provide a life-cycle perspective as to the best methodologies and how to avoid the pitfalls that have plagued enterprise projects.

Register for this webinar and learn how:

  • A file-centric approach overcomes data leakage shortfalls of traditional approaches and best meets new privacy requirements
  • Aligning data classification with your data protection methods will put your projects on the fast track
  • Automation and integration of discovery, classification, access control and file-based encryption is your best first line defense
Stop Wealth Management Data Breaches
Ron Arden February 13, 2019
Cybersecurity Data breach Data security Insider threat

Encrypt and control sensitive wealth management data

The financial services industry is a frequent target of hackers, but a larger threat may be trusted insiders since they have access to a lot of sensitive customer data.  Advisers within wealth management practices regularly share data with other advisers, staff members, a counterparty or a trusted third-party service provider. They may inadvertently or deliberately share that data with unauthorized people and pose a risk to their firms and customers. Once shared, most firms have no control over that data. The Ponemon Institute illustrates this risk by reporting that 65% of cyber breaches originated with third parties.

Insiders regularly share customer or other sensitive information with colleagues and third-parties by generating and downloading reports from a database. Typically the reports are spreadsheets which make it easy to analyze the data. Access to the database may be restricted, but once in a spreadsheet, the sensitive data is easy to share with anyone.

Fasoo Presents Incident Response Solution
Ron Arden November 28, 2018
Cybersecurity Data breach Data security Insider threat

Bill Blake shows how Wrapsody helps manage an incident response plan Fasoo sponsored and presented at an event in Columbus, OH on November 13, 2018 entitled “Incident Detection, Response and Recovery” highlighting how to prepare and manage an incident response plan for cybersecurity and data protection.  Presented and cosponsored by Catalyst Solutions, IBM and Huntington Insurance, the event brought together experts in legal, insurance, law enforcement, government, accounting and security disciplines to discuss the legal, technical and business issues of preparing for and responding to a data breach.

Bill Blake, Senior Vice President and CCO of Fasoo, presented Incident Response & Recovery: Secure Collaboration for Critical Information which highlighted the Wrapsody platform as a solution to help manage the development, access and control of an incident response plan (IRP).  Bill showed an example of a CISO, Legal Counsel and an external Advisory firm securely collaborating on an IRP and how to control who could access the plan and any supporting documents involved in a response.  The example showed how easy it is to securely collaborate on developing and managing the plan, but also on limiting access prior to, during and after a breach occurs.  Since Wrapsody encrypts documents and controls their access, it guarantees only authorized users can access them.  This is critical because if an incident response plan got into the wrong hands, malicious insiders or external parties could compromise an organization’s data security.

Halting the Threats Within
Ron Arden September 8, 2016
Cybersecurity Data breach Insider threat

Stop Insider Threats from Defeating your BusinessThe headlines today still focus on hackers and other malicious outsiders trying to steal your sensitive data or disrupting your business, but the reality is that insider threats are the biggest challenge to enterprise security.

People with knowledge of your network and systems have a decided advantage when it comes to deliberately or accidentally sharing information with unauthorized users.  Whether it’s a dissatisfied employee looking to make a buck, a retiring worker copying files to take home or a busy executive sending a file to the wrong person, preventing data breaches from privileged insiders can be challenging.

Fasoo and Ponemon Study Reveals Employees Highest Security Risk to Organizations
Ron Arden June 13, 2016
Cybersecurity Data breach Data security Insider threat

Fasoo and Ponemon Study Reveals Employees Highest Security Risk to OrganizationsFasoo just released the results of the security industry’s first look at how confident organizations are about protecting intellectual property and other high value information.  In the latest Ponemon Institute survey titled, “Risky Business: How Company Insiders Put High Value Information at Risk”, 72 percent of organizations are not confident they can manage and control employee access to confidential documents and files.  This study reveals that insiders are the highest security risk to an organization.

The Ponemon Institute surveyed 637 U.S. IT security practitioners familiar with their organization’s approach to protecting data, documents and files against cyberattacks. For the purpose of this research, high value information includes trade secrets, new product designs, merger and acquisition activity, intellectual property, financial data, and confidential business information.

Based on the findings of the research, employees and other insiders often lack the information, conscientiousness and guidance needed to make intelligent decisions about the information they access and share.  Companies are more confident they can stop external attackers from accessing confidential information than their own employees and contractors.  This study should make executives and security professionals think about how they control internal access to sensitive information.

Data-Centric Security and Pulaski County Special School District Data Breach
Ron Arden March 24, 2016
Data breach Data security Insider threat Privacy

Pulaski County Special School District Data BreachThis week news broke about a data breach within the Pulaski County Special School District. The breach resulted in more than 3,000 employee’s personal information being compromised. It is reported that a PCSSD employee was responsible for the compromise of thousands of current and former employees’ personal information and she has resigned from her position as of February 2016. Notices to the individuals impacted by this insider data breach were sent out last week.

The former employee was emailing health insurance and benefits reports to her supervisor, and blind-copying the information to her personal email address. Names, social security numbers, addresses and the cost of the health insurance to the employee were some of the information included in the breached data. The culprit was also identifying who did not have insurance along with their social security numbers. The IT Director at PCSSD commented that this behavior had been going on well over a year before it was discovered .

Healthcare Data Breaches and Flash Drives, Still?
David Kwag August 21, 2015
Data breach

Healthcare Data Breaches and Flash Drives, Still?

Healthcare data breach due to misplaced flash drives seem to be a rising trend as recently another case was reported on August 7, 2015. Lawrence General Hospital in Massachusetts reported that a flash drive was missing. Even though it had very limited patient information, it did include lab testing information such as patient names, lab testing codes and slide identification numbers. Letters to about 2,000 patients were sent out, and have yet to locate the flash drive. According to their website, the misplaced flash drive was “unencrypted”.

How many times have we heard this type of data breach occur and appear on our news feed?

In July, OhioHealth had reported a similar data breach, after discovering that a flash drive had gone missing. Approximately 1,000 patients’ data became vulnerable, and about 30 or so Social Security numbers were compromised. As in the previous mentioned data breach this flash drive was “unencrypted” well. In addition, in South Carolina, a safe containing two flash drives and two hard drives containing EMS patients’ Social Security numbers, patient names and addresses and clinical information were stolen, and you guessed it, the flash drives were unencrypted.

Data Breach Lawsuits Are on the Rise
David Kwag August 17, 2015
Data breach

Data Breach Lawsuits Are on the Rise

With the data breaches increasing and hackers breaking into major companies and stealing customer data at an alarming rate, lawsuits relating to these breaches have been a hot topic. For companies, although facing a catastrophe in terms of brand image, legally they have been shielded from damages. That is until now.

According to a recent article, a recent ruling by the 7th Circuit Court of Appeals reinstated a lawsuit against Neiman Marcus over a 2013 data breach in which hackers stole credit card information from as many as 350,000 customers. The three judges ruling has created a stir in the legal environment because this now lowers the bar for consumers who want to sue over such breaches.

Airlines and Schools, Data Breaches Are Going from Bad to Worse in 2015!
David Kwag August 10, 2015
Data breach

Airlines and Schools, Data Breaches Are Going from Bad to Worse in 2015!

Will the bad news every stop making the headlines? Evidence now indicates that hackers with connections to China were responsible for the recent data breaches at United Airlines, Office of Personnel Management (OPM), and health insurer Anthem. In addition, on July 31, the University of Connecticut (UConn) announced that their engineering school servers were hit by a cyberattack originating from China.

United Airlines, the second-largest airline in the world detected a cyberattack into its computer systems in May of this year after being warned by the FBI and federal investigators. Some of the stolen information includes flight manifests which include names, birthday and travel information. United is one of the biggest contractors with the United States government among airlines and is a gold mine for data on the travel of government officials, military personnel and contractors.