Blog

IP Protection Over Workflows? “People don’t want their productivity to dip”
Cybersecurity Insider threat IP Theft Secure collaboration Sensitive Unstructured Data

Image shows a screenshot (top left), Hillary Fehr (GE), and Chris Babie (GE) of the IP Protection Fireside Chat: Fasoo's Ron ArdenHow to stop intellectual property leakage and theft in manufacturing?

That was the topic of a discussion hosted by Fasoo at the 2021 Apex Assembly Tech Leaders Northeast Summit. CTO Ron Arden spoke with Hillary Fehr, Senior Cyber Security Researcher with GE Gas Power, and Chris Babie, Staff Cyber Security Researcher with GE Gas Power, about the challenges of IP protection in the manufacturing enterprise. 

In Part 1 of this conversation, IP Protection: “We need a tool with a wider scope”, we focused on how to protect sensitive CAD files, 3D-PDFs and other PDF file formats, in addition to the wide variety of Microsoft Office and other documents typically found in innovation-driven manufacturing companies.

In this post, Ron, Hillary and Chris zoom in on additional insider threats and risks introduced through the rise of the cloud and the rapid shift to work-from-home due to COVID-19.

What advice do the GE security researchers have for IT leaders in manufacturing companies looking to update their document protection program? Find out in Part 2 of the conversation:

*

Fasoo Was Busy In October Showing Data Security Solutions
Cybersecurity Data breach Data security Insider threat

Fasoo Had a Busy Month in October Showing Data Security SolutionsThe month of October was very busy for Fasoo as we were all over the US talking to people about data-centric security and how it is the best solution to protect your sensitive information from insider threats and external hackers (APTs).

We started the month by attending the Rochester Security Summit in Rochester, NY.  This two-day event brought together executives and technical staff from numerous organizations in the Rochester area to share intelligence on how to protect their businesses from cyber attacks.  Fasoo was part of a vendor pavilion with our partner Brite Computers showing attendees how to protect data localized from databases, files downloaded from content management systems and those shared through the cloud and on mobile devices.  Ron Arden, Vice President – North America, presented to a packed room on “Closing the Threat Gap: A 21st Century Approach to Minimizing Risk” as part of the Threat Landscape track at the event.

Data Breaches on Record Pace for 2015?
Data breach

Data Breaches on Record Pace for 2015?

Earlier this month, an article recorded that data breaches in 2015 are on pace to break records both in the number of breaches and records exposed. In 2014, the numbers of US data breaches tracked by the Identity Theft Resource Center hit a record high of 783, with about 86 million confirmed records exposed. So far this year, as of June 30, the number of breaches reached 400 and additionally, about 118 million records had been confirmed to be at risk.

We all have heard about the government data breaches that have reached the headlines but in addition to those, some other major data breaches which have exposed more than 92,000 people’s personal information are three separate organizations in very different industries. Florida’s Orlando Health, California’s Cuesta College and Michigan’s Firekeepers Casino recently acknowledged data breaches.

New Trend: Healthcare Data Breaches
Data breach

New Trend: Healthcare

I don’t know how much more we can continue talking about healthcare data breaches. This is again a multi week of data breaches in the healthcare industry, and again over and over. With Anthem Inc. and then again with Premera Blue Cross, and Advantage Dental, all announced they had data breaches, however nothing about if there data was encrypted.

How can 80 million and then 11 million then finally 150,000 patient records all in a month or so get exposed? Have we become so sure that we will not be a target to hackers and insider threats? The question now is not if, but when will a data breach happen. This is even more common in the healthcare industry.

 

When Data Breaches Come from Within
Data breach Insider threat

When Data Breaches Come from Within

Insider threats still remain to be a higher concern for business not only in the United States, but around the world. Businesses are more than ever expected to maintain or increase their data security and data protection budgets to mitigate the risk of insider threats. When we look at business today, more than 93% of U.S. respondents to a survey say the feel vulnerable to insider attacks. There is no doubt that those that come from within in a business pose the most threats.

Nowadays, preventing data breaches have become the one of the highest priority for IT security spending and based on recent headlines, the cloud and databases are the most at risk. Unfortunately, it is only until after an organization experiences a data breach or fails a compliance audit, do organizations “play catch-up” to secure the their sensitive data. Privileged users still remain the greatest threat, but contractors and service provide, along with business partners still pose a threat within the inside. Whether it is malicious or unintentional, the fact that sensitive information remains unprotected even with all these headlines is beyond any consumer’s guess.

Bigger Problem than Compliance?
Data security

Bigger Problem than Compliance? The answer? Data Protection! Although compliance has always topped data breach protection, this year, preventing data breaches and protecting intellectual property are all considered more important in driving data protection. However, it is both of these together that makes a data breach protection solution so robust.

Meeting and demonstrating compliance is the start to a more secure organization. Last year in particular with the spike in data breaches caused by the theft or loss of sensitive information pushed the government to push for numerous legislative requirements and standards-based protocols from NIST (National Institute of Standards and Technology).

Federal government agencies are required to follow endpoint security obligations and protocols and even more so with national security agencies who communicate classified information.

Is Data Encryption the Answer?
Data security

Is Data Encryption the Answer

Organizations are beginning to contemplate what the best solution is to prevent data breaches from happening to them. Recently the NCUA experienced a data breach when an examiner lost a flash drive with member’s personal information. Soon after NCUA Board Chairman, Debbie Matz contemplated a rule that would require encryption of the data.

Matz said it right though when referring that, “That’s a very fundamental thing to do, to make sure that if the data is lost or stolen that members’ confidential information is protected.”

Insider Threats: Are You Prepared?
Insider threat

Insider Threats: Are You Prepared?It’s December and we are thinking there can’t be anymore insider threats this year, right? Wrong. From the past two weeks, we’ve had an ex-employee charged with accessing boss’s emails, laptop with patient health information (PHI) stolen from an employee’s car, former family center employee accessed a database of personally identifiable information (PII) and lastly an examiner for a national association lost a flash drive containing PII of members of a $13 million federal credit union during a recent exam.

Just from this list which only contains insider data breaches from one week and in December, we can definitely say that these following organizations were not prepared for insider threats. However, some may think, how can we be prepared from these kinds of threats? Also some strategies after these kinds of breaches have been to plan how and when we will notify our customers. Even more so, people have thought that their security policies and procedures have been sufficient enough. However, as we constantly say, protecting the data itself is what prevents these kinds of data breaches from happening.

Insider Threats Continue in the Health Care Industry for 2014
Insider threat

Insider Threats Continue in the Health Care Industry for 2014

We are in the last month of 2014, and we continue to hear about insider threats in the healthcare industry. In a recent headline, a hospital in Cleveland, Ohio reported that an employee improperly accessed medical and personal information of about 700 patients over a three-year period. The employee breached the hospital system’s electronic medical records, and was able to access names, home addresses, phone numbers, email addresses, medical and health insurance account numbers and other patient personally identifiable information.