Blog

Fasoo Helps Customers Control Unstructured Data at Gartner Security and Risk Management Summit 2018
Cybersecurity Data breach Insider threat News
Fasoo shows unstructured data security at Gartner SRM 2018

This year at the Gartner Security & Risk Management Summit in National Harbor, MD there was a lot of focus on reducing business risk through improved cybersecurity that focuses on protecting data as users create and share it.  One area of concern to many organizations is how to find and protect sensitive data without impacting how employees and customers work.  Data protection regulations, like GDPR, are making things more complicated, but companies need to balance security with productivity.

At the Fasoo booth, a lot of people talked about issues with combining different technologies that still focus more on protecting the location of data rather than the data itself.  One executive from a manufacturing company talked about how her DLP system can tell them that sensitive documents were shared with external parties, but can’t really control their access or stop them from going out.  This is a common concern as companies use DLP, CASB and other technologies that can’t control access everywhere.

Fasoo Helps Customers with Compliance at Gartner Security and Risk Management Summit 2017
Cybersecurity Data breach Insider threat News

Fasoo helps customers comply with GDPR and NYDFS 23 NYCRR 500This year at the Gartner Security & Risk Management Summit in National Harbor, MD there was a lot of focus on managing and mitigating risk to a business and how to  improve cybersecurity through data-centric protection.  One area of concern to many organizations is how to comply with some of the newer cybersecurity and data protection regulations, like GDPR, as governments are trying to improve customer and business data security.

With all the recent malware, ransomware and data breaches, there was obviously a focus on how to prevent harm to one’s business.  As businesses move more into the realm of digital business, the concept of trust is becoming a larger issue.  If your customers do not trust you with their data, they will be less likely to do business with you.

Fasoo Talks About NYDFS and Cybersecurity at FinCyberSec 2017
Cybersecurity Data breach Insider threat News Print security

Ron Arden Talks About NYDFS and Cybersecurity at FinCyberSec 2017Ron Arden, Executive Vice President and COO of Fasoo, Inc., presented Countdown to Compliance with NYDFS 23 NYCRR 500 during FinCyberSec 2017 at the Stevens Institute of Technology in Hoboken, NJ on May 31, 2017.  Ron was part of a day long event that focused on technical, regulatory, process and human dimensions of cyber threats faced by financial systems and markets.

Dr. Paul Rohmeyer, who organized the conference, started the day with opening remarks that set the stage for how the world of business and cybersecurity has changed in the last year.  With constant attacks, like the WannaCry ransomware attack and the ever changing business and technology landscape, financial services companies have a lot to address as they look to safely promote new business models.

STOP, Collaborate and Listen: Where Employee Vulnerabilities Put Data at Risk
Cybersecurity Data breach Insider threat

Stop, Collaborate and Listen: Where Employee Vulnerabilities Put Data at RiskRon Arden, Executive Vice President and COO of Fasoo, Inc., recently drafted a byline for InfoSec Island that highlights the risks employees pose in their most natural environment – the office – through collaboration with their co-workers.  Email, instant messages, file transfers, and digital downloads can all expose vulnerabilities to an organization’s high-value data yet in an office environment these tasks are constantly happening.  These behaviors can put sensitive data at risk.

Some organizations may become distracted, always trying to defend themselves against the “bad guys,” and forget to keep an eye on their own flock. Executive leadership should ask themselves: do our employees access files containing high-value information? If so, how often and what are they doing with these files? Should they even be allowed to access the files in the first place?

Sometimes Employees Are Just As Much of a Risk as Malicious Attackers
Cybersecurity Data breach Insider threat

US House Recommends 'Zero-Trust' Model for Insider Data AccessData from our Ponemon study, “Risky Business: How Company Insiders Put High Value Information at Risk,” was recently cited in Tara Seal’s Infosecurity Magazine article, “US House Recommends ‘Zero-Trust’ Model for Insider Data Access.” The article referenced the statistic that 72 percent of surveyed organizations are not confident in their ability to manage or control employee access to confidential documents and files. This leads to the actions of careless employees being the primary cause of data breaches, rather than malicious attackers.

The US House has recommended that federal agencies invoke a “zero-trust” system to keep personal, confidential data out of the hands of foreign attackers . The House views government employees as just as big a risk to their organizations as they do malicious attackers — a consideration that all organizations would benefit from adopting. While “zero-trust” sounds a bit harsh, there are multiple ways that these federal agencies can implement security measures to reduce the employee risk they fear so much.

EU-US Privacy Shield and the Future of Data Protection
Data breach Insider threat Privacy

EU-US Privacy Shield and the Future of Data ProtectionThe European Commission adopted the EU-US Privacy Shield on July 12, 2016 as a replacement for the Safe Harbor rules that were overturned by the European Court of Justice in October 2015.  This new framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States as well as bringing legal clarity for businesses relying on transatlantic data transfers.

The new EU-US Privacy Shield is an example of stronger privacy and security frameworks that affect US and European businesses as they collect, manage and share personal data.  Ensuring the security of personal information, no matter its location, is no longer a technology issue.  This is a business and trade issue.  If I am a US company and want to do business online or in person with businesses and citizens of the EU, I must guarantee that sensitive personal data is always under my control and that only authorized people can access it.

Common Headline in 2015: Healthcare Data Breach
Data breach

Common Headline in 2015: Healthcare Data Breach

How many more data breaches can patients take? This could ultimately be the question based on last year and this year’s surge of healthcare data breaches. Once again, the personal health information of 3,000 people was leaked after a data breach at a Georgia program that offers services for seniors. The breach included the health diagnoses of people in the Community Care Services Program.

What was the cause? An email was mistakenly sent to a “contracted provider”.