Data security and privacy

Secure data storage, data loss prevention and encryption are must-have components of any enterprise security strategy, especially as data threats and breaches become increasingly common. Get advice on these topics, along with the latest data security strategies, data backup and recovery info, and more.

Top Stories

Tip 19 Nov 2024
Biometric privacy and security challenges to know

Fingerprints and facial scans can make identity access more convenient than passwords, but biometric tools present significant ethical and legal challenges. Continue Reading
By
- Mary K. Pratt
News 15 Nov 2024
MFA required for AWS Organizations member accounts in 2025

AWS is one of several cloud providers that will implement MFA requirements over the next year, with other relevant names including Google Cloud and Microsoft Azure. Continue Reading
By
- Alexander Culafi, Senior News Writer

Feature 17 Jul 2024
The CDK Global outage: Explaining how it happened

CDK Global was hit with a ransomware attack affecting thousands of U.S. auto dealerships. Keep reading to learn more about this attack and how it affected the industry. Continue Reading
By
- Sean Michael Kerner
Feature 17 Jul 2024
How to detect AI-generated content

AI- or human-generated? To test their reliability, six popular generative AI detectors were asked to judge three pieces of content. The one they got wrong may surprise you. Continue Reading
By
- Ron Karjian, Industry Editor
Podcast 16 Jul 2024
Risk & Repeat: AT&T's Snowflake database breached

AT&T disclosed a breach in which threat actors compromised the company's Snowflake instance and stole call and text records from 'nearly all' the company's cellular customers. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 12 Jul 2024
Why does data privacy matter in marketing?

Marketers frequently use customer data for their strategies. They must properly secure that information, so they comply with privacy laws and customers trust the business. Continue Reading
By
- Griffin LaFleur, Swing Education
News 12 Jul 2024
AT&T breach affects 'nearly all' customers' call, text records

Fallout from the attacks on Snowflake customers continues as AT&T is the latest victim organization to disclose a data breach stemming from a compromised cloud instance. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 09 Jul 2024
Risk & Repeat: Hacks, lies and LockBit

Months after an international law enforcement effort disrupted the notorious ransomware-as-a-service operation, LockBit falsely claimed that it breached the U.S. Federal Reserve. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 09 Jul 2024
Top 10 customer data privacy best practices

To ensure customer data remains secure and inaccessible to bad actors, organizations should implement best practices such as frequent data audits and employee trainings. Continue Reading
By
- Sandra Mathis, Microsoft
Tip 09 Jul 2024
Use these 6 user authentication types to secure networks

One layer of security that all networks and applications need is authentication. Read up on six authentication types, from 2FA to biometrics to certificates. Continue Reading
By
- Kyle Johnson, Technology Editor
News 08 Jul 2024
Ransomware hits CDK Global, public sector targets in June

The prevalent threat continued to cause disruptions last month as city halls were forced to close and auto dealerships faced downstream effects after an attack against CDK Global. Continue Reading
By
- Arielle Waldman, News Writer
Definition 05 Jul 2024
What is a cyber attack? How they work and how to stop them

A cyber attack is any malicious attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Mary K. Pratt
Video 03 Jul 2024
The importance of compliance officers

Compliance officers ensure a company follows both its internal rules as well as external laws from the government. Continue Reading
By
- Sabrina Polin, Managing Editor
Feature 02 Jul 2024
8 benefits of a modern contact center

Contact centers and their multifunctional capabilities can provide businesses with a competitive edge through improved agent performance, customer engagement and brand loyalty. Continue Reading
By
- Stephen J. Bigelow, Senior Technology Editor
News 01 Jul 2024
Critical OpenSSH vulnerability could affect millions of servers

Exploitation against CVE-2024-6387, which Qualys nicknamed 'regreSSHion,' could let attackers bypass security measures and gain root access to vulnerable servers. Continue Reading
By
- Arielle Waldman, News Writer
Feature 01 Jul 2024
A timeline and history of blockchain technology

Riding the back of volatile cryptocurrencies, blockchain's trek has been raucous since 2009, but the technology's roots are much deeper and applications much richer than Bitcoin. Continue Reading
By
- Ron Karjian, Industry Editor
- Robert Sheldon
Tip 25 Jun 2024
EDR vs. antivirus: What's the difference?

Endpoint detection and response and antivirus tools both protect enterprise networks, and both have distinct advantages. Which is better for your organization? Continue Reading
By
- Ravi Das, ML Tech Inc.
Definition 21 Jun 2024
personally identifiable information (PII)

Personally identifiable information (PII) is any data that could potentially identify a specific individual. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Corinne Bernstein
Podcast 18 Jun 2024
Risk & Repeat: Microsoft under fire again over Recall

Microsoft made changes to its AI-driven Recall feature, but that didn't stop Congress from grilling company president Brad Smith during a House committee hearing. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 18 Jun 2024
EPAM denies link to Snowflake customer attacks

EPAM, a Belarusian software company, said an investigation found no evidence that it was connected to recent attacks against Snowflake customer databases. Continue Reading
By
- Arielle Waldman, News Writer
News 14 Jun 2024
Veeam executives discuss data protection trends, future IPO

Data protection trends include securing backups and planning for ransomware recovery. Veeam executives discuss these keys, plus why the 'data resilience company' can go public. Continue Reading
By
- Paul Crocetti, Executive Editor
News 14 Jun 2024
Security pros grade Apple Intelligence data privacy measures

Apple has built a Private Cloud Compute server to process and then delete data sent from Apple Intelligence running on an iPhone, iPad or Mac. Apple says it won't store any data. Continue Reading
By
- Antone Gonsalves, News Director
News 13 Jun 2024
Microsoft's Recall changes might be too little, too late

Criticism of Microsoft's Recall feature continues even after the software giant announced several updates to address concerns from the infosec community. Continue Reading
By
- Arielle Waldman, News Writer
News 12 Jun 2024
AWS touts security culture, AI protections at re:Inforce 2024

AWS executives highlighted the company's longstanding security, which evoked comparisons to its chief cloud rival Microsoft and the recent Cyber Safety Review Board report. Continue Reading
By
- Rob Wright, Senior News Director
Definition 12 Jun 2024
privacy impact assessment (PIA)

A privacy impact assessment (PIA) is a method for identifying and assessing privacy risks throughout the development lifecycle of a program or system. Continue Reading
By
- Cameron Hashemi-Pour, Site Editor
- Paul Kirvan
- Ben Cole, Executive Editor
Answer 12 Jun 2024
Zero trust vs. defense in depth: What are the differences?

Security administrators don't have to choose between zero-trust and defense-in-depth cybersecurity methodologies. Learn how the two frameworks complement each other. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Definition 11 Jun 2024
digital profiling

Digital profiling is the process of gathering and analyzing information about an individual that exists online. Continue Reading
By
- Katie Terrell Hanna
News 06 Jun 2024
Ransomware ravaged schools and cities in May

The public sector took the brunt of ransomware in May, while another damaging attack against a healthcare company disrupted patient access to pharmacy services. Continue Reading
By
- Arielle Waldman, News Writer
Definition 06 Jun 2024
data splitting

Data splitting is when data is divided into two or more subsets. Typically, with a two-part split, one part is used to evaluate or test the data and the other for training the model. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
Podcast 05 Jun 2024
Risk & Repeat: Sorting out Snowflake's security mess

This podcast episode discusses the recent attacks against Snowflake customers and a controversial report that claimed the cloud storage and analytics giant had been breached. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 05 Jun 2024
Veeam backup and security updates include cloud vault, copilot

Veeam products and services in the spotlight at the VeeamON 2024 user conference included secure backups in the cloud, a generative AI assistant and a new offering with Lenovo. Continue Reading
By
- Paul Crocetti, Executive Editor
Answer 05 Jun 2024
Reporting ransomware attacks: Steps to take

The Cybersecurity and Infrastructure Security Agency and FBI recommend reporting ransomware attacks to the authorities as soon as possible. This expert advice outlines the process. Continue Reading
By
- Kyle Johnson, Technology Editor
News 03 Jun 2024
Mandiant: Ransomware investigations up 20% in 2023

The cybersecurity company observed a sharp rise in activity on data leak sites in 2023 as well as an increase in ransomware actors using legitimate commercial tools during attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 03 Jun 2024
Snowflake: No evidence of platform breach

Snowflake on Saturday issued a joint statement with third-party investigators Mandiant and CrowdStrike denying reports that its platform had been breached. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 31 May 2024
Threat actor compromising Snowflake database customers

A threat actor tracked as UNC5537 is using stolen credentials against Snowflake database customers to conduct data theft and extortion attacks, cloud security firm Mitiga said. Continue Reading
By
- Alexander Culafi, Senior News Writer
Opinion 30 May 2024
Dell Technologies World was all about AI; what about security?

At Dell Technologies World 2024, Dell made it crystal clear that it is all-in on AI, but the company must also emphasize the importance of cybersecurity. Continue Reading
By
- Dave Gruber, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Feature 29 May 2024
Why healthcare data is often the target of ransomware attacks

The healthcare industry relies heavily on IT systems. Sensitive patient data is valuable to hackers, leading to ransomware attacks that disrupt operations and endanger lives. Continue Reading
By
- Sean Michael Kerner
News 23 May 2024
CISA executive director discusses CIRCIA, incident reporting

CISA Executive Director Brandon Wales speaks with TechTarget Editorial to discuss CIRCIA and the importance of incident reporting to the larger cybersecurity ecosystem. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 May 2024
CyberArk to acquire Venafi from Thoma Bravo for $1.5B

CyberArk said it intends to help enterprises with the growing number of machine identities, which the company said surpasses human identities by a ratio of 40 to 1. Continue Reading
By
- Arielle Waldman, News Writer
Definition 17 May 2024
hashing

Hashing is the process of transforming any given key or a string of characters into another value. Continue Reading
By
- Kinza Yasar, Technical Writer
- Andrew Zola
Tip 17 May 2024
SharePoint vs. Box: What's the difference?

SharePoint and Box both help users manage and store content. Yet, to choose the right tool, organizations should first consider their integration and security requirements. Continue Reading
By
- Christine Campbell, The Alpha Content Company
Tip 17 May 2024
An overview of storage encryption for enterprises

The constantly increasing data volumes and locations -- plus the number of security threats -- should push enterprise storage strategies to include strong encryption. Continue Reading
By
- Julia Borgini, Spacebarpress Media
News 16 May 2024
What LockBitSupp charges mean for ransomware investigations

At RSA Conference 2024, Recorded Future's Allan Liska discussed evolving ransomware trends and how authorities recently exposed the LockBit ransomware group ringleader. Continue Reading
By
- Arielle Waldman, News Writer
Feature 15 May 2024
Lessons learned from high-profile data breaches

Equifax. Colonial Pipeline. Sony. Target. All are high-profile data breaches, and all offer key lessons to learn that prevent your organization from falling victim to an attack. Continue Reading
By
- Sharon Shea, Executive Editor
Podcast 15 May 2024
Risk & Repeat: Recapping RSA Conference 2024

Artificial intelligence was center stage at RSA Conference 2024, but the show also focused on secure-by-design principles, the ransomware landscape and more. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 15 May 2024
Common Vulnerability Scoring System (CVSS)

The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity and characteristics of security vulnerabilities in information systems. Continue Reading
By
- Kinza Yasar, Technical Writer
- Alexander S. Gillis, Technical Writer and Editor
- Madelyn Bacon, TechTarget
Tip 14 May 2024
RSAC panel debates confidence in post-quantum cryptography

The Cryptographers' Panel at RSAC offered opinions on their confidence in PQC following the release of a paper questioning lattice-based encryption's viability. Continue Reading
By
- Kyle Johnson, Technology Editor
News 09 May 2024
Dell 'security incident' might affect millions

Dell notified customers that a company portal connected to customer data exposed orders, names and addresses, while reports indicate the data is now up for sale on the dark web. Continue Reading
By
- Tim McCarthy, News Writer
News 08 May 2024
National Security Agency warns against paying ransoms

Rob Joyce and David Luber, former and current directors of cybersecurity at the NSA, discuss how the ransomware attack on Change Healthcare exemplified the cons of paying ransoms. Continue Reading
By
- Arielle Waldman, News Writer
Definition 08 May 2024
Digital Personal Data Protection Act, 2023

India's Digital Personal Data Protection Act, 2023 (DPDPA) is a comprehensive privacy and data protection law that recognizes the right of individuals, referred to as "data principals," to protect their personal data during the processing of that data for lawful purposes. Continue Reading
By
- George Lawton
News 07 May 2024
Authorities identify, sanction LockBit ransomware ringleader

After weeks of waiting, authorities in the U.S., the U.K. and Australia publicly identified 'LockBitSupp,' the mysterious operator behind the prolific LockBit ransomware gang. Continue Reading
By
- Rob Wright, Senior News Director
News 06 May 2024
IBM study shows security for GenAI projects is an afterthought

IBM's survey of C-suite executives finds that 82% say trustworthy and secure AI are essential, but only 24% have a security component included in their GenAI projects. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 02 May 2024
What is the dark web (darknet)?

The dark web is an encrypted portion of the internet not visible to the general public via a traditional search engine such as Google. Continue Reading
By
- Rahul Awati
- Katie Terrell Hanna
Feature 02 May 2024
What is a data protection officer (DPO) and what do they do?

Today's DPO must juggle technical, legal and collaborative skills in the shadow of more sophisticated data breaches, tougher data privacy laws and generative AI deployments. Continue Reading
By
- George Lawton
News 02 May 2024
Dropbox discloses data breach involving Dropbox Sign

A threat actor accessed Dropbox Sign customer names, emails, hashed passwords, API keys, OAuth tokens, multifactor authentication information and other data. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 02 May 2024
What is PCI DSS (Payment Card Industry Data Security Standard)?

The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information. Continue Reading
By
- Nick Barney, Technology Writer
Definition 02 May 2024
What is Data Encryption Standard (DES)?

Data Encryption Standard (DES) is an outdated symmetric key method of data encryption. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
- Michael Cobb
News 01 May 2024
Verizon DBIR: Vulnerability exploitation in breaches up 180%

Verizon said it examined approximately twice as many breaches for the 2024 Data Breach Investigations Report -- 10,626 out of 30,458 total tracked incidents. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 01 May 2024
Federal Information Security Modernization Act (FISMA)

): The Federal Information Security Modernization Act (FISMA) is United States legislation that defines a framework of guidelines and security standards to protect government information technology operations from cyberthreats. Continue Reading
By
- Paul Kirvan
- Alexander S. Gillis, Technical Writer and Editor
Conference Coverage 01 May 2024
RSA Conference 2024 focuses on collaboration, resilience

Follow TechTarget Security's RSAC 2024 guide for pre-conference insights and the most pressing presentations and breaking news at the world's biggest infosec event. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 30 Apr 2024
Understanding Microsoft 365 GCC High and other licenses

Government organizations should turn to the variety of dedicated services that Microsoft offers to deliver familiar productivity services to users with highly secured data. Continue Reading
By
- Helen Searle-Jones, Tritech Group
News 30 Apr 2024
Change Healthcare breached via Citrix portal with no MFA

UnitedHealth Group CEO Andrew Witty's opening statement for Wednesday's congressional hearing shed more light on the ransomware attack against Change Healthcare. Continue Reading
By
- Arielle Waldman, News Writer
News 25 Apr 2024
Risk & Repeat: Change Healthcare's bad ransomware bet

This Risk & Repeat podcast discusses Change Healthcare's ransomware attack and the apparent further spread of sensitive data despite the company paying a ransom. Continue Reading
By
- Alexander Culafi, Senior News Writer
- Rob Wright, Senior News Director
News 25 Apr 2024
Cisco zero-day flaws in ASA, FTD software under attack

Cisco revealed that a nation-state threat campaign dubbed 'ArcaneDoor' exploited two zero-day vulnerabilities in its Adaptive Security Appliance and Firepower Threat Defense products. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 23 Apr 2024
U.S. cracks down on commercial spyware with visa restrictions

The move marks the latest effort by the U.S. government to curb the spread of commercial spyware, which has been used to target journalists, politicians and human rights activists. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 23 Apr 2024
Creating a patch management policy: Step-by-step guide

A comprehensive patch management policy is insurance against security vulnerabilities and bugs in networked hardware and software that can disrupt your critical business processes. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 22 Apr 2024
Mitre breached by nation-state threat actor via Ivanti flaws

An unnamed nation-state threat actor breached Mitre through two Ivanti Connect Secure zero-day vulnerabilities, CVE-2023-46805 and CVE-2024-21887, disclosed earlier this year. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 22 Apr 2024
chief privacy officer (CPO)

A chief privacy officer (CPO) is a corporate executive charged with developing and implementing policies designed to protect employee and customer data from unauthorized access. Continue Reading
By
- Katie Terrell Hanna
Tip 19 Apr 2024
7 steps to create a data loss prevention policy

Data loss prevention is an ever-changing process of proactive and reactive protection and planning. Read on to learn how to set up a successful DLP policy. Continue Reading
By
- Donald Farmer, TreeHive Strategy
News 19 Apr 2024
CISA: Akira ransomware extorted $42M from 250+ victims

The Akira ransomware gang, which utilizes sophisticated hybrid encryption techniques and multiple ransomware variants, targeted vulnerable Cisco VPNs in a campaign last year. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 18 Apr 2024
3 Keycloak authorization strategies to secure app access

Keycloak, an open source IAM tool, offers authorization methods, including RBAC, GBAC and OAuth 2.0, that limit what users can access. Continue Reading
By
- Kyle Johnson, Technology Editor
- Packt Publishing
Opinion 18 Apr 2024
Optimize encryption and key management in 2024

Enterprise Strategy Group research highlighted the encryption challenges enterprises face, including lack of encryption, cryptographic infrastructure inadequacies and more. Continue Reading
By
- Todd Thiemann, Senior Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 12 Apr 2024
CISA: Midnight Blizzard obtained federal agency emails

CISA ordered U.S. federal agencies to reset any credentials exposed by Midnight Blizzard's breach against Microsoft and notify CISA in the case of a known or suspected compromise. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 11 Apr 2024
7 principles of the GDPR explained

The GDPR's seven data protection principles on the lawful processing of data are directly influencing the way businesses collect, store, erase and monetize personal information. Continue Reading
By
- George Lawton
News 11 Apr 2024
CISA discloses Sisense breach, customer data compromised

CISA is investigating a breach of data analytics vendor Sisense that may have exposed customers' credentials and secrets and could impact critical infrastructure organizations. Continue Reading
By
- Arielle Waldman, News Writer
Feature 11 Apr 2024
AI and GDPR: How is AI being regulated?

Amid data privacy issues spawned by proliferating AI and generative AI applications, GDPR provisions need some updating to provide businesses with more specific AI guidelines. Continue Reading
By
- George Lawton
Opinion 10 Apr 2024
Identity, data security expectations for RSA Conference 2024

Security practitioners can expect to hear about key issues at this year's RSA Conference, including identity and data security, AI and DSPM. Continue Reading
By
- Todd Thiemann, Senior Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Definition 10 Apr 2024
cryptanalysis

Cryptanalysis is the study of ciphertext, ciphers and cryptosystems to understand how they work and to find and improve techniques for defeating or weakening them. Continue Reading
By
- TechTarget Contributor
Answer 09 Apr 2024
How do companies protect customer data?

Companies can protect customer data through various technical tools and strategies, like authentication and encryption. But some types of data need more protection than others. Continue Reading
By
- Sandra Mathis, Microsoft
News 08 Apr 2024
Flaws in legacy D-Link NAS devices under attack

Internet scans show threat actors are targeting CVE-2024-3273 in thousands of end-of-life D-Link NAS devices, and exploitation requires no authentication. Continue Reading
By
- Arielle Waldman, News Writer
Definition 08 Apr 2024
backup storage device

A backup storage device is a hardware component for storing copies of data. Continue Reading
By
- Robert Sheldon
- Kinza Yasar, Technical Writer
- Garry Kranz
Podcast 05 Apr 2024
Risk & Repeat: Cyber Safety Review Board takes Microsoft to task

This podcast episode discusses the Cyber Safety Review Board's report on Microsoft and its conclusion that the software giant must overhaul its security culture. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 04 Apr 2024
Thought leaders tips to obtain a secure cloud environment

Securing the cloud ecosystem is a multifaceted endeavor requiring both strategy and cooperation. Learn best practices and practical advice from leading speakers in this space. Continue Reading
By
- Alicia Landsberg, Senior managing Editor
News 04 Apr 2024
Ransomware attacks ravaged municipal governments in March

Many municipalities across the U.S. faced network outages, data breaches and large ransom demands following a flurry of ransomware attacks last month. Continue Reading
By
- Arielle Waldman, News Writer
Tip 04 Apr 2024
Data protection vs. data backup: How are they different?

They might be viewed as separate functions, but data backup should be part of an overall data protection strategy to thwart ransomware and comply with stringent privacy laws. Continue Reading
By
- Kathleen Richards
Tip 03 Apr 2024
How to conduct a data privacy audit, step by step

The vital importance of a data privacy audit can't be underestimated in today's climate of proliferating customer data, more stringent regulations and sophisticated cyber threats. Continue Reading
By
- Jerald Murphy, Nemertes Research
News 03 Apr 2024
Trend Micro: LockBit ransomware gang's comeback is failing

LockBit is struggling to resume operations in part due to the name-and-shame aspect of the international law enforcement operation responsible for the gang's disruption. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 01 Apr 2024
6 business benefits of data protection and GDPR compliance

Complying with GDPR and avoiding severe fines is a primary goal of businesses, but the data governing principles and security tools to achieve compliance yield systemic benefits. Continue Reading
By
- Chris Tozzi
Definition 28 Mar 2024
sensitive information

Sensitive information is data that must be protected from unauthorized access to safeguard the privacy or security of an individual or organization. Continue Reading
By
- Nick Barney, Technology Writer
Feature 28 Mar 2024
11 core elements of a successful data protection strategy

Your organization's data protection strategy might not include all 11 core elements and associated activities, but the important thing is to have a comprehensive strategy in place. Continue Reading
By
- Paul Kirvan
News 27 Mar 2024
Flashpoint observes 84% surge in ransomware attacks in 2023

The threat intelligence vendor anticipates that enterprises will continue to face increases in ransomware activity and data breaches in 2024, with some silver linings ahead. Continue Reading
By
- Arielle Waldman, News Writer
Feature 26 Mar 2024
6 data privacy challenges and how to fix them

Fragmented data protection laws, technology disruptions, AI adoption, data governance and consumer trust are among the complex issues confronting businesses in need of remedies. Continue Reading
By
- Jeff McCormick
Opinion 26 Mar 2024
Top 6 data security posture management use cases

Data security posture management is a top 10 security issue for 2024, according to research. Check out the top six use cases for DSPM and weigh in on other possibilities. Continue Reading
By
- Todd Thiemann, Senior Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tip 22 Mar 2024
Data protection impact assessment template and tips

Conducting a data protection impact assessment is key to evaluating potential risk factors that could pose a serious threat to individuals and their personal information. Continue Reading
By
- Paul Kirvan
News 22 Mar 2024
'GoFetch' attack spells trouble for Apple M-series chips

Academic researchers discovered a hardware optimization feature called 'data memory-dependent prefetcher' could be abused to extract secret encryption keys from vulnerable systems. Continue Reading
By
- Rob Wright, Senior News Director
News 21 Mar 2024
NCC Group: Ransomware attacks jump 73% in February

While NCC Group expected an increase in ransomware attacks from January to February, year-over-year data showed just how persistent the threat is to enterprises. Continue Reading
By
- Arielle Waldman, News Writer
Tip 20 Mar 2024
U.S. data privacy protection laws: 2024 guide

Concerns about how personal data is processed and stored is leading to the passage of new privacy regulations that govern how companies handle consumer data. Continue Reading
By
- Paul Kirvan
Podcast 19 Mar 2024
Risk & Repeat: Microsoft's Midnight Blizzard mess

This podcast episode discusses the latest disclosure from Microsoft regarding Midnight Blizzard, which accessed internal systems, source code and some cryptographic secrets. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 19 Mar 2024
How to manage third-party risk in the cloud

Third parties, including CSPs, remain a weak point in the supply chain. Adding CSPs into your organization's third-party risk management processes is crucial. Continue Reading
By
- Dave Shackleford, Voodoo Security
Feature 15 Mar 2024
The importance of ethics in information management

Advancements in data collection and processing may tempt information management professionals to use as much customer data as possible. Yet, more data use means less privacy. Continue Reading
By
- Tim Murphy
- Kogan Page
Definition 14 Mar 2024
cloud encryption

Cloud encryption is a service cloud storage providers offer whereby a customer's data is transformed using encryption algorithms from plaintext into ciphertext and stored in the cloud. Continue Reading
By
- Cameron Hashemi-Pour, Site Editor
- Michael Cobb
- Rachel Kossman, TechTarget
Podcast 13 Mar 2024
Risk & Repeat: CISA hacked via Ivanti vulnerabilities

The compromise of two internal CISA systems comes on the heels of ongoing attacks and developments related to two zero-day vulnerabilities Ivanti disclosed in January. Continue Reading
By
- Alexander Culafi, Senior News Writer